beds24.com Open in urlscan Pro
195.201.74.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pilgrims.ostblox.de/
Effective URL:
https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe
Submission Tags: phishingrod
Submission: On June 26 via api (June 26th 2024, 12:46:52 pm UTC) from DE — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 195.201.74.20, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is beds24.com. The Cisco Umbrella rank of the primary domain is 723951.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 5th 2023. Valid for: 10 months.

This is the only time beds24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	188.34.201.206 188.34.201.206	24940 (HETZNER-AS) (HETZNER-AS)
12	195.201.74.20 195.201.74.20	24940 (HETZNER-AS) (HETZNER-AS)
7	172.67.158.119 172.67.158.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	3

2 188.34.201.206 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: isp2.ostblox.de

pilgrims.ostblox.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 195.201.74.20 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mail.beds24.com

beds24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.158.119 (United States)

ASN13335 (CLOUDFLARENET, US)

media.xmlcal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	beds24.com beds24.com — Cisco Umbrella Rank: 723951	226 KB
7	xmlcal.com media.xmlcal.com — Cisco Umbrella Rank: 603783	2 MB
2	ostblox.de pilgrims.ostblox.de	6 KB
21	3

	Domain	Requested by
12	beds24.com	beds24.com
7	media.xmlcal.com	beds24.com
2	pilgrims.ostblox.de
21	3

This site contains no links.

Subject Issuer	Validity	Valid
booking.kuehlhaus-goerlitz.de R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh
*.beds24.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-05` - `2024-09-18`	10 months	crt.sh
xmlcal.com E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe
Frame ID: 1078488AEEF54DF06D6B3A27012DD736
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Secure Online Booking

Page URL History Show full URLs

https://pilgrims.ostblox.de/ Page URL
https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2738 kB
Transfer

