www.booking.dxr.cloud

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 185.107.229.1, located in United Kingdom and belongs to UK-DAO, GB. The main domain is www.booking.dxr.cloud.
TLS certificate: Issued by R10 on June 8th 2024. Valid for: 3 months.

This is the only time www.booking.dxr.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	185.107.229.1 185.107.229.1	200418 (UK-DAO) (UK-DAO)
2	185.107.230.14 185.107.230.14	200418 (UK-DAO) (UK-DAO)
2	185.34.173.173 185.34.173.173	60200 (VCC-UK) (VCC-UK)
6	3

2 185.107.229.1 (United Kingdom)

ASN200418 (UK-DAO, GB)
PTR: thehuracanfoundation.org

www.booking.dxr.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.107.230.14 (United Kingdom)

ASN200418 (UK-DAO, GB)
PTR: obfa.fantasticservices.com

obfa.fantasticservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.34.173.173 (United Kingdom)

ASN60200 (VCC-UK, GB)
PTR: login.fantasticxrm.com

login.fantasticxrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	fantasticxrm.com login.fantasticxrm.com	864 B
2	fantasticservices.com obfa.fantasticservices.com	59 KB
2	dxr.cloud www.booking.dxr.cloud	6 KB
6	3

	Domain	Requested by
2	login.fantasticxrm.com	obfa.fantasticservices.com
2	obfa.fantasticservices.com	www.booking.dxr.cloud obfa.fantasticservices.com
2	www.booking.dxr.cloud
6	3

This site contains no links.

Subject Issuer	Validity	Valid
booking.dxr.cloud R10	`2024-06-08` - `2024-09-06`	3 months	crt.sh
*.fantasticservices.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-07` - `2024-09-06`	a year	crt.sh
*.fantasticxrm.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-26` - `2024-07-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.booking.dxr.cloud/
Frame ID: B02FEF89ADB4133B2053C1695DC0B37F
Requests: 4 HTTP requests in this frame

Frame: https://obfa.fantasticservices.com/index.html?cache=1721006008387&parentOrigin=https://www.booking.dxr.cloud
Frame ID: 045377E10997DA267A034E74E1DC243D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Booking Form

Page Statistics

6
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

66 kB
Transfer

245 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.booking.dxr.cloud/ 2 KB
1012 B 439ms
80ms Document
text/html 185.107.229.1
UK-DAO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.dxr.cloud/

Protocol

H2

Security

TLS 1.3, , CHACHA20_POLY1305

Server

185.107.229.1 , United Kingdom, ASN200418 (UK-DAO, GB),

Reverse DNS

thehuracanfoundation.org

Software

LiteSpeed / ClientsBG

Resource Hash

c4d4b05e58fa8580a6f2de4f61a8c9a1f31272b2495dd6cb8be90f2f978b317d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 674
content-type: text/html
date: Mon, 15 Jul 2024 01:13:27 GMT
last-modified: Wed, 29 May 2024 08:24:49 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-powered-by: ClientsBG
x-xss-protection: 1; mode=block

GET
H2 200 client.min.js Show response
obfa.fantasticservices.com/client/ 233 KB
59 KB 461ms
78ms Script
application/javascript 185.107.230.14
UK-DAO

General

Check archive.org

Show headers Download Go to

Full URL: https://obfa.fantasticservices.com/client/client.min.js?478057
Requested by: Host: www.booking.dxr.cloud
URL: https://www.booking.dxr.cloud/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.107.230.14 , United Kingdom, ASN200418 (UK-DAO, GB),
Reverse DNS: obfa.fantasticservices.com
Software: FantasticWebServer /
Resource Hash: d10e6e9ec1617c25ca74fa8ae70ade7ecfe0f15e375521bac2b6190487604c6c

Request headers

Referer: https://www.booking.dxr.cloud/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Jul 2024 01:13:28 GMT
content-encoding: br
last-modified: Wed, 03 Jul 2024 11:51:44 GMT
server: FantasticWebServer
etag: W/"66853b50-3a449"
vary: Accept-Encoding
node: FantasticBG01
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 interactions
login.fantasticxrm.com/api/v2/system/ Frame 0
0 355ms
100ms Preflight
application/json 185.34.173.173
VCC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://login.fantasticxrm.com/api/v2/system/interactions

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.34.173.173 , United Kingdom, ASN60200 (VCC-UK, GB),

