urlscan.io logo urlscan.io
SecurityTrails logo

app.x-hosting.cloud Open in urlscan Pro
2600:9000:26a0:5400:12:cba:4c00:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.x-hosting.cloud/
Effective URL: https://app.x-hosting.cloud/sign-in
Submission: On March 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 8 domains to perform 29 HTTP transactions. The main IP is 2600:9000:26a0:5400:12:cba:4c00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.x-hosting.cloud.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 28th 2024. Valid for: a year.
This is the only time app.x-hosting.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    2600:9000:26a0:5400:12:cba:4c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.x-hosting.cloud
2    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    172.67.175.26 (United States)

ASN13335 (CLOUDFLARENET, US)
tally.so
4    2600:9000:269f:8c00:7:2239:42c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.lindoai.com
2    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    142.250.31.106 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f106.1e100.net
www.google.com
1    2607:f8b0:4004:c19::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    172.67.151.121 (United States)

ASN13335 (CLOUDFLARENET, US)
tracking2.lindoai.com
2    142.250.31.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f147.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
10 x-hosting.cloud
app.x-hosting.cloud
72 KB
6 lindoai.com
cdn.lindoai.com
tracking2.lindoai.com
1 MB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 357
62 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
68 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
66 KB
1 gstatic.com
www.gstatic.com
199 KB
1 tally.so
tally.so — Cisco Umbrella Rank: 77629
11 KB
29 8
Domain Requested by
10 app.x-hosting.cloud app.x-hosting.cloud
4 www.google.com app.x-hosting.cloud
www.gstatic.com
4 cdn.lindoai.com app.x-hosting.cloud
2 tracking2.lindoai.com app.x-hosting.cloud
tracking2.lindoai.com
2 ajax.googleapis.com app.x-hosting.cloud
2 cdn.jsdelivr.net app.x-hosting.cloud
1 www.googletagmanager.com app.x-hosting.cloud
1 www.gstatic.com www.google.com
1 tally.so app.x-hosting.cloud
29 9

This site contains links to these domains. Also see Links.

Domain
www.lindoai.com
Subject Issuer Validity Valid
app.x-hosting.cloud
Amazon RSA 2048 M02		 2024-03-28 -
2025-04-26		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
tally.so
GTS CA 1P5		 2024-02-24 -
2024-05-24		 3 months crt.sh
*.lindoai.com
Amazon RSA 2048 M02		 2023-12-08 -
2025-01-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
lindoai.com
GTS CA 1P5		 2024-02-21 -
2024-05-21		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://app.x-hosting.cloud/sign-in
Frame ID: B240197EF6E81928A5D6F1F49D99C1E3
Requests: 27 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcIBEwoAAAAABK607uQY_bfGcCjj-vdWM9t8vMA&co=aHR0cHM6Ly9hcHAueC1ob3N0aW5nLmNsb3VkOjQ0Mw..&hl=en&v=moV1mTgQ6S91nuTnmll4Y9yf&size=invisible&cb=2c6yr9oslk6k
Frame ID: CF4CED49D36D58F15171B6D91F7857D0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld0ShkpAAAAAD9phjhabkLd6RMYNukQGptMJCEO&co=aHR0cHM6Ly9hcHAueC1ob3N0aW5nLmNsb3VkOjQ0Mw..&hl=en&v=moV1mTgQ6S91nuTnmll4Y9yf&size=normal&cb=uzgtpxkb7894
Frame ID: B9AE6DA4644B116B03D6DFDA18E31383
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in

Page URL History Show full URLs

  1. https://app.x-hosting.cloud/ Page URL
  2. https://app.x-hosting.cloud/sign-in Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

