beds24.com Open in urlscan Pro
195.201.74.20  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://pilgrims.ostblox.de/ Page URL
2. https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ pilgrims.ostblox.de/	790 B 796 B	148ms 40ms	Document text/html	188.34.201.206 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pilgrims.ostblox.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 188.34.201.206 Berlin, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS isp2.ostblox.de Software Apache / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Accept-Ranges bytes Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 453 Content-Type text/html Date Wed, 26 Jun 2024 00:11:28 GMT ETag "316-6177a3d367dfc-gzip" Keep-Alive timeout=5, max=200 Last-Modified Thu, 02 May 2024 15:27:20 GMT Server Apache Upgrade h2 Vary Accept-Encoding
GET H/1.1	200 OK	Primary Request booking2.php Show response beds24.com/	490 KB 42 KB	272ms 180ms	Document text/html	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash 9f55c682572ce55a13078963b7f961c7221c3f6bcec50e7bf25b2cd94f3f1964 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://pilgrims.ostblox.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 42592 Content-Type text/html; charset=utf-8 Date Wed, 26 Jun 2024 00:11:28 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=3, max=100 Pragma no-cache Server Apache Vary Accept-Encoding
GET H/1.1	200 OK	favicon.ico pilgrims.ostblox.de/	5 KB 6 KB	41ms 41ms	Other image/vnd.microsoft.icon	188.34.201.206 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pilgrims.ostblox.de/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 188.34.201.206 Berlin, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS isp2.ostblox.de Software Apache / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pilgrims.ostblox.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 00:11:28 GMT Last-Modified Mon, 17 Jul 2023 11:25:02 GMT Server Apache ETag "1536-600ad0caa8048" Content-Type image/vnd.microsoft.icon Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=199 Content-Length 5430
GET H/1.1	200 OK	jquery-1.12.4.min.js Show response beds24.com/include/jquery/	95 KB 33 KB	151ms 67ms	Script application/javascript	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/jquery/jquery-1.12.4.min.js Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 00:11:28 GMT Content-Encoding gzip Last-Modified Mon, 05 Mar 2018 09:50:00 GMT Server Apache ETag "17b8b-566a73fd44200-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=100 Content-Length 33760
GET H/1.1	200 OK	bootstrap.min.js Show response beds24.com/include/bootstrap/3.3.4/js/	35 KB 10 KB	149ms 65ms	Script application/javascript	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/bootstrap/3.3.4/js/bootstrap.min.js Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 00:11:28 GMT Content-Encoding gzip Last-Modified Mon, 13 Apr 2015 09:55:12 GMT Server Apache ETag "8c6f-513981c29a000-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=100 Content-Length 9539
GET H/1.1	200 OK	bootstrap.min.css beds24.com/include/bootstrap/3.3.4/css/	115 KB 19 KB	95ms 73ms	Stylesheet text/css	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/bootstrap/3.3.4/css/bootstrap.min.css Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash 68c07561be99167a127eacafffb306c05e4509486dcd215c5bc0caa9de9aeb1d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 00:11:28 GMT Content-Encoding gzip Last-Modified Wed, 10 Jun 2015 16:49:42 GMT Server Apache ETag "1cac6-5182ca9537580-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=99 Content-Length 19285
GET H/1.1	200 OK	moment-with-locales.min.js Show response beds24.com/include/moment/2.29.4/	360 KB 74 KB	164ms 81ms	Script application/javascript	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/moment/2.29.4/moment-with-locales.min.js Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash a16b31819084e06fc2ab4e643204414ac0c23e8065758d657df9ca040ad051a9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 00:11:28 GMT Content-Encoding gzip Last-Modified Sun, 07 May 2023 11:33:41 GMT Server Apache ETag "5a173-5fb18e4e3f99e-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=100
