paysecure.bluesunhotels.com Open in urlscan Pro
2606:4700:20::ac43:4763 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://paysecure.bluesunhotels.com/
Effective URL:
https://paysecure.bluesunhotels.com/HR/Login/Login
Submission: On July 09 via automatic, source certstream-suspicious (July 9th 2024, 9:00:48 pm UTC) — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 2606:4700:20::ac43:4763, located in United States and belongs to CLOUDFLARENET, US. The main domain is paysecure.bluesunhotels.com.
TLS certificate: Issued by GTS CA 1P5 on May 30th 2024. Valid for: 3 months.

This is the only time paysecure.bluesunhotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2606:4700:20:... 2606:4700:20::ac43:4763	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
15	3

14 2606:4700:20::ac43:4763 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

paysecure.bluesunhotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	bluesunhotels.com 1 redirects paysecure.bluesunhotels.com	472 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	1 KB
15	3

	Domain	Requested by
14	paysecure.bluesunhotels.com	1 redirects paysecure.bluesunhotels.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	paysecure.bluesunhotels.com
15	3

This site contains no links.

Subject Issuer	Validity	Valid
bluesunhotels.com GTS CA 1P5	`2024-05-30` - `2024-08-28`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://paysecure.bluesunhotels.com/HR/Login/Login
Frame ID: EDD77E21AE239B51EE49DB7753834164
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blue Sun Hotels & Resorts | Prijavi se

Page URL History Show full URLs

https://paysecure.bluesunhotels.com/ HTTP 302
https://paysecure.bluesunhotels.com/HR/Login/Login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

503 kB
Transfer

1123 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://paysecure.bluesunhotels.com/ HTTP 302
https://paysecure.bluesunhotels.com/HR/Login/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Login Show response
paysecure.bluesunhotels.com/HR/Login/
Redirect Chain

https://paysecure.bluesunhotels.com/
https://paysecure.bluesunhotels.com/HR/Login/Login

7 KB
3 KB

82ms
82ms

Document
text/html

2606:4700:20::ac43:4763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paysecure.bluesunhotels.com/HR/Login/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4763 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fca8996cd79eb95d1d14bfa715d4c78f452c1414140c11d6fb3c4eb05442d390

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8a0b3eb9d9c49247-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 09 Jul 2024 21:00:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=krYNmK1nBjjq%2Bu%2BVpOMh83txDTXOXXaV9mTudUk%2B5kzxnvMnv9F5%2FEis%2Bgp1Ag88HY5Z%2FCW1h3STSmZLD5IvklPhj5sSrz%2BxN3fvZCjaGX6v6B7oKIYgoWbWmxl7aY80apzVX6%2Bfcm8hIbYEFwfR2RCakkrniAGk5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8a0b3eb9690b9247-FRA
content-type: text/html; charset=utf-8
date: Tue, 09 Jul 2024 21:00:41 GMT
location: /HR/Login/Login
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NkJaLzDw7%2BC55DVpRRxp4GzdQ0ggOTyzVCSKvblqEX68HEtctQLCC%2FXTOLBKXNR5p3pWFYP7UW9p7R%2B7MiO62SOzaMFB5Dvhl09cnnWU%2FDvKGgFCDHPQ3%2FSkoqVuU5Z3PxvnQ28wLBSNcn1tS4oUSht%2FHjop%2BSTK%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 94ms
36ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600&display=swap

Requested by

Host: paysecure.bluesunhotels.com
URL: https://paysecure.bluesunhotels.com/HR/Login/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

106a2b17d986945b30695df31a0ae50fcc26acb5e97bf4aaa8f0e787da38e533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paysecure.bluesunhotels.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jul 2024 21:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 20:48:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jul 2024 21:00:42 GMT

GET
H2 200 bootstrap.min.css
paysecure.bluesunhotels.com/css/ 118 KB
27 KB 933ms
932ms Stylesheet
text/css 2606:4700:20::ac43:4763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paysecure.bluesunhotels.com/css/bootstrap.min.css
Requested by: Host: paysecure.bluesunhotels.com
URL: https://paysecure.bluesunhotels.com/HR/Login/Login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