29
Requests

93 %
HTTPS

60 %
IPv6

8
Domains

9
Subdomains

11
IPs

1
Countries

1665 kB
Transfer

2862 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.x-hosting.cloud/ Page URL
  2. https://app.x-hosting.cloud/sign-in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
app.x-hosting.cloud/ 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.x-hosting.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:5400:12:cba:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f9ff4f0856e12565a76844407481078a6e372f12dc48ca00cfae930e09938c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 29 Mar 2024 01:13:21 GMT
etag
W/"2b9419d582b8abd8cd5a78ac76f7ef53"
last-modified
Thu, 28 Mar 2024 13:20:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 4698560343897987b5ef826f71e0fcb0.cloudfront.net (CloudFront)
x-amz-cf-id
gLgll7blf1M2ARzPVUyf0jC632agTvftV3aHECRaPPFR28-7t5wsWg==
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
branding.js
app.x-hosting.cloud/assets/js/ 		683 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.x-hosting.cloud/assets/js/branding.js
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:5400:12:cba:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e9e56580c09ad92b7c056a000102e9a7e4f38f7a26a096421574a5dc521e655
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 01:13:22 GMT
via
1.1 4698560343897987b5ef826f71e0fcb0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
683
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 28 Mar 2024 13:20:58 GMT
server
AmazonS3
etag
"3746c01b711f2e5cec985131233ddd65"
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
x-amz-cf-id
VF6dP8-dBhrTUJ7U0U-KCzK-gG2ZR5LKTE1x_BymGPqb0y7V7SooiA==
tabler-icons.min.css
cdn.jsdelivr.net/npm/@tabler/icons-webfont@latest/ 		199 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@tabler/icons-webfont@latest/tabler-icons.min.css
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f14b2b4013c344184f8698bd7f7300c9d76fa7088a16c104e038bcfe1ee3085b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 29 Mar 2024 01:13:21 GMT
x-content-type-options
nosniff
content-encoding
br
age
42662
x-jsd-version
2.47.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34689
x-served-by
cache-fra-etou8220071-FRA, cache-mia-kmia1760068-MIA
x-jsd-version-type
version
etag
W/"31bad-JWlZFV97h69ICfrHgoGy5Zr3pMA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
newapp.css
app.x-hosting.cloud/assets/css/ 		97 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.x-hosting.cloud/assets/css/newapp.css
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:5400:12:cba:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9298d6c50abbd99d0b00ad045f4f15fe07b532b59e05658dccb621971ce448e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 01:13:22 GMT
content-encoding
gzip
via
1.1 4698560343897987b5ef826f71e0fcb0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 28 Mar 2024 13:20:58 GMT
server
AmazonS3
etag
W/"240e840c7b5d2aef04148afe76059099"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
lpCHS_2LA0bF1960pQ7ZYxKPaNUvt4WeYlA_f_2JHvcIDRDYt-H2rg==
embed.js
tally.so/widgets/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tally.so/widgets/embed.js
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa1599ca836532367d59ff5f8feec04f61de0cdd74e98444e71ba672673e34a2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 01:13:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Mar 2024 10:17:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2217
etag
W/"77f8-18e751d6320"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4JGYB4JciZE7lzxLwutkmwRP%2FwmZF%2FFKK2ZgjQT36TdtmylChYU83z%2BSshXcKqQwXXY2dzLhofwLrJYusJgjZaMYomZ%2FBe4grRkJt0LJhv0uWSdEO%2F0l8kOD9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400, stale-while-revalidate
cf-ray
86bbff33ab7374c8-MIA
alt-svc
h3=":443"; ma=86400
auth.js
app.x-hosting.cloud/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.x-hosting.cloud/assets/js/auth.js
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:5400:12:cba:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7e6847636d9e5377fdd48d48b3219b05cafc9e0c4983438460c7e4c9e9adbfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 01:13:22 GMT
content-encoding
gzip
via
1.1 4698560343897987b5ef826f71e0fcb0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 28 Mar 2024 13:20:58 GMT
server
AmazonS3
etag
W/"70e9d8df9e252154efdaed377b756627"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-amz-cf-id
CHf4KVanC0ERaIwfYmAvUGvRDk92MPekBf2DfPGCoqUyhClurZJjyQ==
start-welcome.svg
cdn.lindoai.com/image/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lindoai.com/image/start-welcome.svg
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:8c00:7:2239:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c111591ec9bd267d0ff5e1ccd5dcacb722eed6b85135d60591e3d3a1e760ea22