GET H/1.1	200 OK	bootstrap-datetimepicker_4.7.14a.js Show response beds24.com/include/bootstrap/eonasdan/	77 KB 13 KB	166ms 70ms	Script application/javascript	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/bootstrap/eonasdan/bootstrap-datetimepicker_4.7.14a.js Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash 2a3ba1355d5b18ac1072db9e305d93a63f0e77edbb89ac4b0440c0426fc89d7d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 00:11:28 GMT Content-Encoding gzip Last-Modified Wed, 07 Dec 2022 08:48:38 GMT Server Apache ETag "13579-5ef38fc910150-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=98 Content-Length 12821
GET H/1.1	200 OK	bootstrap-switch.css beds24.com/include/bootstrap/bootstrap-switch-master/dist/css/bootstrap3/	7 KB 2 KB	150ms 67ms	Stylesheet text/css	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/bootstrap/bootstrap-switch-master/dist/css/bootstrap3/bootstrap-switch.css Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash f72f31cdf00b756b41e027aa39f9164006c78efe8d8821da36dfbb9cbdad4b7b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 00:11:28 GMT Content-Encoding gzip Last-Modified Wed, 10 Jun 2015 16:49:52 GMT Server Apache ETag "1b4d-5182ca9ec0c00-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=100 Content-Length 1464
GET H/1.1	200 OK	bootstrap-switch.js Show response beds24.com/include/bootstrap/bootstrap-switch-master/dist/js/	25 KB 4 KB	206ms 56ms	Script application/javascript	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/bootstrap/bootstrap-switch-master/dist/js/bootstrap-switch.js Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash 79cc1f5bd5db7efb72e2be5320e00eb4dfda322a2bbd83297d2d8e83a1f61d6b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 00:11:28 GMT Content-Encoding gzip Last-Modified Wed, 10 Jun 2015 16:49:51 GMT Server Apache ETag "63ba-5182ca9dcc9c0-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=99 Content-Length 4018
GET H/1.1	200 OK	booking3.css beds24.com/include/	33 KB 7 KB	163ms 81ms	Stylesheet text/css	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/booking3.css Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash 13338b69c843697da0168d316390279ed80eefdf929336ceae753a4cedfbbc90 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 00:11:28 GMT Content-Encoding gzip Last-Modified Sun, 24 Apr 2022 10:27:04 GMT Server Apache ETag "829a-5dd63e69e14b9-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=100 Content-Length 7019
GET H3	200	11.400.png media.xmlcal.com/pic/p0012/9788/	381 KB 382 KB	347ms 277ms	Image image/png	172.67.158.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.xmlcal.com/pic/p0012/9788/11.400.png Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8927936af9b56097c53054ab628c4cc14ed2d54d2fb20f195289f57372607a18 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 00:11:28 GMT cf-cache-status REVALIDATED last-modified Wed, 24 Feb 2021 15:19:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5f5b7-5bc16916f6dbe" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KJPi%2BbuqgiAeTLLE3redMH4u7E9qq2L1D%2F9KqrU7G2glIDYIlX9BKo8mvz2hrDBplaozBvVlZQgQZ5HxnSkdVemJnzjJUyYyRhzrwL6fIr5Awm%2BGgIX4AAk3R7Z9F3e8uQSH"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 8998faf0a9b34d91-FRA alt-svc h3=":443"; ma=86400 content-length 390583
GET H3	200	12.400.png media.xmlcal.com/pic/p0012/9788/	333 KB 333 KB	142ms 72ms	Image image/png	172.67.158.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.xmlcal.com/pic/p0012/9788/12.400.png Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f29bd2731b6dfb8727b6415568340657f610afea79aec2d90ade6001da8158c6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 00:11:28 GMT cf-cache-status REVALIDATED last-modified Wed, 24 Feb 2021 15:19:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5326e-5bc16916cfcbd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nCd1LbgzGTSbS%2FMEVaq%2BdmYrKiD15laR38K3%2B8cy7dJXYZ9xDiMDsrDnh2fC0n6%2BDxThbg%2Fs40RHoo%2B5HMKOQqPH6hXDdm2DIRR2EKe5OH8YQd9wB0FUAZABLjWZUjvlZQkE"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 8998faf0a9b14d91-FRA alt-svc h3=":443"; ma=86400 content-length 340590
