URL: https://ovclient.clicenergia.com/
Submission: On August 11 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 162.55.177.159, located in Mammelzen, Germany and belongs to HETZNER-AS, DE. The main domain is ovclient.clicenergia.com.
TLS certificate: Issued by R10 on August 8th 2024. Valid for: 3 months.
This is the only time ovclient.clicenergia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 162.55.177.159 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.92 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.105 16509 (AMAZON-02)
14 5
Apex Domain
Subdomains
Transfer
7 clicenergia.com
ovclient.clicenergia.com
3 MB
3 gstatic.com
fonts.gstatic.com
55 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2856
156 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
14 4
Domain Requested by
7 ovclient.clicenergia.com ovclient.clicenergia.com
3 fonts.gstatic.com fonts.googleapis.com
2 js.stripe.com ovclient.clicenergia.com
js.stripe.com
2 fonts.googleapis.com ovclient.clicenergia.com
14 4

This site contains links to these domains. Also see Links.

Domain
gisce.ov
Subject Issuer Validity Valid
ovclient.clicenergia.com
R10
2024-08-08 -
2024-11-06
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-07-23 -
2024-10-24
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh

This page contains 2 frames:

Primary Page: https://ovclient.clicenergia.com/
Frame ID: C8D1B18DBA730D86E5638416C32AA878
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: C9D1DBD130505F690616149FD42120C2
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Oficina Virtual

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

14
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

3404 kB
Transfer

3909 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ovclient.clicenergia.com/
2 KB
1 KB
Document
General
Full URL
https://ovclient.clicenergia.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.177.159 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.177.55.162.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4db0750087d3b63777031500716712aea6a35e9451ba55b323193e24aaffdd54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 11 Aug 2024 03:45:56 GMT
ETag
W/"6284bad0-8a1"
Last-Modified
Wed, 18 May 2022 09:22:24 GMT
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Transfer-Encoding
chunked
main.db94e14e.chunk.css
ovclient.clicenergia.com/static/css/
22 KB
22 KB
Stylesheet
General
Full URL
https://ovclient.clicenergia.com/static/css/main.db94e14e.chunk.css
Requested by
Host: ovclient.clicenergia.com
URL: https://ovclient.clicenergia.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.177.159 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.177.55.162.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8f8c5b58e05348501f8eba0fee603046b76d2b9e4245f85fbd02ca2a6764c254

