best-western-hotel-booking-scam.com Open in urlscan Pro
31.15.10.30  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response best-western-hotel-booking-scam.com/	117 KB 17 KB	283ms 36ms	Document text/html	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Full URL https://best-western-hotel-booking-scam.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash 4f8a5cc374773b6bca878d9742e34e5e35aabf931872955bbb929f753bb05008 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html date Thu, 20 Jul 2023 08:45:34 GMT etag W/"64b6ada3-1d554" last-modified Tue, 18 Jul 2023 15:20:03 GMT server nginx
GET H2	200	4ffcc92f579d1beb69f4a04b9b75e326.css best-western-hotel-booking-scam.com/ws/bundles/css/	293 KB 46 KB	39ms 39ms	Stylesheet text/css	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Full URL https://best-western-hotel-booking-scam.com/ws/bundles/css/4ffcc92f579d1beb69f4a04b9b75e326.css Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash 89bd5c7678f6d9a5830e6858e0f6f40c67dfab5ace2ea35c214156cd3f34db4e Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:34 GMT content-encoding gzip last-modified Tue, 18 Jul 2023 14:51:42 GMT server nginx etag W/"64b6a6fe-4922c" content-type text/css
GET H2	200	logo.ws-intense-next-music-tutoring.svg best-western-hotel-booking-scam.com/ws/globals/business-logo/images/	1 KB 1 KB	71ms 70ms	Image image/svg+xml	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Show image Full URL https://best-western-hotel-booking-scam.com/ws/globals/business-logo/images/logo.ws-intense-next-music-tutoring.svg Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash ffdd78ee87a89439ed88fc31f75dcf8065174bc218b49a73f1d01f5981a18736 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:34 GMT last-modified Tue, 18 Jul 2023 14:27:24 GMT server nginx accept-ranges bytes etag "64b6a14c-4c5" content-length 1221 content-type image/svg+xml
GET H2	200	230702---best-western-complaint.webp best-western-hotel-booking-scam.com/ws/media-library/6df4c63f7bc34ceb8ee5fc17977a9aa7/	83 KB 83 KB	71ms 71ms	Image image/webp	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Show image Full URL https://best-western-hotel-booking-scam.com/ws/media-library/6df4c63f7bc34ceb8ee5fc17977a9aa7/230702---best-western-complaint.webp Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash c173b49c7e75c8c4925ad994d28e649da5c916ce22fa702df5af9eef539e3d77 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:34 GMT last-modified Tue, 18 Jul 2023 15:15:54 GMT server nginx accept-ranges bytes etag "64b6acaa-14b52" content-length 84818 content-type image/webp
GET H2	200	7a353a8ea5053dc3cc5824cb5801836f.js Show response best-western-hotel-booking-scam.com/ws/bundles/js/	266 KB 267 KB	71ms 71ms	Script application/javascript	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Full URL https://best-western-hotel-booking-scam.com/ws/bundles/js/7a353a8ea5053dc3cc5824cb5801836f.js Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash cca07e494754388fa9c2e703bdfa3152e30b2dd150e4a48ebcde11b8838a0677 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:34 GMT last-modified Tue, 18 Jul 2023 15:17:08 GMT server nginx accept-ranges bytes etag "64b6acf4-429ed" content-length 272877 content-type application/javascript
GET H2	200	webfontloader.js Show response cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/	12 KB 5 KB	142ms 47ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 573373 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 4420 last-modified Mon, 04 May 2020 16:17:52 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb04030-30d9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krdcLWfstokQ6lmpqDtqDg5JoYNoKNXMj5Hl%2FJ6Yc%2FFwwnAcSb%2FwMN%2FdbIljRnAD6t6izi6AZ0KOFk4GKCMG1c0C2WnYkKEibtzxSMKzoWWO3nUJWOacGM443sxycbUd5Xjzbw%2BOxXqonRwz0%2FGcdEFj"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7e99edc78cf9383d-FRA expires Tue, 09 Jul 2024 08:45:35 GMT
GET DATA	200 OK	truncated /	369 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0648f8e0bc7527c2e2cd9982eaa33f4a5d721b3b598c91a39afecd282dffa08d Request headers Referer Origin https://best-western-hotel-booking-scam.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	186 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 85d5d2abc807c98fcb497b31be2eaaa3ad98a2434cc81d7ebdaa5d49266cbccb Request headers Referer Origin https://best-western-hotel-booking-scam.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	man-2713.ws-intense-next-music-tutoring.svg Show response best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/	1 KB 1 KB	38ms 36ms	Fetch image/svg+xml	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Full URL https://best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/man-2713.ws-intense-next-music-tutoring.svg Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ws/bundles/js/7a353a8ea5053dc3cc5824cb5801836f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash 261237d7b4ec9f9f33d68bb53a9f68f48cf6655263a5a0d99c73a34fbe84349a Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:35 GMT last-modified Tue, 18 Jul 2023 15:17:07 GMT server nginx accept-ranges bytes etag "64b6acf3-521" content-length 1313 content-type image/svg+xml