GET H3	200	14.400.png media.xmlcal.com/pic/p0012/9788/	433 KB 433 KB	162ms 160ms	Image image/png	172.67.158.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.xmlcal.com/pic/p0012/9788/14.400.png Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26683c59ef5d227880329678d82c3e23782ed1367f7895d077f869afbb326f34 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 00:11:28 GMT cf-cache-status REVALIDATED last-modified Wed, 24 Feb 2021 15:19:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6c3c8-5bc16916cdd7d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HIs%2BaWX4WPMyK7zboiuK9yq2odfizl1Dg2pq36b90ectWE5PXcl5LJ8YlfiY5auVrxY2veooKh2qIbTVw2hCL6egPhSQugZyYelna7aJUkJMbl8frcZR4fZ2T3AUhUk7GAHY"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 8998faf1fa7e4d91-FRA alt-svc h3=":443"; ma=86400 content-length 443336
GET H3	200	16.400.png media.xmlcal.com/pic/p0012/9788/	387 KB 388 KB	312ms 311ms	Image image/png	172.67.158.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.xmlcal.com/pic/p0012/9788/16.400.png Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7d0c7405964b2cf47343bcd152afcbfb30f89e7502b517600882385e3405ac59 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 00:11:28 GMT cf-cache-status REVALIDATED last-modified Wed, 24 Feb 2021 15:19:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "60c9d-5bc16916d5a7d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZpCfDqiOzhilxVGEST42tnntCNq4qAkbIVDeGCUQrPjnqaKoeUrmDN5Pnu3yf7cY4AoMO0wBMTju7bNKKK7qmUhnvBIakcVdTAvPeF9urZHIRKzVBLYpZAugH26TJiHTybCA"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 8998faf1fa804d91-FRA alt-svc h3=":443"; ma=86400 content-length 396445
GET H3	200	15.400.png media.xmlcal.com/pic/p0012/9788/	390 KB 391 KB	412ms 411ms	Image image/png	172.67.158.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.xmlcal.com/pic/p0012/9788/15.400.png Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 198741ab2094dfb4156838a5b13a25fe8daed73eb2444744c68c8414ecf786f1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 00:11:28 GMT cf-cache-status REVALIDATED last-modified Wed, 24 Feb 2021 15:19:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "618cb-5bc16916d0c5d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fKrj4zVKObngGU7c%2FWuviztsY3HPe%2Bidl3MG5%2BTo1BdEVQnV5O2%2Fa10mrVEy6g4shA8kAkCuzmPElHShV%2FNEItFiCSkbDDoqZvczUHY8EOo%2Bss66opbZCJ1wsQ%2F1Dx5xnKr8"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 8998faf1fa814d91-FRA alt-svc h3=":443"; ma=86400 content-length 399563
GET H3	200	17.400.png media.xmlcal.com/pic/p0012/9788/	290 KB 291 KB	593ms 592ms	Image image/png	172.67.158.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.xmlcal.com/pic/p0012/9788/17.400.png Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca0b30e0203407f8998a58d86081f33e0e95d249ce61e36871230c38f198f652 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 00:11:28 GMT cf-cache-status REVALIDATED last-modified Wed, 24 Feb 2021 15:19:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "488c6-5bc16916d2b9d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zHShCjOS%2F5c2cqf2Ga1ZglHyt5Gm3OaaYr3b6zpt%2FYwdMM%2Bd8yYkULXQvfW5mUWuwPT814Aiv1WOJ33cXl%2F9FDvH5Ald8ad3%2ByQXI9DqeDBhab%2BG0FSd4ZLQQ5Mgi7Doz%2BTK"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 8998faf1fa834d91-FRA alt-svc h3=":443"; ma=86400 content-length 297158
GET H3	200	18.400.png media.xmlcal.com/pic/p0012/9788/	288 KB 288 KB	720ms 719ms	Image image/png	172.67.158.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.xmlcal.com/pic/p0012/9788/18.400.png Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d74a49032c61fabab9b59e154d7b4ec9fe1c0777a5cf8d612d824887e318f6dd Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 00:11:28 GMT cf-cache-status REVALIDATED last-modified Wed, 24 Feb 2021 15:19:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "47f45-5bc1691727aff" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T8j15IdzdFbhFAKyRdcLLD7ue85rQHIKDiINvuIFRNGQzTBIith3P5ABKLpxeChY%2F5C8n43az8sMcBlxpsyZMNBYpA2dd50rpWobD8q9OhF%2FcmLH08YmGFRaKWcgpZb%2FwK6U"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 8998faf1fa864d91-FRA alt-svc h3=":443"; ma=86400 content-length 294725