3846 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pilgrims.ostblox.de/ Page URL
https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ pilgrims.ostblox.de/	790 B 796 B	86ms 10ms	Document text/html	188.34.201.206 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pilgrims.ostblox.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 188.34.201.206 Berlin, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS isp2.ostblox.de Software Apache / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Accept-Ranges bytes Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 453 Content-Type text/html Date Wed, 26 Jun 2024 12:46:47 GMT ETag "316-6177a3d367dfc-gzip" Keep-Alive timeout=5, max=200 Last-Modified Thu, 02 May 2024 15:27:20 GMT Server Apache Upgrade h2 Vary Accept-Encoding
GET H/1.1	200 OK	Primary Request booking2.php Show response beds24.com/	490 KB 42 KB	169ms 139ms	Document text/html	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash `75c3a31595773ce744ab9e377ed66c569c93df35d333bcefe5a276ef227cbab2` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://pilgrims.ostblox.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 42601 Content-Type text/html; charset=utf-8 Date Wed, 26 Jun 2024 12:46:47 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=3, max=100 Pragma no-cache Server Apache Vary Accept-Encoding
GET H/1.1	200 OK	favicon.ico pilgrims.ostblox.de/	5 KB 6 KB	10ms 10ms	Other image/vnd.microsoft.icon	188.34.201.206 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pilgrims.ostblox.de/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 188.34.201.206 Berlin, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS isp2.ostblox.de Software Apache / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pilgrims.ostblox.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 12:46:47 GMT Last-Modified Mon, 17 Jul 2023 11:25:02 GMT Server Apache ETag "1536-600ad0caa8048" Content-Type image/vnd.microsoft.icon Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=199 Content-Length 5430
GET H/1.1	200 OK	jquery-1.12.4.min.js Show response beds24.com/include/jquery/	95 KB 33 KB	82ms 46ms	Script application/javascript	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/jquery/jquery-1.12.4.min.js Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash `668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 12:46:47 GMT Content-Encoding gzip Last-Modified Mon, 05 Mar 2018 09:50:00 GMT Server Apache ETag "17b8b-566a73fd44200-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=100 Content-Length 33760
GET H/1.1	200 OK	bootstrap.min.js Show response beds24.com/include/bootstrap/3.3.4/js/	35 KB 10 KB	94ms 58ms	Script application/javascript	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/bootstrap/3.3.4/js/bootstrap.min.js Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash `d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 12:46:47 GMT Content-Encoding gzip Last-Modified Mon, 13 Apr 2015 09:55:12 GMT Server Apache ETag "8c6f-513981c29a000-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=100 Content-Length 9539
GET H/1.1	200 OK	bootstrap.min.css beds24.com/include/bootstrap/3.3.4/css/	115 KB 19 KB	86ms 52ms	Stylesheet text/css	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/bootstrap/3.3.4/css/bootstrap.min.css Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash `68c07561be99167a127eacafffb306c05e4509486dcd215c5bc0caa9de9aeb1d` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 12:46:47 GMT Content-Encoding gzip Last-Modified Wed, 10 Jun 2015 16:49:42 GMT Server Apache ETag "1cac6-5182ca9537580-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=100 Content-Length 19285
GET H/1.1	200 OK	moment-with-locales.min.js Show response beds24.com/include/moment/2.29.4/	360 KB 74 KB	99ms 62ms	Script application/javascript	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/moment/2.29.4/moment-with-locales.min.js Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash `a16b31819084e06fc2ab4e643204414ac0c23e8065758d657df9ca040ad051a9` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 12:46:47 GMT Content-Encoding gzip Last-Modified Sun, 07 May 2023 11:33:41 GMT Server Apache ETag "5a173-5fb18e4e3f99e-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=99
GET H/1.1	200 OK	bootstrap-datetimepicker_4.7.14a.js Show response beds24.com/include/bootstrap/eonasdan/	77 KB 13 KB	160ms 41ms	Script application/javascript	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/bootstrap/eonasdan/bootstrap-datetimepicker_4.7.14a.js Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash `2a3ba1355d5b18ac1072db9e305d93a63f0e77edbb89ac4b0440c0426fc89d7d` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 12:46:47 GMT Content-Encoding gzip Last-Modified Wed, 07 Dec 2022 08:48:38 GMT Server Apache ETag "13579-5ef38fc910150-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=99 Content-Length 12821
GET H/1.1	200 OK	bootstrap-switch.css beds24.com/include/bootstrap/bootstrap-switch-master/dist/css/bootstrap3/	7 KB 2 KB	93ms 59ms	Stylesheet text/css	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/bootstrap/bootstrap-switch-master/dist/css/bootstrap3/bootstrap-switch.css Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash `f72f31cdf00b756b41e027aa39f9164006c78efe8d8821da36dfbb9cbdad4b7b` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 12:46:47 GMT Content-Encoding gzip Last-Modified Wed, 10 Jun 2015 16:49:52 GMT Server Apache ETag "1b4d-5182ca9ec0c00-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=100 Content-Length 1464
GET H/1.1	200 OK	bootstrap-switch.js Show response beds24.com/include/bootstrap/bootstrap-switch-master/dist/js/	25 KB 4 KB	161ms 43ms	Script application/javascript	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/bootstrap/bootstrap-switch-master/dist/js/bootstrap-switch.js Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash `79cc1f5bd5db7efb72e2be5320e00eb4dfda322a2bbd83297d2d8e83a1f61d6b` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 12:46:47 GMT Content-Encoding gzip Last-Modified Wed, 10 Jun 2015 16:49:51 GMT Server Apache ETag "63ba-5182ca9dcc9c0-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=99 Content-Length 4018
GET H/1.1	200 OK	booking3.css beds24.com/include/	33 KB 7 KB	94ms 61ms	Stylesheet text/css	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/booking3.css Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash `13338b69c843697da0168d316390279ed80eefdf929336ceae753a4cedfbbc90` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 12:46:47 GMT Content-Encoding gzip Last-Modified Sun, 24 Apr 2022 10:27:04 GMT Server Apache ETag "829a-5dd63e69e14b9-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=100 Content-Length 7019
GET H3	200	11.400.png media.xmlcal.com/pic/p0012/9788/	381 KB 382 KB	157ms 103ms	Image image/png	172.67.158.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.xmlcal.com/pic/p0012/9788/11.400.png Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8927936af9b56097c53054ab628c4cc14ed2d54d2fb20f195289f57372607a18` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 12:46:47 GMT cf-cache-status REVALIDATED last-modified Wed, 24 Feb 2021 15:19:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5f5b7-5bc16916f6dbe" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F6Sz4tUE%2FPA1nD3mZd1HYmWApePW4VXDzlx2B9wnHXmt9e%2FzpNLqWZlAG6r%2F8iRxW6Dcksay6tx7QECn6mGmNxLIzXnp7XdwjPYesMZZkdLYRpUtsSyDTpeCaMwkXSFRW%2F0Y"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 899d4d59d855913a-FRA alt-svc h3=":443"; ma=86400 content-length 390583