GET H2	200	man-2713.ws-intense-next-music-tutoring.svg Show response best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/	1 KB 1 KB	39ms 36ms	Fetch image/svg+xml	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Full URL https://best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/man-2713.ws-intense-next-music-tutoring.svg Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ws/bundles/js/7a353a8ea5053dc3cc5824cb5801836f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash 261237d7b4ec9f9f33d68bb53a9f68f48cf6655263a5a0d99c73a34fbe84349a Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:35 GMT last-modified Tue, 18 Jul 2023 15:17:07 GMT server nginx accept-ranges bytes etag "64b6acf3-521" content-length 1313 content-type image/svg+xml
GET H2	200	bank-cards-2270.ws-intense-next-music-tutoring.svg Show response best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/	971 B 1 KB	39ms 37ms	Fetch image/svg+xml	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Full URL https://best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/bank-cards-2270.ws-intense-next-music-tutoring.svg Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ws/bundles/js/7a353a8ea5053dc3cc5824cb5801836f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash 4f0a4e18d3fc07af92363768f6a44ce4f5c8ee711b94131b581fbd9fee8f0668 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:35 GMT last-modified Tue, 18 Jul 2023 15:17:07 GMT server nginx accept-ranges bytes etag "64b6acf3-3cb" content-length 971 content-type image/svg+xml
GET H2	200	bank-cards-2270.ws-intense-next-music-tutoring.svg Show response best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/	971 B 1 KB	39ms 37ms	Fetch image/svg+xml	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Full URL https://best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/bank-cards-2270.ws-intense-next-music-tutoring.svg Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ws/bundles/js/7a353a8ea5053dc3cc5824cb5801836f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash 4f0a4e18d3fc07af92363768f6a44ce4f5c8ee711b94131b581fbd9fee8f0668 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:35 GMT last-modified Tue, 18 Jul 2023 15:17:07 GMT server nginx accept-ranges bytes etag "64b6acf3-3cb" content-length 971 content-type image/svg+xml
GET H2	200	bank-cards-2270.ws-intense-next-music-tutoring.svg Show response best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/	971 B 1 KB	39ms 38ms	Fetch image/svg+xml	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Full URL https://best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/bank-cards-2270.ws-intense-next-music-tutoring.svg Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ws/bundles/js/7a353a8ea5053dc3cc5824cb5801836f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash 4f0a4e18d3fc07af92363768f6a44ce4f5c8ee711b94131b581fbd9fee8f0668 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:35 GMT last-modified Tue, 18 Jul 2023 15:17:07 GMT server nginx accept-ranges bytes etag "64b6acf3-3cb" content-length 971 content-type image/svg+xml
GET H2	200	bank-cards-2270.ws-intense-next-music-tutoring.svg Show response best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/	971 B 1 KB	40ms 38ms	Fetch image/svg+xml	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Full URL https://best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/bank-cards-2270.ws-intense-next-music-tutoring.svg Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ws/bundles/js/7a353a8ea5053dc3cc5824cb5801836f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash 4f0a4e18d3fc07af92363768f6a44ce4f5c8ee711b94131b581fbd9fee8f0668 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:35 GMT last-modified Tue, 18 Jul 2023 15:17:07 GMT server nginx accept-ranges bytes etag "64b6acf3-3cb" content-length 971 content-type image/svg+xml