Referer: https://paysecure.bluesunhotels.com/HR/Login/Login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 21:00:42 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 22 May 2024 06:17:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6e55eabfacda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1WhCSYV3N4n3A9BZLU7LkZfH%2B51LDIXTwOaqDyB4WXyDYU7SDUC8IogCcqnIPl92sKQwfz4vj9Ty0tyMMWKcn2AonDaMFvjStuqcJ2BMSOJIkF8s2CGeYjKs%2FMgP8nfQ0LU7pVa5Hx9dFrGuKmYBMrhk6EtZ3PdtxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0b3eba6a649247-FRA
content-length: 27695

GET
H2 200 style.css
paysecure.bluesunhotels.com/css/ 134 KB
29 KB 205ms
204ms Stylesheet
text/css 2606:4700:20::ac43:4763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paysecure.bluesunhotels.com/css/style.css?ver=01
Requested by: Host: paysecure.bluesunhotels.com
URL: https://paysecure.bluesunhotels.com/HR/Login/Login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fe504150c76810e89c3262254951b8ae61ff875bbd2bcc291d213e936323fdc

Request headers

Referer: https://paysecure.bluesunhotels.com/HR/Login/Login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 21:00:42 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 01 Jul 2024 07:52:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c37bc3948bcbda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PVcZwTEpAi5ztFGMwUltT4tJ%2F%2FmgPcLqrL4Prrrf9fFNxlRiFQrxJ7T16YQCr%2BPG%2FG83asoJJerFacZUDCUSasg%2BqRDWklWiwWirnK9RuO4dnCplZUvl4sdWF4BgiXpJxPh2brmAoXvOBqWoC6xPZjVX2B14n3zbiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0b3eba6a669247-FRA
content-length: 29305

GET
H2 200 logo.png
paysecure.bluesunhotels.com/layout/ 19 KB
20 KB 187ms
187ms Image
image/png 2606:4700:20::ac43:4763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paysecure.bluesunhotels.com/layout/logo.png?var=01
Requested by: Host: paysecure.bluesunhotels.com
URL: https://paysecure.bluesunhotels.com/HR/Login/Login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c6277b0774c86c1c344c605a09c4b08971c163ee47ea3b9ca02da0699d4edb7

Request headers

Referer: https://paysecure.bluesunhotels.com/HR/Login/Login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 21:00:42 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Jul 2024 07:52:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1846d7948bcbda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zHpJXHMSM00xrgn%2B5aQr325zhZGxye0l%2FfJOhCntBuCJbaYvgHLYWWWiwKE3VXxx%2BRpw6jiwT5u6RGJx5ub8QRqVGX1zisTtSov%2BWfHMz8r5kHCwbFF4zQxYf4Uxa2xLWRLSH5L9zQXyy5757SNhBaut9k2NfWoug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0b3eba6a679247-FRA
content-length: 19844

GET
H2 200 rocket-loader.min.js Show response
paysecure.bluesunhotels.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 28ms
28ms Script
application/javascript 2606:4700:20::ac43:4763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paysecure.bluesunhotels.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: paysecure.bluesunhotels.com
URL: https://paysecure.bluesunhotels.com/HR/Login/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4763 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://paysecure.bluesunhotels.com/HR/Login/Login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 21:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jul 2024 09:57:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66867220-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5haKWNT%2FSqmyyAbCrJ3QJcNLGoIQkQy9wMlw5qgfanKdPJoC3Qh9fM%2BHNkwOJ5IVMgK9FpGoCmuxm7eEoiSEL4Oa%2BchYCztSIzIDE7oj0sK0teZOb%2Bn75T8zGGTDpv0NGBHPH4fXhxS%2FTzfFPEK2HDLUsIA6wGiFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8a0b3eba7a759247-FRA
expires: Thu, 11 Jul 2024 21:00:41 GMT

GET
H2 200 init.js Show response
paysecure.bluesunhotels.com/js/ 10 KB
3 KB 435ms
434ms Script
application/javascript 2606:4700:20::ac43:4763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paysecure.bluesunhotels.com/js/init.js
Requested by: Host: paysecure.bluesunhotels.com
URL: https://paysecure.bluesunhotels.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ebfbd9bcd51f137ebc9cbdefd8eeada7d2f81b805fafd289747250d60e212d4

Request headers

Referer: https://paysecure.bluesunhotels.com/HR/Login/Login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 21:00:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 27 Jun 2024 12:14:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "27cc608f8bc8da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iVCdTzDpE2Cv20H39J3mPXEPLnVDG5BuQ%2FIu71dUSo%2BmXgx0iUbvSNzy1wGn2gBOWpAPtuHl8pqo89QqAugbDwUrgKRKb1OuQsizIF5UfJrsSHikDV2C7%2F3dC2tfm3d6hQEyZwvKUFYYlmp8Gjwcfs4HRaTP5VMmNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0b3ec1ce2d9247-FRA
content-length: 3100

GET
H2 200 wstools.min.js Show response
paysecure.bluesunhotels.com/js/ 262 KB
99 KB 440ms
439ms Script
application/javascript 2606:4700:20::ac43:4763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paysecure.bluesunhotels.com/js/wstools.min.js
Requested by: Host: paysecure.bluesunhotels.com
URL: https://paysecure.bluesunhotels.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d8968eb8932e4d040f14265e886a81a41d9ff1f12cac7b6fd1e14ed998b640e

Request headers

Referer: https://paysecure.bluesunhotels.com/HR/Login/Login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 21:00:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 06 Nov 2023 07:49:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "824b2fc88510da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3FWPLmb6RO8hq9HkXmvBT%2F%2BnPn5tBr5JgLSU1V4A1M7rPPJbz%2FlHKU%2BiiNM7iqzqru4rnV2Wtxg4Q8U%2BiDR1jkCVIRKIE6lBiMv30cZIjLCw6KdKc%2BEz9yi4cC9yTTrq47RWNH9yhMOof2Umdix5mFKHDs7g2sO2Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8a0b3ec1ce309247-FRA

GET
H2 200 jqueryval Show response
paysecure.bluesunhotels.com/bundles/ 22 KB
9 KB 271ms
270ms Script
text/javascript 2606:4700:20::ac43:4763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paysecure.bluesunhotels.com/bundles/jqueryval?v=uAfBJfRvihXVS4ogzhnXA6SiBDLYYjMN4O2KifwGop01
Requested by: Host: paysecure.bluesunhotels.com
URL: https://paysecure.bluesunhotels.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb236a4dcd0c5ca9d328670e42d77d089f3ae85a0b9f082fa07f41c3d5e52e0e

Request headers

Referer: https://paysecure.bluesunhotels.com/HR/Login/Login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 21:00:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 09 Jul 2024 21:00:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s08t5K0tWOvU3BSKQAEmI%2BLbyjgxzOgZPu1GmhvDyzwG8evNa1xngNxquMWIqzTQRK2OtBUvljN01J7QYhslMKUtj%2BiGbC4PRbtRJUNQjmFRtIkox0%2BQs%2BfZiBezMFK6M6nYagiNbQUpjCAu3eGUiHG9wDsEWyTnKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public
cf-ray: 8a0b3ec1ce349247-FRA
content-length: 9271
expires: Wed, 09 Jul 2025 21:00:43 GMT

GET
H2 200 bootstrap Show response
paysecure.bluesunhotels.com/bundles/ 36 KB
13 KB 131ms
130ms Script
text/javascript 2606:4700:20::ac43:4763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paysecure.bluesunhotels.com/bundles/bootstrap?v=lescQEuG5u4jd-GcVDBcbpUOSyTDIg0Kk9zHDX55GCw1
Requested by: Host: paysecure.bluesunhotels.com
URL: https://paysecure.bluesunhotels.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72c93f899b0c28052a481f2e4177bfc6d400c3a10f51585cfbf079e9706aa003

Request headers

Referer: https://paysecure.bluesunhotels.com/HR/Login/Login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 21:00:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 09 Jul 2024 21:00:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hAaiH3Tu%2FlZxWSF%2BXEIeU3hfHfGu%2BPPsQqRuuYLLcOdX9eAbytWrpUZ1Iedxu%2BXZdAPunTMq0v13JJJcnZiZ2z6F29E58IO3j9k7%2FhVVrHWwi9ZWdhGqFyUQ3CsbJVB3euTAUGXrkuGWHbndmujGf0At3K%2F6TgT3ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public
cf-ray: 8a0b3ec1ce369247-FRA
content-length: 12922
expires: Wed, 09 Jul 2025 21:00:43 GMT

GET
H2 200 jquery Show response
paysecure.bluesunhotels.com/bundles/ 333 KB
128 KB 338ms
337ms Script
text/javascript 2606:4700:20::ac43:4763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paysecure.bluesunhotels.com/bundles/jquery?v=7nEwkqWTDQ1KRuQOp0_zE-ifjiMfT6ZTrNJZO8A4Onw1
Requested by: Host: paysecure.bluesunhotels.com
URL: https://paysecure.bluesunhotels.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b82f57718316e8b55ad005f26648f1ef7ec9e93fff8c4a555312d80b4da83515

Request headers

Referer: https://paysecure.bluesunhotels.com/HR/Login/Login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 21:00:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 09 Jul 2024 21:00:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pNwrFZHqAsFj8GMwuM23XgAyFEcdJXUBE87pAxJ8Q56nFG9mCxlWt8EAlOt7W7KtPytzr1sq9q%2BmrIZdNjXaNnwimXS1m2Guab4zm1UVE2Zt6buG2PgrWept8Qz907XKy0PTgg59vNWjd0rPfa7oL7lj6vTxUPi0Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public
cf-ray: 8a0b3ec1ce3b9247-FRA
expires: Wed, 09 Jul 2025 21:00:43 GMT

GET
H2 200 bg-login.jpg
paysecure.bluesunhotels.com/layout/ 116 KB
116 KB 437ms
437ms Image
image/jpeg 2606:4700:20::ac43:4763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paysecure.bluesunhotels.com/layout/bg-login.jpg
Requested by: Host: paysecure.bluesunhotels.com
URL: https://paysecure.bluesunhotels.com/css/style.css?ver=01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef0e1d397c82d6fcf51ab361debab120cf476f218e68e22f24aba4bba5030f3e

Request headers

Referer: https://paysecure.bluesunhotels.com/css/style.css?ver=01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 21:00:43 GMT
cf-cache-status: MISS
last-modified: Wed, 15 May 2024 13:59:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "25b6d91ed0a6da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JeLSjQxn2yroKgJ1FVxmpQ13YBGP53clCmVbr82ewy6nyyAK%2BMDCqgqYLbPcP14g%2FPXqVKETBMmGSQS1O7j00AQMepoQvM4NtCJJ%2Fb5i5Pbrq69PtLdzbFbDAmhbzGjMYMVif1RrLeF7zQvO3YIfF5GSHEmI9YsUVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0b3ec1ce3c9247-FRA
content-length: 118304