Request headers

Referer
https://ovclient.clicenergia.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 03:45:56 GMT
Last-Modified
Wed, 18 May 2022 09:22:24 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6284bad0-58d8"
Content-Type
text/css, text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22744
2.23a27b1a.chunk.js
ovclient.clicenergia.com/static/js/
2 MB
2 MB
Script
General
Full URL
https://ovclient.clicenergia.com/static/js/2.23a27b1a.chunk.js
Requested by
Host: ovclient.clicenergia.com
URL: https://ovclient.clicenergia.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.177.159 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.177.55.162.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
364556650ad5e3432eb0336c74e7d26a99fd6d2a52bca5b3d3adaf6fb5bda0b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://ovclient.clicenergia.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 03:45:56 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Last-Modified
Wed, 18 May 2022 09:22:24 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6284bad0-2643c7"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2507719
main.33dcac1b.chunk.js
ovclient.clicenergia.com/static/js/
653 KB
654 KB
Script
General
Full URL
https://ovclient.clicenergia.com/static/js/main.33dcac1b.chunk.js
Requested by
Host: ovclient.clicenergia.com
URL: https://ovclient.clicenergia.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.177.159 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.177.55.162.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
13ce3c92575e548b50b2a5e6d488048f0463b2583a263c9520dc2fe9d84be480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://ovclient.clicenergia.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 03:45:56 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Last-Modified
Wed, 18 May 2022 09:22:24 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6284bad0-a35fd"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
669181
css
fonts.googleapis.com/
13 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&subset=latin,cyrillic-ext
Requested by
Host: ovclient.clicenergia.com
URL: https://ovclient.clicenergia.com/static/css/main.db94e14e.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac7157f1a795feaa3ac646d2bcf81871185b631903eebcea3d5a3826e81ff7b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ovclient.clicenergia.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Aug 2024 03:45:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 11 Aug 2024 03:45:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Aug 2024 03:45:56 GMT
css
fonts.googleapis.com/
16 KB
891 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%20Slab:400,100,300,500,600,700,900&subset=latin,cyrillic-ext
Requested by
Host: ovclient.clicenergia.com
URL: https://ovclient.clicenergia.com/static/css/main.db94e14e.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8fba8fd9c9cb9e76b052995167efc1b08e600900fb7796bf07394f74c0147c88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ovclient.clicenergia.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Aug 2024 03:45:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 11 Aug 2024 03:45:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Aug 2024 03:45:56 GMT
v3
js.stripe.com/
637 KB
156 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: ovclient.clicenergia.com
URL: https://ovclient.clicenergia.com/static/js/2.23a27b1a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-92.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7cd344c87b1ee30e4365d72d7c1cfd364771d612c14d2741840292cfc126ac88
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ovclient.clicenergia.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 03:45:38 GMT
content-encoding
br
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
20
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 10 Aug 2024 19:43:51 GMT
server
Cloudfront
etag
W/"ac763ef25f397140f139e3eb6124100c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
yYZS-794VfosL6jd3qpHKsV5rD_Wtm4SSutjtvvjkT0BoKU1yyqmPQ==
logoBar.png
ovclient.clicenergia.com/images/
24 KB
24 KB
Image
General
Full URL
https://ovclient.clicenergia.com/images/logoBar.png
Requested by
Host: ovclient.clicenergia.com
URL: https://ovclient.clicenergia.com/acces?recurs=/factures
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.177.159 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.177.55.162.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
463a6f016ac71f88f59a596b5d1bfdca3ac4cd4f8faefef0852109790fe9e1d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://ovclient.clicenergia.com/acces?recurs=/factures
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 03:45:57 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Last-Modified
Wed, 18 May 2022 09:20:35 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6284ba63-60bd"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24765
logo.png
ovclient.clicenergia.com/images/
24 KB
24 KB
Image
General
Full URL
https://ovclient.clicenergia.com/images/logo.png
Requested by
Host: ovclient.clicenergia.com
URL: https://ovclient.clicenergia.com/acces?recurs=/factures
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.177.159 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.177.55.162.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2157527ce8a86ab87c42b9b3406c5326382aaa9f586b611ad408dbd21c3e60ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://ovclient.clicenergia.com/acces?recurs=/factures
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 03:45:57 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Last-Modified
Wed, 18 May 2022 09:20:35 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6284ba63-5fd8"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24536
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&subset=latin,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ovclient.clicenergia.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:06:49 GMT
x-content-type-options
nosniff
age
347948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18588
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 03:06:49 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&subset=latin,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ovclient.clicenergia.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 14:58:07 GMT
x-content-type-options
nosniff
age
478070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Aug 2025 14:58:07 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&subset=latin,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ovclient.clicenergia.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 08:22:19 GMT
x-content-type-options
nosniff
age
329018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18492
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 08:22:19 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame C9D1
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ovclient.clicenergia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
914
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 11 Aug 2024 03:30:44 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Sat, 10 Aug 2024 19:01:47 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
x-amz-cf-id
EZKqfIYKo2l6EH9gRJxsUgA8V7ScrBt48_QlCBH7nPGigW4qS5q7aA==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
favicon.ico
ovclient.clicenergia.com/
15 KB
15 KB
Other
General
Full URL
https://ovclient.clicenergia.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.55.177.159 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.177.55.162.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7713cc0c767a4e8a6d92b723a0c28baf5b1b9fddb0e8f104d9dacad07ac13d37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://ovclient.clicenergia.com/acces?recurs=/factures
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 03:45:57 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Last-Modified
Wed, 18 May 2022 09:20:35 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6284ba63-3c2e"
Content-Type
image/x-icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15406

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackJsonpoficina-virtual function| _ object| __SENTRY__ number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| saveAs function| setImmediate function| clearImmediate object| webpackChunkStripeJSouter function| noop function| Stripe

3 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: e31570f2-57b4-4384-911f-ec67697fc5ebdbe840
.ovclient.clicenergia.com/ Name: __stripe_mid
Value: 582f14f3-c494-4ff1-ac31-f27a1a0d4b90024327
.ovclient.clicenergia.com/ Name: __stripe_sid
Value: 39770e32-b93c-442c-a98d-65ec5c360f8291ef9b

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://ovclient.clicenergia.com/acces?recurs=/factures
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;