GET H2	200	bank-cards-2270.ws-intense-next-music-tutoring.svg Show response best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/	971 B 1 KB	40ms 38ms	Fetch image/svg+xml	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Full URL https://best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/bank-cards-2270.ws-intense-next-music-tutoring.svg Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ws/bundles/js/7a353a8ea5053dc3cc5824cb5801836f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash 4f0a4e18d3fc07af92363768f6a44ce4f5c8ee711b94131b581fbd9fee8f0668 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:35 GMT last-modified Tue, 18 Jul 2023 15:17:07 GMT server nginx accept-ranges bytes etag "64b6acf3-3cb" content-length 971 content-type image/svg+xml
GET H2	200	bank-cards-2270.ws-intense-next-music-tutoring.svg Show response best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/	971 B 1 KB	40ms 39ms	Fetch image/svg+xml	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Full URL https://best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/bank-cards-2270.ws-intense-next-music-tutoring.svg Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ws/bundles/js/7a353a8ea5053dc3cc5824cb5801836f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash 4f0a4e18d3fc07af92363768f6a44ce4f5c8ee711b94131b581fbd9fee8f0668 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:35 GMT last-modified Tue, 18 Jul 2023 15:17:07 GMT server nginx accept-ranges bytes etag "64b6acf3-3cb" content-length 971 content-type image/svg+xml
GET H2	200	bank-cards-2270.ws-intense-next-music-tutoring.svg Show response best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/	971 B 1 KB	40ms 39ms	Fetch image/svg+xml	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Full URL https://best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/bank-cards-2270.ws-intense-next-music-tutoring.svg Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ws/bundles/js/7a353a8ea5053dc3cc5824cb5801836f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash 4f0a4e18d3fc07af92363768f6a44ce4f5c8ee711b94131b581fbd9fee8f0668 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:35 GMT last-modified Tue, 18 Jul 2023 15:17:07 GMT server nginx accept-ranges bytes etag "64b6acf3-3cb" content-length 971 content-type image/svg+xml
GET H2	200	bank-cards-2270.ws-intense-next-music-tutoring.svg Show response best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/	971 B 1 KB	40ms 39ms	Fetch image/svg+xml	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Full URL https://best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/bank-cards-2270.ws-intense-next-music-tutoring.svg Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ws/bundles/js/7a353a8ea5053dc3cc5824cb5801836f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash 4f0a4e18d3fc07af92363768f6a44ce4f5c8ee711b94131b581fbd9fee8f0668 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:35 GMT last-modified Tue, 18 Jul 2023 15:17:07 GMT server nginx accept-ranges bytes etag "64b6acf3-3cb" content-length 971 content-type image/svg+xml
GET H2	200	bank-cards-2270.ws-intense-next-music-tutoring.svg Show response best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/	971 B 1 KB	73ms 72ms	Fetch image/svg+xml	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Full URL https://best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/bank-cards-2270.ws-intense-next-music-tutoring.svg Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ws/bundles/js/7a353a8ea5053dc3cc5824cb5801836f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash 4f0a4e18d3fc07af92363768f6a44ce4f5c8ee711b94131b581fbd9fee8f0668 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:35 GMT last-modified Tue, 18 Jul 2023 15:17:07 GMT server nginx accept-ranges bytes etag "64b6acf3-3cb" content-length 971 content-type image/svg+xml
GET H2	200	bank-cards-2270.ws-intense-next-music-tutoring.svg Show response best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/	971 B 1 KB	73ms 72ms	Fetch image/svg+xml	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Full URL https://best-western-hotel-booking-scam.com/ws/blocks/about-with-features/icons/bank-cards-2270.ws-intense-next-music-tutoring.svg Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ws/bundles/js/7a353a8ea5053dc3cc5824cb5801836f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash 4f0a4e18d3fc07af92363768f6a44ce4f5c8ee711b94131b581fbd9fee8f0668 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:35 GMT last-modified Tue, 18 Jul 2023 15:17:07 GMT server nginx accept-ranges bytes etag "64b6acf3-3cb" content-length 971 content-type image/svg+xml
GET DATA	200 OK	truncated /	44 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	z2xz7u1tsfo.webp best-western-hotel-booking-scam.com/ws/media-library/bfd46f1235244010bfeb5c832a4942f1/	50 KB 50 KB	36ms 36ms	Image image/webp	31.15.10.30 GLOBE-AS www.acti...