Reverse DNS

login.fantasticxrm.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-application
Access-Control-Request-Method: POST
Origin: https://www.booking.dxr.cloud
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Authorization, X-Requested-With, X-Requested-With, X-Client-Token, Application, X-Application, X-Profile, X-Token, X-Client-Profile, X-XSRF-TOKEN, X-Device, X-Hotjar-Id, X-Request-Token, X-Last-Authorization, X-Date, X-Application-Build, X-React-Build, X-Gateway, X-Vsid, X-Language
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
active_node: node21.fantasticxrm.com
content-encoding: gzip
content-type: application/json; charset=UTF-8
date: Mon, 15 Jul 2024 01:13:28 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

POST
H2 200 interactions Show response
login.fantasticxrm.com/api/v2/system/ 167 B
864 B 116ms
114ms XHR
application/json 185.34.173.173
VCC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://login.fantasticxrm.com/api/v2/system/interactions

Requested by

Host: obfa.fantasticservices.com
URL: https://obfa.fantasticservices.com/client/client.min.js?478057

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.34.173.173 , United Kingdom, ASN60200 (VCC-UK, GB),

Reverse DNS

login.fantasticxrm.com

Software

nginx /

Resource Hash

24566e09534a477a6e723113e2b16b4c96b15130a4e1c6b80423e85b27de7bf3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Application: 011ubmkb2lzsi477grcisfel49szzncqfzxmjdtcs8cq51k6o46zz9u9r4p4msl8
Referer: https://www.booking.dxr.cloud/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Mon, 15 Jul 2024 01:13:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow, noindex, nofollow, nosnippet, noarchive
access-control-allow-headers: Content-Type, Accept, Authorization, X-Requested-With, X-Requested-With, X-Client-Token, Application, X-Application, X-Profile, X-Token, X-Client-Profile, X-XSRF-TOKEN, X-Device, X-Hotjar-Id, X-Request-Token, X-Last-Authorization, X-Date, X-Application-Build, X-React-Build, X-Gateway, X-Vsid, X-Language
active_node: node21.fantasticxrm.com
x-xss-protection: 1; mode=block

GET
H2 200 index.html
obfa.fantasticservices.com/ Frame 0453 0
0 234ms
80ms Document
text/html 185.107.230.14
UK-DAO

General

Check archive.org

Show headers Download Go to

Full URL: https://obfa.fantasticservices.com/index.html?cache=1721006008387&parentOrigin=https://www.booking.dxr.cloud
Requested by: Host: obfa.fantasticservices.com
URL: https://obfa.fantasticservices.com/client/client.min.js?478057
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.107.230.14 , United Kingdom, ASN200418 (UK-DAO, GB),
Reverse DNS: obfa.fantasticservices.com
Software: FantasticWebServer /
Resource Hash

Request headers

Referer: https://www.booking.dxr.cloud/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html
date: Mon, 15 Jul 2024 01:13:28 GMT
etag: W/"66853b50-2691"
last-modified: Wed, 03 Jul 2024 11:51:44 GMT
node: FantasticBG01
server: FantasticWebServer
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, nosnippet, noarchive

GET
H2 404 favicon.ico
www.booking.dxr.cloud/ 10 KB
5 KB 82ms
81ms Other
text/html 185.107.229.1
UK-DAO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.dxr.cloud/favicon.ico

Protocol

H2

Security

TLS 1.3, , CHACHA20_POLY1305

Server

185.107.229.1 , United Kingdom, ASN200418 (UK-DAO, GB),

Reverse DNS

thehuracanfoundation.org

Software

LiteSpeed / ClientsBG

Resource Hash

5424db3bd5dedc6a2126e00207286a74e2cf5ffd6df2c91942fc923e83d8505f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.dxr.cloud/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 01:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: LiteSpeed
x-powered-by: ClientsBG
vary: Accept-Encoding,User-Agent,User-Agent
content-type: text/html
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.booking.dxr.cloud/	1970-01-21 07:39:26	Name: __sosint_uid Value: uvd6c73ypn44lg9ekajsz7862eiclbkagvgfyhxjj0gt0nflwr1msxcr3c0sebee

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.booking.dxr.cloud/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.fantasticxrm.com
obfa.fantasticservices.com
www.booking.dxr.cloud
185.107.229.1
185.107.230.14
185.34.173.173
24566e09534a477a6e723113e2b16b4c96b15130a4e1c6b80423e85b27de7bf3
5424db3bd5dedc6a2126e00207286a74e2cf5ffd6df2c91942fc923e83d8505f
c4d4b05e58fa8580a6f2de4f61a8c9a1f31272b2495dd6cb8be90f2f978b317d
d10e6e9ec1617c25ca74fa8ae70ade7ecfe0f15e375521bac2b6190487604c6c

www.booking.dxr.cloud Open in urlscan Pro 185.107.229.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

67 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

66 kBTransfer

245 kBSize

1 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

www.booking.dxr.cloud Open in urlscan Pro
185.107.229.1 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

66 kB
Transfer

245 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions