www.pay.shsbooking.com Open in urlscan Pro
185.197.162.34  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.pay.shsbooking.com/	8 KB 3 KB	420ms 368ms	Document text/html	185.197.162.34 THREE-W-INFRA-AS ...
General Check archive.org Show headers Download Go to Full URL https://www.pay.shsbooking.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.197.162.34 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL), Reverse DNS vps13413.ua-hosting.company Software Apache/2.4.29 (Ubuntu) / Resource Hash cac9b1c9a9bd073092b6660a490081fc3ac84ebdca6913e0b1df101ff3cf2e72 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection Keep-Alive Content-Encoding gzip Content-Length 2788 Content-Type text/html; charset=utf-8 Date Sat, 08 Apr 2023 01:01:25 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Last-Modified Sat, 08 Apr 2023 01:01:25 GMT P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache/2.4.29 (Ubuntu) Strict-Transport-Security max-age=31536000; preload Vary Accept-Encoding
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	57ms 11ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: www.pay.shsbooking.com URL: https://www.pay.shsbooking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers accept-language de-DE,de;q=0.9 Referer https://www.pay.shsbooking.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 08 Apr 2023 01:01:25 GMT content-encoding gzip last-modified Fri, 12 Aug 2022 13:47:02 GMT server nginx etag W/"62f659d6-15d84" vary Accept-Encoding x-hw 1680915685.dop239.fr8.t,1680915685.cds232.fr8.hn,1680915685.cds327.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30879
GET H/1.1	200 OK	ajax_load_content.js Show response www.pay.shsbooking.com/js/	58 KB 14 KB	19ms 19ms	Script application/javascript	185.197.162.34 THREE-W-INFRA-AS ...
General Check archive.org Show headers Download Go to Full URL https://www.pay.shsbooking.com/js/ajax_load_content.js Requested by Host: www.pay.shsbooking.com URL: https://www.pay.shsbooking.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.197.162.34 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL), Reverse DNS vps13413.ua-hosting.company Software Apache/2.4.29 (Ubuntu) / Resource Hash 8bba071672a9d833137ea88cab0930bce54a75bc70f381dc6e26d31cf69a6fa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.pay.shsbooking.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Sat, 08 Apr 2023 01:01:25 GMT Strict-Transport-Security max-age=31536000; preload Content-Encoding gzip Last-Modified Sun, 23 May 2021 12:12:03 GMT Server Apache/2.4.29 (Ubuntu) ETag "e9f8-5c2fe33690850-gzip" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control max-age=604800, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 13487
GET H/1.1	200 OK	style.php www.pay.shsbooking.com/	19 KB 4 KB	86ms 56ms	Stylesheet text/css	185.197.162.34 THREE-W-INFRA-AS ...
General Check archive.org Show headers Download Go to Full URL https://www.pay.shsbooking.com/style.php? Requested by Host: www.pay.shsbooking.com URL: https://www.pay.shsbooking.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.197.162.34 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL), Reverse DNS vps13413.ua-hosting.company Software Apache/2.4.29 (Ubuntu) / Resource Hash 1273841bf57c501a8427f30b0d0849d6f549ff08ff5824fb588246856ae49904 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.pay.shsbooking.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Sat, 08 Apr 2023 01:01:25 GMT Strict-Transport-Security max-age=31536000; preload Content-Encoding gzip Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding Content-Type text/css; charset=utf-8 Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 4039
GET H/1.1	200 OK	logo.gif www.pay.shsbooking.com/img/	4 KB 5 KB	15ms 15ms	Image image/gif	185.197.162.34 THREE-W-INFRA-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.pay.shsbooking.com/img/logo.gif Requested by Host: www.pay.shsbooking.com URL: https://www.pay.shsbooking.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.197.162.34 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL), Reverse DNS vps13413.ua-hosting.company Software Apache/2.4.29 (Ubuntu) / Resource Hash 00df933306a3833abf7c1bb80a893df12fb95c5780e0919a4839656fea3967b2 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.pay.shsbooking.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Sat, 08 Apr 2023 01:01:25 GMT Strict-Transport-Security max-age=31536000; preload Last-Modified Sun, 23 May 2021 11:12:04 GMT Server Apache/2.4.29 (Ubuntu) ETag "1163-5c2fd5ce653b3" Content-Type image/gif Cache-Control max-age=604800, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 4451
GET H/1.1	200 OK	Visa-MC.jpg www.pay.shsbooking.com/img/img-common/	5 KB 5 KB	19ms 16ms	Image image/jpeg	185.197.162.34 THREE-W-INFRA-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.pay.shsbooking.com/img/img-common/Visa-MC.jpg Requested by Host: www.pay.shsbooking.com URL: https://www.pay.shsbooking.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.197.162.34 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL), Reverse DNS vps13413.ua-hosting.company Software Apache/2.4.29 (Ubuntu) / Resource Hash e700fedd648915efa6d964c141bf88fc4cb01b72674504b3762ce7fe4ec5ad80 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.pay.shsbooking.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Sat, 08 Apr 2023 01:01:25 GMT Strict-Transport-Security max-age=31536000; preload Last-Modified Tue, 24 Jan 2017 08:18:47 GMT Server Apache/2.4.29 (Ubuntu) ETag "1439-546d2c3e207c0" Content-Type image/jpeg Cache-Control max-age=604800, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 5177

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery function| strpos function| load_ajax_loader function| load_loader function| seq_loaders function| load_ajax function| CheckFormFields function| inArray function| CheckSetOfFormFields function| GetFormByAjax function| PostFormByAjax function| PostObject2div function| PostFormLoader function| FormResultByAjax function| ConstructKVString function| load_window_open function| load_above function| ShowAnyDiv function| ChangeDivClass function| GoThruClasses function| ChangeDivSize function| ShowAnyDivPos function| HideAnyDiv function| DisplayDiv function| UndisplayDiv function| RevertDivDisplay function| GetDivHeight function| getStyleObject function| changeObjectVisibility function| ConstructAjaxString function| write2div function| alert2div function| alertAbove function| html2divAfter function| html2divBefore function| div_has_content function| number_format function| checkEnter function| getRefToDiv function| MoveDiv function| MoveDivSlide function| move_div_2leftpos function| move_belt_left function| move_belt_right function| slide_belt_right function| slide_belt_left function| slide_belt_2see function| dots_for_belt function| center_div function| center_vert_div function| align_mid function| center_2_window function| center_2_element function| valign_2_element function| BlinkDiv function| ExpandDivs function| MinimizeDivs function| select_text_of_input function| get_form_name function| next_in_set function| prev_in_set function| isNumber function| num2date function| disableEnterKey function| isOptionAlreadyExist function| addValueInSelect function| removeValueFromSelect function| emptySelect function| fill_in_seq_select function| printDiv function| trig_class function| line_up_heights function| line_up_widths function| line_up_real_widths function| printObjFunc function| scroll2element function| scroll2view function| expand_height function| expand_width function| hide_if_low function| hide_if_low_w function| get_object_vars function| sleepFor function| is_on_screen function| b64EncodeUTF function| arraySearch function| dates_seq_ok function| detectswipe function| images_on_scroll function| parallax_on_scroll

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pay.shsbooking.com/	1970-01-20 11:05:20	Name: PHPSESSID Value: tghv3ampu6opb7sc7122h22uq5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
www.pay.shsbooking.com
185.197.162.34
2001:4de0:ac18::1:a:3a
00df933306a3833abf7c1bb80a893df12fb95c5780e0919a4839656fea3967b2
1273841bf57c501a8427f30b0d0849d6f549ff08ff5824fb588246856ae49904
8bba071672a9d833137ea88cab0930bce54a75bc70f381dc6e26d31cf69a6fa4
cac9b1c9a9bd073092b6660a490081fc3ac84ebdca6913e0b1df101ff3cf2e72
e700fedd648915efa6d964c141bf88fc4cb01b72674504b3762ce7fe4ec5ad80
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d