General Check archive.org Show headers Download Go to Show image Full URL https://best-western-hotel-booking-scam.com/ws/media-library/bfd46f1235244010bfeb5c832a4942f1/z2xz7u1tsfo.webp Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 31.15.10.30 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ), Reverse DNS yono1.active24.cz Software nginx / Resource Hash 7326090e203a2e8f09376075dcd762e59dad9b45f26632021aa797b6eca5137e Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:35 GMT last-modified Tue, 18 Jul 2023 14:27:23 GMT server nginx accept-ranges bytes etag "64b6a14b-c8f8" content-length 51448 content-type image/webp
GET H2	200	css fonts.sitebuilderhost.net/	11 KB 1 KB	601ms 434ms	Stylesheet text/css	2606:4700::6813:fa02 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.sitebuilderhost.net/css?family=Lato:400,400i,700,700i,900,900i|Playfair+Display:700,700i,900,900i&display=swap Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:fa02 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd8440e8281424ed0c28000cd6da8f2723ad9acd903d33d3148709638b092e19 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:35 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip cross-origin-resource-policy cross-origin x-xss-protection 0 last-modified Thu, 20 Jul 2023 08:45:35 GMT server cloudflare cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cf-ray 7e99edc8e9278fef-FRA expires Thu, 20 Jul 2023 08:45:35 GMT
GET H2	200	tracking-v2.js Show response analytics.yolacdn.net/	13 KB 6 KB	143ms 47ms	Script application/javascript	2606:4700::6812:6920 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://analytics.yolacdn.net/tracking-v2.js Requested by Host: best-western-hotel-booking-scam.com URL: https://best-western-hotel-booking-scam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:6920 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27f15bee126b425173fe08f2a1ead52e5fb8b4c1a96801f34ab4dc82c15eccf8 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:36 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 26 Jun 2023 14:00:24 GMT server cloudflare age 3159 etag W/"649999f8-343b" vary Accept-Encoding content-type application/javascript cache-control max-age=7200, public cf-ray 7e99edcc3f0668e9-FRA alt-svc h3=":443"; ma=86400
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.sitebuilderhost.net/fonts/s/lato/v24/	23 KB 23 KB	137ms 54ms	Font font/woff2	2606:4700::6813:fa02 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.sitebuilderhost.net/fonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.sitebuilderhost.net URL: https://fonts.sitebuilderhost.net/css?family=Lato:400,400i,700,700i,900,900i|Playfair+Display:700,700i,900,900i&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:fa02 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.sitebuilderhost.net/css?family=Lato:400,400i,700,700i,900,900i|Playfair+Display:700,700i,900,900i&display=swap Origin https://best-western-hotel-booking-scam.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:36 GMT x-content-type-options nosniff cf-cache-status HIT age 90515 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin content-length 23580 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:22 GMT server cloudflare cross-origin-opener-policy same-origin; report-to="apps-themes" vary Accept-Encoding report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cf-ray 7e99edcc29969048-FRA expires Thu, 11 Jul 2024 22:37:53 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.sitebuilderhost.net/fonts/s/lato/v24/	23 KB 23 KB	128ms 48ms	Font font/woff2	2606:4700::6813:fa02 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.sitebuilderhost.net/fonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.sitebuilderhost.net URL: https://fonts.sitebuilderhost.net/css?family=Lato:400,400i,700,700i,900,900i|Playfair+Display:700,700i,900,900i&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:fa02 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.sitebuilderhost.net/css?family=Lato:400,400i,700,700i,900,900i|Playfair+Display:700,700i,900,900i&display=swap Origin https://best-western-hotel-booking-scam.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:36 GMT x-content-type-options nosniff cf-cache-status HIT age 90515 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin content-length 23040 x-xss-protection 0 last-modified Tue, 02 May 2023 15:07:25 GMT server cloudflare cross-origin-opener-policy same-origin; report-to="apps-themes" vary Accept-Encoding report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cf-ray 7e99edcc29979048-FRA expires Thu, 11 Jul 2024 22:58:33 GMT
