URL: https://billing.lchosting.se/
Submission: On March 17 via automatic, source certstream-suspicious — Scanned from SE

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 65.108.0.38, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is billing.lchosting.se.
TLS certificate: Issued by R3 on March 17th 2023. Valid for: 3 months.
This is the only time billing.lchosting.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 65.108.0.38 24940 (HETZNER-AS)
1 142.250.186.42 15169 (GOOGLE)
8 2
Apex Domain
Subdomains
Transfer
7 lchosting.se
billing.lchosting.se
169 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 305
92 KB
8 2
Domain Requested by
7 billing.lchosting.se billing.lchosting.se
1 ajax.googleapis.com billing.lchosting.se
8 2

This site contains links to these domains. Also see Links.

Domain
lchosting.se
Subject Issuer Validity Valid
paste.lchosting.se
R3
2023-03-17 -
2023-06-15
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-02 -
2023-05-25
3 months crt.sh

This page contains 1 frames:

Primary Page: https://billing.lchosting.se/
Frame ID: D13E10D992888E963F52E06D963156CE
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

LCHosting Paste

Detected technologies

Overall confidence: 100%
Detected patterns
  • /(?:([\d.])+/)?highlight(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

13 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

261 kB
Transfer

260 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
billing.lchosting.se/
3 KB
1 KB
Document
General
Full URL
https://billing.lchosting.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.108.0.38 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.0.108.65.clients.your-server.de
Software
nginx /
Resource Hash
07a8cb1978ac094b05439b1da07e764587ca829e1785edb62fb90dc923cee9ac
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Fri, 17 Mar 2023 22:09:41 GMT
etag
W/"64148977-bba"
last-modified
Fri, 17 Mar 2023 15:38:31 GMT
referrer-policy
same-origin
server
nginx
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
none
x-xss-protection
1; mode=block
solarized_dark.css
billing.lchosting.se/
1 KB
1 KB
Stylesheet
General
Full URL
https://billing.lchosting.se/solarized_dark.css
Requested by
Host: billing.lchosting.se
URL: https://billing.lchosting.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.108.0.38 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.0.108.65.clients.your-server.de
Software
nginx /
Resource Hash
78c9ddd480485bfd14e5fb6c6a2cd4de9286b63c7df35a0e88bbb4534f0dead6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://billing.lchosting.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 22:09:41 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 17 Mar 2023 15:13:35 GMT
server
nginx
etag
"6414839f-4cd"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
x-robots-tag
none
content-length
1229
x-xss-protection
1; mode=block
application.css
billing.lchosting.se/
4 KB
4 KB
Stylesheet
General
Full URL
https://billing.lchosting.se/application.css
Requested by
Host: billing.lchosting.se
URL: https://billing.lchosting.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.108.0.38 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.0.108.65.clients.your-server.de
Software
nginx /
Resource Hash
18e0293dd1c64d93c769198839ff1091af7f14fd59913cf33230649f3caa41c0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://billing.lchosting.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 22:09:41 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 17 Mar 2023 15:13:14 GMT
server
nginx
etag
"6414838a-103a"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
x-robots-tag
none
content-length
4154
x-xss-protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/
92 KB
92 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: billing.lchosting.se
URL: https://billing.lchosting.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 16:32:07 GMT
x-content-type-options
nosniff
age
279454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93868
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Mar 2024 16:32:07 GMT
highlight.min.js
billing.lchosting.se/
85 KB
85 KB
Script
General
Full URL
https://billing.lchosting.se/highlight.min.js
Requested by
Host: billing.lchosting.se
URL: https://billing.lchosting.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.108.0.38 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.0.108.65.clients.your-server.de
Software
nginx /
Resource Hash
bb0249bfe7f1c90abe3c9109a3f3e23adaefb25529338301fdd7b22b8b7ce138
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://billing.lchosting.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 22:09:41 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 17 Mar 2023 15:12:54 GMT
server
nginx
etag
"64148376-1524d"
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
none
content-length
86605
x-xss-protection
1; mode=block
application.min.js
billing.lchosting.se/
9 KB
10 KB
Script
General
Full URL
https://billing.lchosting.se/application.min.js
Requested by
Host: billing.lchosting.se
URL: https://billing.lchosting.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.108.0.38 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.0.108.65.clients.your-server.de
Software
nginx /
Resource Hash
da2a4e31187c58c856a4f37aad4f920b004c190958123be22f83490700fa5471
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://billing.lchosting.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 22:09:41 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 17 Mar 2023 15:12:22 GMT
server
nginx
etag
"64148356-256d"
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
none
content-length
9581
x-xss-protection
1; mode=block
logo.png
billing.lchosting.se/
60 KB
61 KB
Image
General
Full URL
https://billing.lchosting.se/logo.png
Requested by
Host: billing.lchosting.se
URL: https://billing.lchosting.se/application.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.108.0.38 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.0.108.65.clients.your-server.de
Software
nginx /
Resource Hash
c005a4e4273153be32ab338423e7acd8973260a3470baa3ecb76ae99cb1dcbf3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://billing.lchosting.se/application.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 22:09:41 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 17 Mar 2023 12:49:07 GMT
server
nginx
etag
"641461c3-f15c"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-robots-tag
none
content-length
61788
x-xss-protection
1; mode=block
function-icons.png
billing.lchosting.se/
6 KB
6 KB
Image
General
Full URL
https://billing.lchosting.se/function-icons.png
Requested by
Host: billing.lchosting.se
URL: https://billing.lchosting.se/application.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.108.0.38 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.0.108.65.clients.your-server.de
Software
nginx /
Resource Hash
7941eb17ec574d7abb3afe26dd3fa3de57f6d73a29705407c53b8a23f1bf149b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://billing.lchosting.se/application.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 22:09:41 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 17 Mar 2023 15:14:14 GMT
server
nginx
etag
"641483c6-185d"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-robots-tag
none
content-length
6237
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery object| hljs function| haste_document function| haste object| app function| handlePop

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block