urlscan.io logo urlscan.io
SecurityTrails logo

barshow.com.ua Open in urlscan Pro
5.9.177.94  Public Scan

Go To Rescan Add Verdict Report
URL: http://barshow.com.ua/media/excel/excel/home.php?cmd=login_submit&id=mtmxnja5odu0ng==mtmxnja5odu0ng==&session=mtmxnja5...
Submission: On September 13 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 7 HTTP transactions. The main IP is 5.9.177.94, located in Germany and belongs to HETZNER-AS, DE. The main domain is barshow.com.ua.
This is the only time barshow.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 5.9.177.94 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 3
Apex Domain
Subdomains		 Transfer
4 barshow.com.ua
barshow.com.ua
204 KB
2 gstatic.com
fonts.gstatic.com
91 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
1011 B
7 3
Domain Requested by
4 barshow.com.ua barshow.com.ua
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com barshow.com.ua
7 3

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://barshow.com.ua/media/excel/excel/home.php?cmd=login_submit&id=mtmxnja5odu0ng==mtmxnja5odu0ng==&session=mtmxnja5odu0ng==mtmxnja5odu0ng==
Frame ID: 6455D7201A735135DC30C63BB59A077F
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Secured Document - Sign in to continue

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

7
Requests

43 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

296 kB
Transfer

298 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home.php
barshow.com.ua/media/excel/excel/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://barshow.com.ua/media/excel/excel/home.php?cmd=login_submit&id=mtmxnja5odu0ng==mtmxnja5odu0ng==&session=mtmxnja5odu0ng==mtmxnja5odu0ng==
Protocol
HTTP/1.1
Server
5.9.177.94 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.94.177.9.5.clients.your-server.de
Software
nginx / PHP/5.6.40
Resource Hash
af583315f2a090cbe6fce2b92ba0e52aa75d461e53f4eb3b8860595342ae2aeb
Security Headers
Name Value
Strict-Transport-Security max-age=15072000; includeSubdomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
721
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Sep 2022 01:04:33 GMT
Server
nginx
Strict-Transport-Security
max-age=15072000; includeSubdomains; preload
Vary
Accept-Encoding,User-Agent
X-Edge-Location
FR F3
X-Powered-By
PHP/5.6.40
styles.css
barshow.com.ua/media/excel/excel/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://barshow.com.ua/media/excel/excel/css/styles.css
Requested by
Host: barshow.com.ua
URL: http://barshow.com.ua/media/excel/excel/home.php?cmd=login_submit&id=mtmxnja5odu0ng==mtmxnja5odu0ng==&session=mtmxnja5odu0ng==mtmxnja5odu0ng==
Protocol
HTTP/1.1
Server
5.9.177.94 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.94.177.9.5.clients.your-server.de
Software
nginx /
Resource Hash
657e9cb0d0c36711f90fc7c43f3ef7529c075d8c2334add5ff911ee40d719545
Security Headers
Name Value
Strict-Transport-Security max-age=15072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://barshow.com.ua/media/excel/excel/home.php?cmd=login_submit&id=mtmxnja5odu0ng==mtmxnja5odu0ng==&session=mtmxnja5odu0ng==mtmxnja5odu0ng==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 13 Sep 2022 01:04:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Accept-Encoding
Last-Modified
Wed, 07 Sep 2022 07:55:28 GMT
Server
nginx
X-Edge-Location
FR F3
ETag
W/"63184e70-cd4"
Strict-Transport-Security
max-age=15072000; includeSubdomains; preload
Content-Type
text/css
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 20 Sep 2022 01:04:34 GMT
acc.png
barshow.com.ua/media/excel/excel/img/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://barshow.com.ua/media/excel/excel/img/acc.png
Requested by
Host: barshow.com.ua
URL: http://barshow.com.ua/media/excel/excel/home.php?cmd=login_submit&id=mtmxnja5odu0ng==mtmxnja5odu0ng==&session=mtmxnja5odu0ng==mtmxnja5odu0ng==
Protocol
HTTP/1.1
Server
5.9.177.94 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.94.177.9.5.clients.your-server.de
Software
nginx /
Resource Hash
1d2ddab841292b844fabb74ed66ca48d376cbbe95be802dc599928496d1c30ab
Security Headers
Name Value
Strict-Transport-Security max-age=15072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://barshow.com.ua/media/excel/excel/home.php?cmd=login_submit&id=mtmxnja5odu0ng==mtmxnja5odu0ng==&session=mtmxnja5odu0ng==mtmxnja5odu0ng==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 13 Sep 2022 01:04:34 GMT
Last-Modified
Wed, 07 Sep 2022 07:55:28 GMT
Server
nginx
X-Edge-Location
FR F3
ETag
"63184e70-142f4"
Strict-Transport-Security
max-age=15072000; includeSubdomains; preload
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
82676
Expires
Thu, 13 Oct 2022 01:04:34 GMT
css
fonts.googleapis.com/ 		2 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700
Requested by
Host: barshow.com.ua
URL: http://barshow.com.ua/media/excel/excel/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://barshow.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 23:43:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 13 Sep 2022 01:05:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Sep 2022 01:05:56 GMT
pdf.png
barshow.com.ua/media/excel/excel/img/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://barshow.com.ua/media/excel/excel/img/pdf.png
Requested by
Host: barshow.com.ua
URL: http://barshow.com.ua/media/excel/excel/css/styles.css
Protocol
HTTP/1.1
Server
5.9.177.94 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.94.177.9.5.clients.your-server.de
Software
nginx /
Resource Hash
5f276219e583da1ae509944bcbfd7890c98bc80666936a8aa7869d6c4bf09436
Security Headers
Name Value
Strict-Transport-Security max-age=15072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://barshow.com.ua/media/excel/excel/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 13 Sep 2022 01:04:34 GMT
Last-Modified
Wed, 07 Sep 2022 07:55:28 GMT
Server
nginx
X-Edge-Location
FR F3
ETag
"63184e70-1e08f"
Strict-Transport-Security
max-age=15072000; includeSubdomains; preload
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
123023
Expires
Thu, 13 Oct 2022 01:04:34 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://barshow.com.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 19:26:54 GMT
x-content-type-options
nosniff
age
452342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 19:26:54 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://barshow.com.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 19:26:32 GMT
x-content-type-options
nosniff
age
452364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 19:26:32 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15072000; includeSubdomains; preload