GET H3	200	12.400.png media.xmlcal.com/pic/p0012/9788/	333 KB 333 KB	84ms 42ms	Image image/png	172.67.158.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.xmlcal.com/pic/p0012/9788/12.400.png Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f29bd2731b6dfb8727b6415568340657f610afea79aec2d90ade6001da8158c6` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 12:46:47 GMT cf-cache-status REVALIDATED last-modified Wed, 24 Feb 2021 15:19:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5326e-5bc16916cfcbd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RLiw5wkVIeqvp5srSgekVo%2BA9c66ToQ9ppmRd2tF9lY%2Bdq3vrz82PhK0EvahKWIz5oy44fCer3Iz5gNakpfmMiwC4HcVieoqhh4QIFcb1rJj9Sa0gee5NE7VDy2rIKRkQuBT"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 899d4d59d846913a-FRA alt-svc h3=":443"; ma=86400 content-length 340590
GET H3	200	14.400.png media.xmlcal.com/pic/p0012/9788/	433 KB 433 KB	84ms 71ms	Image image/png	172.67.158.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.xmlcal.com/pic/p0012/9788/14.400.png Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `26683c59ef5d227880329678d82c3e23782ed1367f7895d077f869afbb326f34` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 12:46:47 GMT cf-cache-status REVALIDATED last-modified Wed, 24 Feb 2021 15:19:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6c3c8-5bc16916cdd7d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opuZJ1hMbQnrEeBCTfyFetGsOUdovpgFX8soZH2IFE2YS9pOxojcE8aPf9ax8fMV0dw2Cip6hTpkNPE%2BDueDiNf8LBeWknPhvkaKJ1c9LtAvPdsZ%2FIMCOeitkmwYchh8YShX"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 899d4d5a795d913a-FRA alt-svc h3=":443"; ma=86400 content-length 443336
GET H3	200	16.400.png media.xmlcal.com/pic/p0012/9788/	387 KB 388 KB	104ms 93ms	Image image/png	172.67.158.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.xmlcal.com/pic/p0012/9788/16.400.png Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7d0c7405964b2cf47343bcd152afcbfb30f89e7502b517600882385e3405ac59` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 12:46:47 GMT cf-cache-status REVALIDATED last-modified Wed, 24 Feb 2021 15:19:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "60c9d-5bc16916d5a7d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tBloYxErvGNXso7BHij2ydiTcc5AJQ54rEEpBvk8YXQP7uTtVZnhH2Hw5vE5tHEiFo29miq5S0%2FC5rxnW6QI54S7GpZyJklH56DPuIVUw1MCNLDdkqp7DZuoat7HnTLvr887"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 899d4d5a7960913a-FRA alt-svc h3=":443"; ma=86400 content-length 396445
GET H3	200	15.400.png media.xmlcal.com/pic/p0012/9788/	390 KB 391 KB	115ms 104ms	Image image/png	172.67.158.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.xmlcal.com/pic/p0012/9788/15.400.png Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `198741ab2094dfb4156838a5b13a25fe8daed73eb2444744c68c8414ecf786f1` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 12:46:47 GMT cf-cache-status REVALIDATED last-modified Wed, 24 Feb 2021 15:19:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "618cb-5bc16916d0c5d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2Fmr8wOuftIbAP28vP0YS4H10feLu5kr94ZlwcwgN7uvxdWAUK5GDWBdN7iUEIvY7dGy%2FEIuOgLP53bJDODV1QUZ5fq%2FRElAY5WEMIkw0hnviYfqg7UXUjpNIsRzdFFgpxF%2F"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 899d4d5a7963913a-FRA alt-svc h3=":443"; ma=86400 content-length 399563
GET H3	200	17.400.png media.xmlcal.com/pic/p0012/9788/	290 KB 291 KB	133ms 123ms	Image image/png	172.67.158.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.xmlcal.com/pic/p0012/9788/17.400.png Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ca0b30e0203407f8998a58d86081f33e0e95d249ce61e36871230c38f198f652` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 12:46:47 GMT cf-cache-status MISS last-modified Wed, 24 Feb 2021 15:19:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "488c6-5bc16916d2b9d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vp3GWGOv5mZxyCeyVr3WVTQIiuSPLzhtH4iUJ2mrUJUaPQZ5cQeTG0g2CFyyEMQX0JE4p%2BRxuDKdLAwF496ztMcb%2B2PUs%2FJnSRJ9L4NtjV29b8YiNZLK7VI2C2qM2OL1%2B1fY"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 899d4d5a7969913a-FRA alt-svc h3=":443"; ma=86400 content-length 297158
GET H3	200	18.400.png media.xmlcal.com/pic/p0012/9788/	288 KB 288 KB	149ms 139ms	Image image/png	172.67.158.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.xmlcal.com/pic/p0012/9788/18.400.png Requested by Host: beds24.com URL: https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d74a49032c61fabab9b59e154d7b4ec9fe1c0777a5cf8d612d824887e318f6dd` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 12:46:47 GMT cf-cache-status REVALIDATED last-modified Wed, 24 Feb 2021 15:19:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "47f45-5bc1691727aff" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IU3AT4D84DPvAtPUEI4geJOpHCJiaM49MH%2Bbi9sEBsfURYOlp4p340eUufBjjb7RFXzKOHF8%2FW6sQYHBCgUio7SGCZKyubxxwNvr%2FaA11pa81c2a7xQHRwTxQQuzG8PeA5h7"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 899d4d5a796a913a-FRA alt-svc h3=":443"; ma=86400 content-length 294725
GET H/1.1	200 OK	glyphicons-halflings-regular.woff2 beds24.com/include/bootstrap/3.3.4/fonts/	18 KB 18 KB	60ms 33ms	Font application/octet-stream	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/include/bootstrap/3.3.4/fonts/glyphicons-halflings-regular.woff2 Requested by Host: beds24.com URL: https://beds24.com/include/bootstrap/3.3.4/css/bootstrap.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash `fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/include/bootstrap/3.3.4/css/bootstrap.min.css Origin https://beds24.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 12:46:47 GMT Last-Modified Mon, 13 Apr 2015 09:55:12 GMT Server Apache ETag "466c-513981c29a000" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=98 Content-Length 18028
POST H/1.1	200 OK	getroomprice.php Show response beds24.com/api/ajax/	82 KB 2 KB	365ms 365ms	XHR text/html	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/api/ajax/getroomprice.php?ci=2024-6-26&co=2024-6-27&na=undefined&nc=undefined&pt=0&la=de&cu= Requested by Host: beds24.com URL: https://beds24.com/include/jquery/jquery-1.12.4.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash `ae5e2cc45ffd141e62ec0505a087ecd072f303d0665fc71c1b3a445e1ed21728` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept / Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Wed, 26 Jun 2024 12:46:47 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=3, max=97 Content-Length 1749 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	favicon2.ico beds24.com/	1 KB 1 KB	43ms 37ms	Other image/vnd.microsoft.icon	195.201.74.20 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://beds24.com/favicon2.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.74.20 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mail.beds24.com Software Apache / Resource Hash `fecd8be36e50bff02adb8e511ba83f34415c37bb202429c700f6a1003a7a882d` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://beds24.com/booking2.php?propid=129788&numadult=1&advancedays=0&referer=iframe Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 26 Jun 2024 12:46:47 GMT Last-Modified Wed, 23 Oct 2019 10:55:40 GMT Server Apache ETag "47e-59591c1f86f11" Content-Type image/vnd.microsoft.icon Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=98 Content-Length 1150