GET H2	200	nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 fonts.sitebuilderhost.net/fonts/s/playfairdisplay/v30/	35 KB 35 KB	168ms 89ms	Font font/woff2	2606:4700::6813:fa02 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.sitebuilderhost.net/fonts/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 Requested by Host: fonts.sitebuilderhost.net URL: https://fonts.sitebuilderhost.net/css?family=Lato:400,400i,700,700i,900,900i|Playfair+Display:700,700i,900,900i&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:fa02 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.sitebuilderhost.net/css?family=Lato:400,400i,700,700i,900,900i|Playfair+Display:700,700i,900,900i&display=swap Origin https://best-western-hotel-booking-scam.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:36 GMT x-content-type-options nosniff cf-cache-status HIT age 90515 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin content-length 35764 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:06:36 GMT server cloudflare cross-origin-opener-policy same-origin; report-to="apps-themes" vary Accept-Encoding report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cf-ray 7e99edcc29989048-FRA expires Thu, 11 Jul 2024 23:01:35 GMT
GET H2	200	LoggingAgent Show response pixel.yola.com/LoggingAgent/	12 B 407 B	520ms 424ms	Script application/x-javascript	2606:4700::6811:d365 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yola.com/LoggingAgent/LoggingAgent?url=//best-western-hotel-booking-scam.com/&pagename=index&siteid=11ee25767f248bea80f5551e59595564&resolution=1600x1200&colorDepth=24&flash=0&java=0&sitereferer=&visitorId=CA5D9700-BC40-0001-BB51-16A61BAB1D90&visitId=CA5D9700-BC40-0001-79CB-A3E01FB637F0&user_id=f974b237776f46de958dd382f5c641c1&partner_id=WL_LOOPIA&LoggingAgentReturnType=script Requested by Host: analytics.yolacdn.net URL: https://analytics.yolacdn.net/tracking-v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:d365 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9cca325e1db08583f7d7c9ff4012d2fd9ee24a62ac3a54dccc71673f137a6244 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Thu, 20 Jul 2023 08:45:36 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/x-javascript cf-ray 7e99edcd2df01e45-FRA expires -1
GET H2	200	sw.js Show response analytics.sitewit.com/partner/ns/yolastats/yola/11ee25767f248bea80f5551e59595564/	20 KB 21 KB	372ms 118ms	Script text/javascript	2600:1f18:243f:2d01:3347:7edc:bfd:fc2b AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://analytics.sitewit.com/partner/ns/yolastats/yola/11ee25767f248bea80f5551e59595564/sw.js Requested by Host: analytics.yolacdn.net URL: https://analytics.yolacdn.net/tracking-v2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:243f:2d01:3347:7edc:bfd:fc2b Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash dcfd3f7634b883aff23f6bd744c22a5406675d5b739c23f9f8eab363a31291e3 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers content-type text/javascript; charset=utf-8 date Thu, 20 Jul 2023 08:45:36 GMT cache-control private,no-cache server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 content-length 20662 p3p CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
GET H2	200	sw_connect.js Show response connect.sitewit.com/js/11EE25767F248BEA80F5551E59595564/	32 B 656 B	377ms 119ms	Script text/javascript	34.193.246.210 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://connect.sitewit.com/js/11EE25767F248BEA80F5551E59595564/sw_connect.js?ispartner=yola&ns=yolastats Requested by Host: analytics.sitewit.com URL: https://analytics.sitewit.com/partner/ns/yolastats/yola/11ee25767f248bea80f5551e59595564/sw.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.246.210 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-246-210.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / Resource Hash 7ba60db4e4c1bf698247d9873e3bf61ebe517f299773270d4d40789be29d0d4e Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers content-type text/javascript; charset=utf-8 date Thu, 20 Jul 2023 08:45:36 GMT cache-control private server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 content-length 32 p3p CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
