Submitted URL: https://hostlogin.spcr.cloud/
Effective URL: https://hostlogin.spcr.cloud/login/
Submission: On August 09 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 206.225.140.32, located in Clarksville, United States and belongs to CDELIGHTBAND, US. The main domain is hostlogin.spcr.cloud.
TLS certificate: Issued by R3 on August 9th 2023. Valid for: 3 months.
This is the only time hostlogin.spcr.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 206.225.140.32 40749 (CDELIGHTBAND)
10 1
Apex Domain
Subdomains
Transfer
11 spcr.cloud
hostlogin.spcr.cloud
234 KB
10 1
Domain Requested by
11 hostlogin.spcr.cloud 1 redirects hostlogin.spcr.cloud
10 1

This site contains no links.

Subject Issuer Validity Valid
hostlogin.spcr.cloud
R3
2023-08-09 -
2023-11-07
3 months crt.sh

This page contains 1 frames:

Primary Page: https://hostlogin.spcr.cloud/login/
Frame ID: 8610E12CEA326A614456A6CF545C8C00
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

LOGIN - hostlogin.spcr.cloud - Hestia Control Panel

Page URL History Show full URLs

  1. https://hostlogin.spcr.cloud/ HTTP 302
    https://hostlogin.spcr.cloud/login/ Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