GET H/1.1	200 OK	glyphicons-halflings-regular.woff2 beds24.com/include/bootstrap/3.3.4/fonts/	18 KB 18 KB	54ms 54ms	Font application/octet-stream	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/bootstrap/3.3.4/fonts/glyphicons-halflings-regular.woff2 Requested by Host: beds24.com URL: https://beds24.com/include/bootstrap/3.3.4/css/bootstrap.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/include/bootstrap/3.3.4/css/bootstrap.min.css Origin https://beds24.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 00:11:28 GMT Last-Modified Mon, 13 Apr 2015 09:55:12 GMT Server Apache ETag "466c-513981c29a000" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=99 Content-Length 18028
POST H/1.1	200 OK	getroomprice.php Show response beds24.com/api/ajax/	82 KB 2 KB	351ms 350ms	XHR text/html	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/api/ajax/getroomprice.php?ci=2024-6-26&co=2024-6-27&na=undefined&nc=undefined&pt=0&la=de&cu= Requested by Host: beds24.com URL: https://beds24.com/include/jquery/jquery-1.12.4.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash cbb76c3ffffdfb32b98fce9471d67fa6db03496644d6a14d80f6cf04055a8777 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept */* Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Wed, 26 Jun 2024 00:11:29 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=3, max=98 Content-Length 1750 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	favicon2.ico beds24.com/	1 KB 1 KB	64ms 63ms	Other image/vnd.microsoft.icon	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/favicon2.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash fecd8be36e50bff02adb8e511ba83f34415c37bb202429c700f6a1003a7a882d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 00:11:29 GMT Last-Modified Wed, 23 Oct 2019 10:55:40 GMT Server Apache ETag "47e-59591c1f86f11" Content-Type image/vnd.microsoft.icon Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=97 Content-Length 1150

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery object| jQuery1124021771979438797073 function| moment object| ajaxupdateroompriceid object| addedtocartfromprevpage function| showid function| hideid function| displayroomprice function| clearshoppingcart function| removefromshoppingcart function| addtoshoppingcart function| storeselect function| displayroomprices function| sortrooms function| displaymultibookbutton function| ajaxupdateroomavailability function| getUrlParameters object| urlparam number| doingajax number| doingpostajax function| getroomprice function| checkqueue function| getroomprices function| storeroomprice function| getstoredroomprice object| monthnames function| drawcalendars function| cleardatecellstyle function| setdatecellstyle function| drawpricetables function| checkin object| data

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.beds24.com/	1969-12-31 23:59:59	Name: booking Value: uj6ijsr8euu1bf8idhfh5mk0c7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beds24.com
media.xmlcal.com
pilgrims.ostblox.de
172.67.158.119
188.34.201.206
195.201.74.20
13338b69c843697da0168d316390279ed80eefdf929336ceae753a4cedfbbc90
198741ab2094dfb4156838a5b13a25fe8daed73eb2444744c68c8414ecf786f1
26683c59ef5d227880329678d82c3e23782ed1367f7895d077f869afbb326f34
2a3ba1355d5b18ac1072db9e305d93a63f0e77edbb89ac4b0440c0426fc89d7d
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68c07561be99167a127eacafffb306c05e4509486dcd215c5bc0caa9de9aeb1d
79cc1f5bd5db7efb72e2be5320e00eb4dfda322a2bbd83297d2d8e83a1f61d6b
7d0c7405964b2cf47343bcd152afcbfb30f89e7502b517600882385e3405ac59
8927936af9b56097c53054ab628c4cc14ed2d54d2fb20f195289f57372607a18
9f55c682572ce55a13078963b7f961c7221c3f6bcec50e7bf25b2cd94f3f1964
a16b31819084e06fc2ab4e643204414ac0c23e8065758d657df9ca040ad051a9
ca0b30e0203407f8998a58d86081f33e0e95d249ce61e36871230c38f198f652
cbb76c3ffffdfb32b98fce9471d67fa6db03496644d6a14d80f6cf04055a8777
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d74a49032c61fabab9b59e154d7b4ec9fe1c0777a5cf8d612d824887e318f6dd
f29bd2731b6dfb8727b6415568340657f610afea79aec2d90ade6001da8158c6
f72f31cdf00b756b41e027aa39f9164006c78efe8d8821da36dfbb9cbdad4b7b
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fecd8be36e50bff02adb8e511ba83f34415c37bb202429c700f6a1003a7a882d