GET H2	200	cq_blank.gif analytics.sitewit.com/images/	35 B 624 B	117ms 117ms	Image image/gif	2600:1f18:243f:2d01:3347:7edc:bfd:fc2b AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.sitewit.com/images/cq_blank.gif?_sw_yolaid=11EE25767F248BEA80F5551E59595564&_sw_uid=4c8ee132-2409-4dc3-a90a-13d8854d7ed6&_sw_fp=2bf5fdaea59776be3d663b5db0ec777a39db436e&_sw_pl=306&_sw_pc=3&_sw_dat=MXxiZXN0LXdlc3Rlcm4taG90ZWwtYm9va2luZy1zY2FtLmNvbXxodHRwczovL2Jlc3Qtd2VzdGVybi1ob3RlbC1ib29raW5nLXNjYW0uY29tL3xlbi1VU3wxNjAwfDEyMDB8MjR8Q2hyb21lLzExNS4wLjU3OTAuOTh8eDY0fDF8MHwxfDB8LXx8LXwtfC18MmEwMTo0YTA6MTMzODo5Mjo6Nnww&to=562 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:243f:2d01:3347:7edc:bfd:fc2b Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language de-DE,de;q=0.9 Referer https://best-western-hotel-booking-scam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 08:45:36 GMT last-modified Thu, 24 Jun 2010 20:21:15 GMT server Microsoft-IIS/10.0 etag "9f8deacbda13cb1:0" content-type image/gif p3p CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml" cache-control no-cache accept-ranges bytes content-length 35

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| WebFontConfig object| webpackJsonp object| _yts object| tracking_tag object| WebFont function| UUID function| createCookie function| readCookie function| getPageName function| pmv_getUrlStat function| _pmv_src function| _pmv_log_sync function| load_script function| _ysw object| swfobject string| visitorId object| uuid string| visitId string| pmv_jav string| pmv_cookie string| pmv_fla object| pmv_do string| pmv_rtu string| pmv_logging_location object| x object| _sw_b6 function| _swInitPageRegister function| _sw_analytics function| _sw_cookie function| _sw_user_info function| _sw_hit_info function| _sw_item function| _sw_transaction function| _sw_crypto object| yolastats object| uapl string| enctype object| oa string| vers string| osv number| c2 number| c1

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			best-western-hotel-booking-scam.com/	1970-01-20 22:09:38	Name: synthasiteVisitorId Value: CA5D9700-BC40-0001-BB51-16A61BAB1D90
			best-western-hotel-booking-scam.com/	1970-01-20 13:24:03	Name: synthasiteVisitId Value: CA5D9700-BC40-0001-79CB-A3E01FB637F0
			.best-western-hotel-booking-scam.com/	1970-01-20 23:00:02	Name: _swa_u Value: 4c8ee132-2409-4dc3-a90a-13d8854d7ed6
			.yola.com/	1970-01-20 13:24:04	Name: __cf_bm Value: Duy2UyY032IO3ytJxnSgOjfQxbaGVmOXeKvNeDv9FI8-1689842736-0-AQoAQYkkt7erwvPFAOznqxx6QgkZceqR0tyGldRZEgEk5y0aepMRWUOmpfvwQceV0HTRP4jPj09mZFs67MGQVu1J2yZla4gZtWLg2tMIPWq5
			analytics.sitewit.com/	1970-01-20 13:34:07	Name: AWSALBCORS Value: xZtnkM+Cp67SjBChPE29PzUxJ1cXp2S1oLd8nAehWg0/bU4qSONbNuYUZIBVdDYJsSWoG4DgxY0eANrazPFauKekqKyHgq7NnB1NCneIIueqh8cBixKHcLnKD6Ky
			connect.sitewit.com/	1970-01-20 13:34:07	Name: AWSALBCORS Value: bVO40+yvqcAuIKXdfwnBcoL3vniRr3sQXanDjbebFqH/6xfVjIn0AoAUjN0B68BU6hjHTRxg9N1hSjGXi8MC+yoyKd6wlREPZcG/36IBoBuGgVDNZ/vNPqUg30Gt

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.sitewit.com
analytics.yolacdn.net
best-western-hotel-booking-scam.com
cdnjs.cloudflare.com
connect.sitewit.com
fonts.sitebuilderhost.net
pixel.yola.com
2600:1f18:243f:2d01:3347:7edc:bfd:fc2b
2606:4700::6811:180e
2606:4700::6811:d365
2606:4700::6812:6920
2606:4700::6813:fa02
31.15.10.30
34.193.246.210
0648f8e0bc7527c2e2cd9982eaa33f4a5d721b3b598c91a39afecd282dffa08d
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
261237d7b4ec9f9f33d68bb53a9f68f48cf6655263a5a0d99c73a34fbe84349a
27f15bee126b425173fe08f2a1ead52e5fb8b4c1a96801f34ab4dc82c15eccf8
4f0a4e18d3fc07af92363768f6a44ce4f5c8ee711b94131b581fbd9fee8f0668
4f8a5cc374773b6bca878d9742e34e5e35aabf931872955bbb929f753bb05008
7326090e203a2e8f09376075dcd762e59dad9b45f26632021aa797b6eca5137e
7ba60db4e4c1bf698247d9873e3bf61ebe517f299773270d4d40789be29d0d4e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85d5d2abc807c98fcb497b31be2eaaa3ad98a2434cc81d7ebdaa5d49266cbccb
89bd5c7678f6d9a5830e6858e0f6f40c67dfab5ace2ea35c214156cd3f34db4e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9cca325e1db08583f7d7c9ff4012d2fd9ee24a62ac3a54dccc71673f137a6244
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c173b49c7e75c8c4925ad994d28e649da5c916ce22fa702df5af9eef539e3d77
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cca07e494754388fa9c2e703bdfa3152e30b2dd150e4a48ebcde11b8838a0677
cd8440e8281424ed0c28000cd6da8f2723ad9acd903d33d3148709638b092e19
dcfd3f7634b883aff23f6bd744c22a5406675d5b739c23f9f8eab363a31291e3
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
ffdd78ee87a89439ed88fc31f75dcf8065174bc218b49a73f1d01f5981a18736