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.beds24.com/	1969-12-31 23:59:59	Name: booking Value: ngq1j0b9q5ig9bvde917cgbho1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beds24.com
media.xmlcal.com
pilgrims.ostblox.de
172.67.158.119
188.34.201.206
195.201.74.20
13338b69c843697da0168d316390279ed80eefdf929336ceae753a4cedfbbc90
198741ab2094dfb4156838a5b13a25fe8daed73eb2444744c68c8414ecf786f1
26683c59ef5d227880329678d82c3e23782ed1367f7895d077f869afbb326f34
2a3ba1355d5b18ac1072db9e305d93a63f0e77edbb89ac4b0440c0426fc89d7d
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68c07561be99167a127eacafffb306c05e4509486dcd215c5bc0caa9de9aeb1d
75c3a31595773ce744ab9e377ed66c569c93df35d333bcefe5a276ef227cbab2
79cc1f5bd5db7efb72e2be5320e00eb4dfda322a2bbd83297d2d8e83a1f61d6b
7d0c7405964b2cf47343bcd152afcbfb30f89e7502b517600882385e3405ac59
8927936af9b56097c53054ab628c4cc14ed2d54d2fb20f195289f57372607a18
a16b31819084e06fc2ab4e643204414ac0c23e8065758d657df9ca040ad051a9
ae5e2cc45ffd141e62ec0505a087ecd072f303d0665fc71c1b3a445e1ed21728
ca0b30e0203407f8998a58d86081f33e0e95d249ce61e36871230c38f198f652
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d74a49032c61fabab9b59e154d7b4ec9fe1c0777a5cf8d612d824887e318f6dd
f29bd2731b6dfb8727b6415568340657f610afea79aec2d90ade6001da8158c6
f72f31cdf00b756b41e027aa39f9164006c78efe8d8821da36dfbb9cbdad4b7b
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fecd8be36e50bff02adb8e511ba83f34415c37bb202429c700f6a1003a7a882d

beds24.com Open in urlscan Pro 195.201.74.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

90 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

2738 kBTransfer

3846 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

1 Cookies

Indicators

beds24.com Open in urlscan Pro
195.201.74.20 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2738 kB
Transfer

3846 kB
Size

1
Cookies

21 HTTP transactions
0 data transactions