Submitted URL: https://billing.ipgod.org/
Effective URL: https://billing.ipgod.org/setup
Submission: On May 15 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 9 HTTP transactions. The main IP is 178.63.252.145, located in Germany and belongs to HETZNER-AS, DE. The main domain is billing.ipgod.org.
TLS certificate: Issued by R3 on May 15th 2022. Valid for: 3 months.
This is the only time billing.ipgod.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 178.63.252.145 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 4
Apex Domain
Subdomains
Transfer
8 ipgod.org
billing.ipgod.org
58 KB
1 gstatic.com
fonts.gstatic.com
17 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
9 3
Domain Requested by
8 billing.ipgod.org 1 redirects billing.ipgod.org
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com billing.ipgod.org
9 3

This site contains links to these domains. Also see Links.

Domain
www.invoiceninja.com
invoiceninja.github.io
Subject Issuer Validity Valid
billing.ipgod.org
R3
2022-05-15 -
2022-08-13
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh

This page contains 1 frames:

Primary Page: https://billing.ipgod.org/setup
Frame ID: F977FFA83C5F5DCBE36495DFF4009E5B
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Setup — Invoice Ninja

Page URL History Show full URLs

  1. https://billing.ipgod.org/ HTTP 302
    https://billing.ipgod.org/setup Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+
  • /alpine(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js

Page Statistics

9
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

75 kB
Transfer

235 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://billing.ipgod.org/ HTTP 302
    https://billing.ipgod.org/setup Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request setup
billing.ipgod.org/
Redirect Chain
  • https://billing.ipgod.org/
  • https://billing.ipgod.org/setup
21 KB
4 KB
Document
General
Full URL
https://billing.ipgod.org/setup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.252.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.252.63.178.clients.your-server.de
Software
nginx /
Resource Hash
2a66ebe8a9ee4bb45b9a6abec38650ca7e215e54ae260cb8c60b5bca55866db1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-API-PASSWORD-BASE64,X-API-COMPANY-KEY,X-API-SECRET,X-API-TOKEN,X-API-PASSWORD,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-CSRF-TOKEN,X-XSRF-TOKEN,X-LIVEWIRE
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
X-APP-VERSION,X-MINIMUM-CLIENT-VERSION
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 15 May 2022 17:14:42 GMT
server
nginx
strict-transport-security
max-age=15768000;
vary
Accept-Encoding
x-app-version
5.3.88
x-minimum-client-version
5.0.16