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
31 KB 331ms
204ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paysecure.bluesunhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:42:54 GMT
x-content-type-options: nosniff
age: 40669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31052
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:27:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 09:42:54 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
paysecure.bluesunhotels.com/fonts/ 18 KB
18 KB 429ms
428ms Font
application/font-woff2 2606:4700:20::ac43:4763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paysecure.bluesunhotels.com/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: paysecure.bluesunhotels.com
URL: https://paysecure.bluesunhotels.com/css/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://paysecure.bluesunhotels.com/css/bootstrap.min.css
Origin: https://paysecure.bluesunhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 21:00:43 GMT
cf-cache-status: MISS
last-modified: Mon, 06 Nov 2023 07:49:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a91b1bc88510da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kV5%2BfN0AUNNbVBkAKZ9pimQpTXBxUN9ntxU8AaxuxptRm7hFka033iKpWRLOf%2BjGhKcFAsMws1JrCec0A9oKyzAVv8UcEq0uy6m9FEmmxfI4Cgst0IVK1z4CvYrFXSPg6rI2XcOnFNCiRPc1cpDtjR58ku1QYhM5Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0b3ec1ce3e9247-FRA
content-length: 18028

GET
H2 200 favicon-32x32.png
paysecure.bluesunhotels.com/layout/ 888 B
1 KB 89ms
88ms Other
image/png 2606:4700:20::ac43:4763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paysecure.bluesunhotels.com/layout/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acae21d077953f208d710a8e106824b8906c681530c28b4133807a8aae8841ae

Request headers

Referer: https://paysecure.bluesunhotels.com/HR/Login/Login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 21:00:43 GMT
cf-cache-status: MISS
last-modified: Wed, 15 May 2024 13:59:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a2b5db1ed0a6da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tyPR5s1GywmIyOv1IuhDcV4MTLWoDHucHVt45JGl6ln%2B1i3DGAUeZi5NZ4b12YjW7GR41ZAljE%2F%2FKRIUe0gaiXnsM0OFW37HFRbuD9Rkel%2FUGkbxoRx%2B6VP7P4uD3nOp%2BYf8I3c8OPKX8Nvf9uhhozXywnR3ePpLDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0b3ec68e089247-FRA
content-length: 888

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			paysecure.bluesunhotels.com/	1970-01-21 06:41:34	Name: WSPayPP.CurrentLanguage Value: hr-HR
			paysecure.bluesunhotels.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: PjWbYE3LyEoBcugrRiIM8GMnMQ3wnb4tX9TtWeaKNO4NiO1gwwT1rmjFUq8B5NRhnlXJyTCxtA0W__eL5tdbw_zA3RDYnEpwaVfd9nIxKo81

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://paysecure.bluesunhotels.com/HR/Login/Login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
paysecure.bluesunhotels.com
2606:4700:20::ac43:4763
2a00:1450:4001:81c::200a
2a00:1450:4001:829::2003
106a2b17d986945b30695df31a0ae50fcc26acb5e97bf4aaa8f0e787da38e533
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
4c6277b0774c86c1c344c605a09c4b08971c163ee47ea3b9ca02da0699d4edb7
4d8968eb8932e4d040f14265e886a81a41d9ff1f12cac7b6fd1e14ed998b640e
4ebfbd9bcd51f137ebc9cbdefd8eeada7d2f81b805fafd289747250d60e212d4
6fe504150c76810e89c3262254951b8ae61ff875bbd2bcc291d213e936323fdc
72c93f899b0c28052a481f2e4177bfc6d400c3a10f51585cfbf079e9706aa003
acae21d077953f208d710a8e106824b8906c681530c28b4133807a8aae8841ae
b82f57718316e8b55ad005f26648f1ef7ec9e93fff8c4a555312d80b4da83515
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef0e1d397c82d6fcf51ab361debab120cf476f218e68e22f24aba4bba5030f3e
fb236a4dcd0c5ca9d328670e42d77d089f3ae85a0b9f082fa07f41c3d5e52e0e
fca8996cd79eb95d1d14bfa715d4c78f452c1414140c11d6fb3c4eb05442d390
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

paysecure.bluesunhotels.com Open in urlscan Pro 2606:4700:20::ac43:4763 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

503 kBTransfer

1123 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

paysecure.bluesunhotels.com Open in urlscan Pro
2606:4700:20::ac43:4763 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

503 kB
Transfer

1123 kB
Size

2
Cookies

15 HTTP transactions
0 data transactions