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 21:37:23 GMT
x-amz-version-id
EOYDHk35aOIzLnCibU_jfShRpPH1oLuP
content-encoding
br
last-modified
Thu, 28 Mar 2024 13:21:07 GMT
server
AmazonS3
via
1.1 19298b403c16e472e8e1bf4122960db4.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
etag
W/"d45d21ff7d4fdf4e698bcaf28684c765"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
age
12958
x-amz-cf-id
Od18765GyhpBEB-8MOW-78k5X-hC3VjS01Q5fGFMfPdAVvCyPUCtEA==
loading-transparent.svg
cdn.lindoai.com/image/ 		639 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lindoai.com/image/loading-transparent.svg
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:8c00:7:2239:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b017e6ea662e14b99c96c743e9e1b32a1079786eb9b8d48cc85312f51c387fcd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 21:37:24 GMT
x-amz-version-id
ePfE_8qYxSxDsY4_xtAhx1Y1X24ZiUDw
via
1.1 19298b403c16e472e8e1bf4122960db4.cloudfront.net (CloudFront)
last-modified
Thu, 28 Mar 2024 13:21:07 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
12958
etag
"a516b72b5cfe259e91f0070c437524b9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
639
x-amz-cf-id
aJzrdLP8PgdNXHLLkPEaGqLvzYR8ABrikev655WAPE93BjPorAYQQw==
preline2.js
app.x-hosting.cloud/assets/js/ 		58 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.x-hosting.cloud/assets/js/preline2.js
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:5400:12:cba:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 01:13:22 GMT
content-encoding
gzip
via
1.1 4698560343897987b5ef826f71e0fcb0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 28 Mar 2024 13:20:58 GMT
server
AmazonS3
etag
W/"119f7baf99020d5c906fc37b16ece0b6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-amz-cf-id
v5-rTBjqXjWwNJGKmAupBrLB3lpIRvVH6y7chrBuNfvBDZCdek4hBA==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.3/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83583
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31191
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Mar 2025 02:00:18 GMT
global.js
app.x-hosting.cloud/assets/js/ 		0
0
workspace.js
app.x-hosting.cloud/assets/js/ 		0
0
Primary Request sign-in
app.x-hosting.cloud/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.x-hosting.cloud/sign-in
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/assets/js/auth.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:5400:12:cba:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0965d6b33d7bf7b3020389cca81e06bc44d1772631d8df4c9acd1363a3741586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.x-hosting.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 29 Mar 2024 01:13:22 GMT
etag
W/"e9184d1d78e46974ca54d12de0d1b0d0"
last-modified
Thu, 28 Mar 2024 13:20:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 4698560343897987b5ef826f71e0fcb0.cloudfront.net (CloudFront)
x-amz-cf-id
QmBmJN0EBaSfSniphyXx2RLXyoD1duxjtAjn-RMOUO3-5pxJD5SUDg==
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
branding.js
app.x-hosting.cloud/assets/js/ 		683 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.x-hosting.cloud/assets/js/branding.js
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:5400:12:cba:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e9e56580c09ad92b7c056a000102e9a7e4f38f7a26a096421574a5dc521e655
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/sign-in
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 01:13:23 GMT
via
1.1 4698560343897987b5ef826f71e0fcb0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
683
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 28 Mar 2024 13:20:58 GMT
server
AmazonS3
etag
"3746c01b711f2e5cec985131233ddd65"
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
x-amz-cf-id
A_bphDxwgs26POTeMJP54IxCZsZBVZblSnL3DsGeoUyEoQNiUOUo6A==
tabler-icons.min.css
cdn.jsdelivr.net/npm/@tabler/icons-webfont@latest/ 		199 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@tabler/icons-webfont@latest/tabler-icons.min.css
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f14b2b4013c344184f8698bd7f7300c9d76fa7088a16c104e038bcfe1ee3085b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 29 Mar 2024 01:13:22 GMT
x-content-type-options
nosniff
content-encoding
br
age
42663
x-jsd-version
2.47.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34689
x-served-by
cache-fra-etou8220071-FRA, cache-mia-kmia1760068-MIA
x-jsd-version-type
version
etag
W/"31bad-JWlZFV97h69ICfrHgoGy5Zr3pMA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
newapp.css
app.x-hosting.cloud/assets/css/ 		97 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.x-hosting.cloud/assets/css/newapp.css
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:5400:12:cba:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9298d6c50abbd99d0b00ad045f4f15fe07b532b59e05658dccb621971ce448e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/sign-in
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 01:13:23 GMT
content-encoding
gzip
via
1.1 4698560343897987b5ef826f71e0fcb0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 28 Mar 2024 13:20:58 GMT
server
AmazonS3
etag
W/"240e840c7b5d2aef04148afe76059099"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
YD7rodOWgvOf4dDNoTtoWn_VX7qJSEMSBrRgMhfGmegWRucpcVS8sw==
enterprise.js
www.google.com/recaptcha/ 		1 KB
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LcIBEwoAAAAABK607uQY_bfGcCjj-vdWM9t8vMA
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/sign-in
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f106.1e100.net
Software
GSE /
Resource Hash
a2dfc8355467d5df6e00376456ea3c81d000a7b5e5a900ef24ae0682b43dbf89
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 01:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 29 Mar 2024 01:13:22 GMT
api.js
www.google.com/recaptcha/ 		1 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/sign-in
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f106.1e100.net
Software
GSE /
Resource Hash
15347086a4c3f7a12d7ae800fa711b988a1c1c1572262d53b9295d1e1a089e8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 01:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 29 Mar 2024 01:13:22 GMT
preline2.js
app.x-hosting.cloud/assets/js/ 		58 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.x-hosting.cloud/assets/js/preline2.js
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:5400:12:cba:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96624f7478fa9b00b080f1a1b4dc93c38a8dff563812c60ca4657983b523d97e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/sign-in
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 01:13:23 GMT
content-encoding
gzip
via
1.1 4698560343897987b5ef826f71e0fcb0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 28 Mar 2024 13:20:58 GMT
server
AmazonS3
etag
W/"119f7baf99020d5c906fc37b16ece0b6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-amz-cf-id
nKQoR77c8778er9ACNmEVNkPDVtuj4PvFii-YArF_UA8rdSSlKooRQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.3/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83584
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31191
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Mar 2025 02:00:18 GMT
sign-in.js
app.x-hosting.cloud/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.x-hosting.cloud/assets/js/sign-in.js
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:5400:12:cba:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ffd8dabdd56e37f50183e82b37ebdf252aadabe1b5843e2d41be4ba06c6b3ca0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/sign-in
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 01:13:23 GMT
content-encoding
gzip
via
1.1 4698560343897987b5ef826f71e0fcb0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 28 Mar 2024 13:20:58 GMT
server
AmazonS3
etag
W/"0ae11e44a1327d2c11fc0bfff4ab5d98"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-amz-cf-id
IupZNy8XcpQdYXn4nSZNxPTkuv31jSU_PnTkO-rkcHBa0IssXK6AZA==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/ 		499 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LcIBEwoAAAAABK607uQY_bfGcCjj-vdWM9t8vMA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3756825df5194a174b7a55ebd3b484c276766eef21343d34b053b98ed386801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
Origin
https://app.x-hosting.cloud
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 00:11:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
203410
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 04:00:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Mar 2025 00:11:35 GMT
gtm.js
www.googletagmanager.com/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WCPBCST
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1cb44bd1bf2a15e125d8aab7281869ba9b88071e61b35e6e7a4c7d8b44324735
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 01:13:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67042
x-xss-protection
0
last-modified
Fri, 29 Mar 2024 00:30:58 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 29 Mar 2024 01:13:22 GMT
app.x-hosting.cloud.png
cdn.lindoai.com/image/whitelabel/logo/ 		626 KB
627 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lindoai.com/image/whitelabel/logo/app.x-hosting.cloud.png
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:8c00:7:2239:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e0909e26d9179f77005beee30833427da71f949ab0f8134307888f43e82d616

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 01:13:23 GMT
x-amz-version-id
Qc87z2PRAkfRVmle8QLU3I19YpaXUKfs
via
1.1 19298b403c16e472e8e1bf4122960db4.cloudfront.net (CloudFront)
last-modified
Thu, 28 Mar 2024 19:56:03 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
etag
"70760369db8b04dece00bfd23de06229"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
640928
x-amz-cf-id
M8sl97QzmlsSYxHNXQA33EXhAoiBtEmt4ESRwTecP4aAWkDEEJ_RZw==
matomo.js
tracking2.lindoai.com/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking2.lindoai.com/matomo.js
Requested by
Host: app.x-hosting.cloud
URL: https://app.x-hosting.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306d2a6602684ed92b52f88e6c9f796e056ed96f3db412cf36f6df1b8e5a7874

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 01:13:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7016
cf-polished
origSize=66607
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Feb 2024 16:43:30 GMT
server
cloudflare
etag
W/"1042f-61146181b7612"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jaWYY77F9eY2A4bAtJAxt8wpGKs3eN4gaHSsXCWaB2vbUvOQ4J%2BuHG5wrI5yAC0%2FsvYXdkkhi3B0Zn5uPZ2NDRyWkz8iJ6wBZeXaLs56RUsTreGksvzua5gRPjTYnuO4506vwawNE7w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
86bbff3f58d07449-MIA
anchor
www.google.com/recaptcha/api2/ Frame CF4C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcIBEwoAAAAABK607uQY_bfGcCjj-vdWM9t8vMA&co=aHR0cHM6Ly9hcHAueC1ob3N0aW5nLmNsb3VkOjQ0Mw..&hl=en&v=moV1mTgQ6S91nuTnmll4Y9yf&size=invisible&cb=2c6yr9oslk6k
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f147.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aRdKq9IwwHSqQQD1iaII1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.x-hosting.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-aRdKq9IwwHSqQQD1iaII1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 29 Mar 2024 01:13:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame B9AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld0ShkpAAAAAD9phjhabkLd6RMYNukQGptMJCEO&co=aHR0cHM6Ly9hcHAueC1ob3N0aW5nLmNsb3VkOjQ0Mw..&hl=en&v=moV1mTgQ6S91nuTnmll4Y9yf&size=normal&cb=uzgtpxkb7894
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f147.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tWe618IhJWqHvOZ_DIQWgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.x-hosting.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-tWe618IhJWqHvOZ_DIQWgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 29 Mar 2024 01:13:23 GMT
expires
Fri, 29 Mar 2024 01:13:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
matomo.php
tracking2.lindoai.com/ 		0
414 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracking2.lindoai.com/matomo.php?action_name=Sign%20in&idsite=2&rec=1&r=811954&h=15&m=13&s=23&url=https%3A%2F%2Fapp.x-hosting.cloud%2Fsign-in&urlref=https%3A%2F%2Fapp.x-hosting.cloud%2F&_id=6d44e4cdff4ea5cb&_idn=1&send_image=0&_refts=0&pv_id=aJ7UAh&pf_net=0&pf_srv=419&pf_tfr=2&pf_dm1=544&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123.0.6312.86%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123.0.6312.86%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=800x600
Requested by
Host: tracking2.lindoai.com
URL: https://tracking2.lindoai.com/matomo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Fri, 29 Mar 2024 01:13:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lW5pVbjnTCVG56hSFu2bomeGpWaDjJLdGXyRI3HdWeu%2Bgqm%2BUdPo3L4wk5x9wLlZ3GFzjEik%2FwjJ98vXxS9jF50p2sAanXL5UK9Ck%2FV9hb519CHTBVJvKfRVl88fSUOq%2FYpGRCOJPv4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://app.x-hosting.cloud
access-control-allow-credentials
true
cf-ray
86bbff3fe9b07449-MIA
alt-svc
h3=":443"; ma=86400
app.x-hosting.cloud.png
cdn.lindoai.com/image/whitelabel/favicon/ 		531 KB
532 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.lindoai.com/image/whitelabel/favicon/app.x-hosting.cloud.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:8c00:7:2239:42c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cba633b500057fbff535118d16e79232cacf390120b62f6e6ffc906a190c659a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://app.x-hosting.cloud/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 01:13:24 GMT
x-amz-version-id
XYT_aZ9BRUPjjxVh7AavkV6n.UgiDhoh
via
1.1 19298b403c16e472e8e1bf4122960db4.cloudfront.net (CloudFront)
last-modified
Thu, 28 Mar 2024 19:56:05 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
etag
"ee06403d6741cd974ded0f0bad93b6fb"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
543516
x-amz-cf-id
Mlpr_A6_1QE_-a1WCqIM7R2QJhJTl971YC8WhO4ncM5pRxSgMfEqjQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.x-hosting.cloud
URL
https://app.x-hosting.cloud/assets/js/global.js
Domain
app.x-hosting.cloud
URL
https://app.x-hosting.cloud/assets/js/workspace.js