Redirect headers

access-control-allow-headers
X-API-PASSWORD-BASE64,X-API-COMPANY-KEY,X-API-SECRET,X-API-TOKEN,X-API-PASSWORD,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-CSRF-TOKEN,X-XSRF-TOKEN,X-LIVEWIRE
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
X-APP-VERSION,X-MINIMUM-CLIENT-VERSION
cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Sun, 15 May 2022 17:14:42 GMT
location
https://billing.ipgod.org/setup
server
nginx
strict-transport-security
max-age=15768000;
x-app-version
5.3.88
x-minimum-client-version
5.0.16
app.js
billing.ipgod.org/js/
30 KB
10 KB
Script
General
Full URL
https://billing.ipgod.org/js/app.js
Requested by
Host: billing.ipgod.org
URL: https://billing.ipgod.org/setup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.252.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.252.63.178.clients.your-server.de
Software
nginx /
Resource Hash
85ec4e17015c70d6e2b8d78ab6c44a5ae58db367304a62fd81fb89a61efc38e3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.ipgod.org/setup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 17:14:42 GMT
content-encoding
gzip
last-modified
Sat, 14 May 2022 07:06:11 GMT
server
nginx
etag
W/"627f54e3-77e8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
strict-transport-security
max-age=15768000;
expires
Tue, 14 Jun 2022 17:14:42 GMT
alpine.js
billing.ipgod.org/vendor/alpinejs@2.8.2/
79 KB
19 KB
Script
General
Full URL
https://billing.ipgod.org/vendor/alpinejs@2.8.2/alpine.js
Requested by
Host: billing.ipgod.org
URL: https://billing.ipgod.org/setup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.252.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.252.63.178.clients.your-server.de
Software
nginx /
Resource Hash
17b7df2aac3885c5a3210f5b198d797b1d931e79bb8276febe64292ca54fffa8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.ipgod.org/setup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 17:14:42 GMT
content-encoding
gzip
last-modified
Sat, 14 May 2022 07:06:11 GMT
server
nginx
etag
W/"627f54e3-13c02"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
strict-transport-security
max-age=15768000;
expires
Tue, 14 Jun 2022 17:14:42 GMT
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Requested by
Host: billing.ipgod.org
URL: https://billing.ipgod.org/setup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
17ab18efb06d6e99214141753b3d058c23239473ac62acdbe307faba26c88c82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.ipgod.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 15 May 2022 15:34:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 15 May 2022 17:14:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 15 May 2022 17:14:42 GMT
app.css
billing.ipgod.org/css/
38 KB
8 KB
Stylesheet
General
Full URL
https://billing.ipgod.org/css/app.css
Requested by
Host: billing.ipgod.org
URL: https://billing.ipgod.org/setup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.252.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.252.63.178.clients.your-server.de
Software
nginx /
Resource Hash
0143bcf70fad2a620a6ed01e147a62d8e1cd74e6c51fd4317a4234e882f45876
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.ipgod.org/setup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 17:14:42 GMT
content-encoding
gzip
last-modified
Sat, 14 May 2022 07:06:11 GMT
server
nginx
etag
W/"627f54e3-985e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
strict-transport-security
max-age=15768000;
expires
Tue, 14 Jun 2022 17:14:42 GMT
cookieconsent.min.css
billing.ipgod.org/vendor/cookieconsent@3/
5 KB
1 KB
Stylesheet
General
Full URL
https://billing.ipgod.org/vendor/cookieconsent@3/cookieconsent.min.css
Requested by
Host: billing.ipgod.org
URL: https://billing.ipgod.org/setup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.252.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.252.63.178.clients.your-server.de
Software
nginx /
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.ipgod.org/setup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 17:14:42 GMT
content-encoding
gzip
last-modified
Sat, 14 May 2022 07:06:11 GMT
server
nginx
etag
W/"627f54e3-135e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
strict-transport-security
max-age=15768000;
expires
Tue, 14 Jun 2022 17:14:42 GMT
cookieconsent.min.js
billing.ipgod.org/vendor/cookieconsent@3/
20 KB
7 KB
Script
General
Full URL
https://billing.ipgod.org/vendor/cookieconsent@3/cookieconsent.min.js
Requested by
Host: billing.ipgod.org
URL: https://billing.ipgod.org/setup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.252.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.252.63.178.clients.your-server.de
Software
nginx /
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.ipgod.org/setup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 17:14:42 GMT
content-encoding
gzip
last-modified
Sat, 14 May 2022 07:06:11 GMT
server
nginx
etag
W/"627f54e3-50d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
strict-transport-security
max-age=15768000;
expires
Tue, 14 Jun 2022 17:14:42 GMT
setup.js
billing.ipgod.org/js/setup/
22 KB
8 KB
Script
General
Full URL
https://billing.ipgod.org/js/setup/setup.js
Requested by
Host: billing.ipgod.org
URL: https://billing.ipgod.org/setup
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.252.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.252.63.178.clients.your-server.de
Software
nginx /
Resource Hash
3b77b0c37740ff4a5534e4e3726ecd23b50529b3a93d087ca32c8352c8e708f4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.ipgod.org/setup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 17:14:42 GMT
content-encoding
gzip
last-modified
Sat, 14 May 2022 07:06:11 GMT
server
nginx
etag
W/"627f54e3-59a4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
strict-transport-security
max-age=15768000;
expires
Tue, 14 Jun 2022 17:14:42 GMT
truncated
/
193 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4cf27f190d3a98cc6c3e864c72b1fcc556afd44ab207910a1735d5275538bc2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/
16 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://billing.ipgod.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 19:32:49 GMT
x-content-type-options
nosniff
age
337313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16720
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 19:32:49 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| gtag object| cookieconsent object| webpackChunk function| axios object| valid object| Alpine

2 Cookies

Domain/Path Name / Value
billing.ipgod.org/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik5hVkVaK3dTNHZ1azJEdUsxb1ByclE9PSIsInZhbHVlIjoiL1ZmWmFTOHZxaVNIakFCQ01Sc0xLeVFYNE5NREZ5Q2I5OFY3OHdWVGFXQ2FPZG9SclphZEpUZVhlVGo3dVVwMGwxc25pUmxmRDZaWXIvUGgzWGpjdWxrQmxWeWhzT1BlaDZldzFZSEdxMVJlOSthQUFYWUZPL0JiY0hidmdsaTEiLCJtYWMiOiJmMzQ4ZTQ3M2UzYjE0MzU3YTRiZjI2ODhlNTNkOGMxNzQ1NzRjYmE5YjZiYzM0MjkyZWUwNTA4YTcwNTkxMWQ1IiwidGFnIjoiIn0%3D
billing.ipgod.org/ Name: invoice_ninja_session
Value: eyJpdiI6IndCUzVPTWJzU3cvUUdsamJGSDEzRVE9PSIsInZhbHVlIjoiME1halJnQThWYWhRZUJIUSt6M2taVHc2WVlha21objlQTzAwcWpZZ0EvWDN6VlJSaFp0YWdZR2xpRDkrUG81SVl4THRLdjMxMUYvTWlOdjFTcmJvdjBhVDRPblZWL2lzc3BFd1Arc2NkcU51eWdjU2FJdXVmc3AyTEs0RXdDTHAiLCJtYWMiOiI4YTE3NGZmNTI3NDg0NmM3MWMyZWUxZTgxYzMyNDAzZDBjMzA5OWE1ZWVkNDcyZGYzMjM3MDY2N2MyOTVlODFlIiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000;