233 kB
Transfer

383 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hostlogin.spcr.cloud/ HTTP 302
    https://hostlogin.spcr.cloud/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
hostlogin.spcr.cloud/login/
Redirect Chain
  • https://hostlogin.spcr.cloud/
  • https://hostlogin.spcr.cloud/login/
2 KB
1014 B
Document
General
Full URL
https://hostlogin.spcr.cloud/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.225.140.32 Clarksville, United States, ASN40749 (CDELIGHTBAND, US),
Reverse DNS
Software
Caddy nginx /
Resource Hash
6a20a12cf169e6210066815bdf83b6f7ddafd1328a74abdc8eded4891ae30dff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 23:51:43 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Caddy nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 23:51:42 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/login/
pragma
no-cache
server
Caddy nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
default.min.css
hostlogin.spcr.cloud/css/themes/
115 KB
26 KB
Stylesheet
General
Full URL
https://hostlogin.spcr.cloud/css/themes/default.min.css?v=1.8.4
Requested by
Host: hostlogin.spcr.cloud
URL: https://hostlogin.spcr.cloud/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.225.140.32 Clarksville, United States, ASN40749 (CDELIGHTBAND, US),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
5ddb6500cc14dccb9d4da94831768132bac9a8a4779ff8bdc7695ad93f70898a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hostlogin.spcr.cloud/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 23:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 31 Jul 2023 19:05:07 GMT
server
Caddy, nginx
etag
W/"64c805e3-1cae6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
alt-svc
h3=":443"; ma=2592000
x-xss-protection
1; mode=block
dark.min.css
hostlogin.spcr.cloud/css/themes/
9 KB
2 KB
Stylesheet
General
Full URL
https://hostlogin.spcr.cloud/css/themes/dark.min.css?v=1.8.4
Requested by
Host: hostlogin.spcr.cloud
URL: https://hostlogin.spcr.cloud/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.225.140.32 Clarksville, United States, ASN40749 (CDELIGHTBAND, US),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
047595758511b9288e010e978bd8cd778f5042c9c9951b5f77f62f8e4368af9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hostlogin.spcr.cloud/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 23:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 31 Jul 2023 19:05:07 GMT
server
Caddy, nginx
etag
W/"64c805e3-251a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
alt-svc
h3=":443"; ma=2592000
x-xss-protection
1; mode=block
main.min.js
hostlogin.spcr.cloud/js/dist/
27 KB
8 KB
Script
General
Full URL
https://hostlogin.spcr.cloud/js/dist/main.min.js?v=1.8.4
Requested by
Host: hostlogin.spcr.cloud
URL: https://hostlogin.spcr.cloud/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.225.140.32 Clarksville, United States, ASN40749 (CDELIGHTBAND, US),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
254a27dd92dccdfd20670cc526943a3ab4a8da2b8bac735670007cd720512d1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hostlogin.spcr.cloud/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 23:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 31 Jul 2023 19:05:07 GMT
server
Caddy, nginx
etag
W/"64c805e3-6c22"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000
x-xss-protection
1; mode=block
alpinejs.min.js
hostlogin.spcr.cloud/js/dist/
41 KB
15 KB
Script
General
Full URL
https://hostlogin.spcr.cloud/js/dist/alpinejs.min.js?v=1.8.4
Requested by
Host: hostlogin.spcr.cloud
URL: https://hostlogin.spcr.cloud/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.225.140.32 Clarksville, United States, ASN40749 (CDELIGHTBAND, US),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
5e6475a431449bf063478078504f07eba82239a49e7af37b2c6afe36943bcf04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hostlogin.spcr.cloud/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 23:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 31 Jul 2023 19:05:07 GMT
server
Caddy, nginx
etag
W/"64c805e3-a547"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000
x-xss-protection
1; mode=block
logo.svg
hostlogin.spcr.cloud/images/
9 KB
2 KB
Image
General
Full URL
https://hostlogin.spcr.cloud/images/logo.svg
Requested by
Host: hostlogin.spcr.cloud
URL: https://hostlogin.spcr.cloud/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.225.140.32 Clarksville, United States, ASN40749 (CDELIGHTBAND, US),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
20ee2f4e87a1700333f798fe6c249a80e93a32f2727cfe1b8c778c5486b06443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hostlogin.spcr.cloud/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 23:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 31 Jul 2023 19:05:07 GMT
server
Caddy, nginx
etag
W/"64c805e3-25ce"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
alt-svc
h3=":443"; ma=2592000
x-xss-protection
1; mode=block
exo-v20-latin-500.woff2
hostlogin.spcr.cloud/webfonts/
11 KB
11 KB
Font
General
Full URL
https://hostlogin.spcr.cloud/webfonts/exo-v20-latin-500.woff2
Requested by
Host: hostlogin.spcr.cloud
URL: https://hostlogin.spcr.cloud/css/themes/default.min.css?v=1.8.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.225.140.32 Clarksville, United States, ASN40749 (CDELIGHTBAND, US),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
206c794cda92fa4655a22f68e2d47b45fb43709ae9ba8edd5bb484747281f189
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hostlogin.spcr.cloud/css/themes/default.min.css?v=1.8.4
Origin
https://hostlogin.spcr.cloud
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 23:51:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jul 2023 19:05:07 GMT
server
Caddy, nginx
etag
"64c805e3-2af4"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
10996
x-xss-protection
1; mode=block
exo-v20-latin-600.woff2
hostlogin.spcr.cloud/webfonts/
11 KB
11 KB
Font
General
Full URL
https://hostlogin.spcr.cloud/webfonts/exo-v20-latin-600.woff2
Requested by
Host: hostlogin.spcr.cloud
URL: https://hostlogin.spcr.cloud/css/themes/default.min.css?v=1.8.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.225.140.32 Clarksville, United States, ASN40749 (CDELIGHTBAND, US),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
25e823b1c8402ee969c810ec775339097687d5fbf27a539850f4157afbd067f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hostlogin.spcr.cloud/css/themes/default.min.css?v=1.8.4
Origin
https://hostlogin.spcr.cloud
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 23:51:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jul 2023 19:05:07 GMT
server
Caddy, nginx
etag
"64c805e3-2b58"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
11096
x-xss-protection
1; mode=block
fa-solid-900.woff2
hostlogin.spcr.cloud/webfonts/
147 KB
147 KB
Font
General
Full URL
https://hostlogin.spcr.cloud/webfonts/fa-solid-900.woff2
Requested by
Host: hostlogin.spcr.cloud
URL: https://hostlogin.spcr.cloud/css/themes/default.min.css?v=1.8.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.225.140.32 Clarksville, United States, ASN40749 (CDELIGHTBAND, US),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hostlogin.spcr.cloud/css/themes/default.min.css?v=1.8.4
Origin
https://hostlogin.spcr.cloud
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 23:51:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jul 2023 19:05:07 GMT
server
Caddy, nginx
etag
"64c805e3-24a6c"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
150124
x-xss-protection
1; mode=block
exo-v20-latin-regular.woff2
hostlogin.spcr.cloud/webfonts/
11 KB
11 KB
Font
General
Full URL
https://hostlogin.spcr.cloud/webfonts/exo-v20-latin-regular.woff2
Requested by
Host: hostlogin.spcr.cloud
URL: https://hostlogin.spcr.cloud/css/themes/default.min.css?v=1.8.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.225.140.32 Clarksville, United States, ASN40749 (CDELIGHTBAND, US),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
7fd9420e33e5fc0b07c163487641c653fcbb13ed932affa2ce3caffbd60893ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hostlogin.spcr.cloud/css/themes/default.min.css?v=1.8.4
Origin
https://hostlogin.spcr.cloud
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 23:51:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jul 2023 19:05:07 GMT
server
Caddy, nginx
etag
"64c805e3-2b5c"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
11100
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Alpine

1 Cookies

Domain/Path Name / Value
hostlogin.spcr.cloud/ Name: PHPSESSID
Value: a68kcqc7hn8mip8ig99pktjb1o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block