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onpagereveal object| link object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| dataLayer object| HSAccordion object| HSCollapse object| HSDropdown object| HSOverlay object| HSRemoveElement object| HSScrollspy object| HSTabs object| HSTooltip function| $ function| jQuery function| isValidEmail function| logout object| google_tag_manager object| google_tag_data object| _paq object| recaptcha object| closure_lm_120593 object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

2 Cookies

Domain/Path Name / Value
app.x-hosting.cloud/ Name: _pk_id.2.829e
Value: 6d44e4cdff4ea5cb.1711674803.
app.x-hosting.cloud/ Name: _pk_ses.2.829e
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.x-hosting.cloud
cdn.jsdelivr.net
cdn.lindoai.com
tally.so
tracking2.lindoai.com
www.google.com
www.googletagmanager.com
www.gstatic.com
app.x-hosting.cloud
142.250.31.106
142.250.31.147
172.67.151.121
172.67.175.26
2600:9000:269f:8c00:7:2239:42c0:93a1
2600:9000:26a0:5400:12:cba:4c00:93a1
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c19::5e
2607:f8b0:4004:c19::61
2a04:4e42:200::485
0965d6b33d7bf7b3020389cca81e06bc44d1772631d8df4c9acd1363a3741586
15347086a4c3f7a12d7ae800fa711b988a1c1c1572262d53b9295d1e1a089e8a
1cb44bd1bf2a15e125d8aab7281869ba9b88071e61b35e6e7a4c7d8b44324735
2e0909e26d9179f77005beee30833427da71f949ab0f8134307888f43e82d616
306d2a6602684ed92b52f88e6c9f796e056ed96f3db412cf36f6df1b8e5a7874
4f9ff4f0856e12565a76844407481078a6e372f12dc48ca00cfae930e09938c4
9298d6c50abbd99d0b00ad045f4f15fe07b532b59e05658dccb621971ce448e0
96624f7478fa9b00b080f1a1b4dc93c38a8dff563812c60ca4657983b523d97e
9e9e56580c09ad92b7c056a000102e9a7e4f38f7a26a096421574a5dc521e655
a2dfc8355467d5df6e00376456ea3c81d000a7b5e5a900ef24ae0682b43dbf89
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
aa1599ca836532367d59ff5f8feec04f61de0cdd74e98444e71ba672673e34a2
b017e6ea662e14b99c96c743e9e1b32a1079786eb9b8d48cc85312f51c387fcd
c111591ec9bd267d0ff5e1ccd5dcacb722eed6b85135d60591e3d3a1e760ea22
cba633b500057fbff535118d16e79232cacf390120b62f6e6ffc906a190c659a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f14b2b4013c344184f8698bd7f7300c9d76fa7088a16c104e038bcfe1ee3085b
f3756825df5194a174b7a55ebd3b484c276766eef21343d34b053b98ed386801
f7e6847636d9e5377fdd48d48b3219b05cafc9e0c4983438460c7e4c9e9adbfd
ffd8dabdd56e37f50183e82b37ebdf252aadabe1b5843e2d41be4ba06c6b3ca0