www.booking.dxr.cloud Open in urlscan Pro
185.107.229.1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.booking.dxr.cloud/	2 KB 1002 B	427ms 79ms	Document text/html	185.107.229.1 UK-DAO
General Check archive.org Show headers Download Go to Full URL https://www.booking.dxr.cloud/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 185.107.229.1 , United Kingdom, ASN200418 (UK-DAO, GB), Reverse DNS thehuracanfoundation.org Software LiteSpeed / ClientsBG Resource Hash 6bf22fd80daf5bddf9caa344ffb9f7eb10761d4ef4c3a36cdf0cfde85b5ff118 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 664 content-type text/html date Fri, 10 Feb 2023 15:48:51 GMT last-modified Mon, 24 Aug 2020 11:27:32 GMT server LiteSpeed vary Accept-Encoding,User-Agent,User-Agent x-content-type-options nosniff x-powered-by ClientsBG x-xss-protection 1; mode=block
GET H2	200	client.min.js Show response obfa.fantasticservices.com/client/	199 KB 55 KB	308ms 76ms	Script application/javascript	185.107.230.14 UK-DAO
General Check archive.org Show headers Download Go to Full URL https://obfa.fantasticservices.com/client/client.min.js?465567 Requested by Host: www.booking.dxr.cloud URL: https://www.booking.dxr.cloud/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.107.230.14 , United Kingdom, ASN200418 (UK-DAO, GB), Reverse DNS obfa.fantasticservices.com Software FantasticWebServer / Resource Hash ed6a2c6d56879d1c31b37a8a0f1fc17899de7e9099e527dae7d27cf95927dd75 Request headers accept-language en-GB,en;q=0.9 Referer https://www.booking.dxr.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers pragma public date Fri, 10 Feb 2023 15:48:51 GMT content-encoding br last-modified Thu, 09 Feb 2023 09:31:30 GMT server FantasticWebServer etag W/"63e4bd72-31d70" vary Accept-Encoding node FantasticBG01 content-type application/javascript access-control-allow-origin * cache-control max-age=315360000, public, must-revalidate, proxy-revalidate expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	index.html Show response obfa.fantasticservices.com/ Frame 8294	9 KB 3 KB	78ms 78ms	Document text/html	185.107.230.14 UK-DAO
General Check archive.org Show headers Download Go to Full URL https://obfa.fantasticservices.com/index.html?cache=1676044132228&parentOrigin=https://www.booking.dxr.cloud Requested by Host: obfa.fantasticservices.com URL: https://obfa.fantasticservices.com/client/client.min.js?465567 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.107.230.14 , United Kingdom, ASN200418 (UK-DAO, GB), Reverse DNS obfa.fantasticservices.com Software FantasticWebServer / Resource Hash 0cad50a790b08032cb93aa558421f2bcf852e981b550ede86b6859f92d41323c Request headers Referer https://www.booking.dxr.cloud/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding br content-type text/html date Fri, 10 Feb 2023 15:48:52 GMT etag W/"63e4bd72-22a2" last-modified Thu, 09 Feb 2023 09:31:30 GMT node FantasticBG01 server FantasticWebServer vary Accept-Encoding x-robots-tag noindex, nofollow, nosnippet, noarchive
GET H2	200	runtime-es2015.48b7493711cbbbc63c6a.js Show response obfa.fantasticservices.com/ Frame 8294	4 KB 2 KB	76ms 75ms	Script application/javascript	185.107.230.14 UK-DAO
General Check archive.org Show headers Download Go to Full URL https://obfa.fantasticservices.com/runtime-es2015.48b7493711cbbbc63c6a.js Requested by Host: obfa.fantasticservices.com URL: https://obfa.fantasticservices.com/index.html?cache=1676044132228&parentOrigin=https://www.booking.dxr.cloud Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.107.230.14 , United Kingdom, ASN200418 (UK-DAO, GB), Reverse DNS obfa.fantasticservices.com Software FantasticWebServer / Resource Hash ecf9567e0c013ffaf9f44aca9e3f9d8561281cd1ff5bad5aa420f74f30eeea79 Request headers Referer https://obfa.fantasticservices.com/index.html?cache=1676044132228&parentOrigin=https://www.booking.dxr.cloud Origin https://obfa.fantasticservices.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers pragma public date Fri, 10 Feb 2023 15:48:52 GMT content-encoding br last-modified Thu, 09 Feb 2023 09:31:31 GMT server FantasticWebServer etag W/"63e4bd73-fe7" vary Accept-Encoding node FantasticBG01 content-type application/javascript access-control-allow-origin * cache-control max-age=315360000, public, must-revalidate, proxy-revalidate expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	polyfills-es2015.ff5296b4ab08481b8ddb.js Show response obfa.fantasticservices.com/ Frame 8294	92 KB 29 KB	79ms 79ms	Script application/javascript	185.107.230.14 UK-DAO
General Check archive.org Show headers Download Go to Full URL https://obfa.fantasticservices.com/polyfills-es2015.ff5296b4ab08481b8ddb.js Requested by Host: obfa.fantasticservices.com URL: https://obfa.fantasticservices.com/index.html?cache=1676044132228&parentOrigin=https://www.booking.dxr.cloud Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.107.230.14 , United Kingdom, ASN200418 (UK-DAO, GB), Reverse DNS obfa.fantasticservices.com Software FantasticWebServer / Resource Hash fb55f0f93f208d54a7528742060c940e24abaec59f71d81d09907365d1e29cb2 Request headers Referer https://obfa.fantasticservices.com/index.html?cache=1676044132228&parentOrigin=https://www.booking.dxr.cloud Origin https://obfa.fantasticservices.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers pragma public date Fri, 10 Feb 2023 15:48:52 GMT content-encoding br last-modified Wed, 14 Dec 2022 11:51:08 GMT server FantasticWebServer etag W/"6399b8ac-17102" vary Accept-Encoding node FantasticBG01 content-type application/javascript access-control-allow-origin * cache-control max-age=315360000, public, must-revalidate, proxy-revalidate expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	scripts.ee1b71699b3980922c02.js Show response obfa.fantasticservices.com/ Frame 8294	4 KB 2 KB	152ms 152ms	Script application/javascript	185.107.230.14 UK-DAO
General Check archive.org Show headers Download Go to Full URL https://obfa.fantasticservices.com/scripts.ee1b71699b3980922c02.js Requested by Host: obfa.fantasticservices.com URL: https://obfa.fantasticservices.com/index.html?cache=1676044132228&parentOrigin=https://www.booking.dxr.cloud Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.107.230.14 , United Kingdom, ASN200418 (UK-DAO, GB), Reverse DNS obfa.fantasticservices.com Software FantasticWebServer / Resource Hash 5d448bd9d4204c3c90477013090baacdbb96a41c6b2510832825cc2d60f7bc9d Request headers accept-language en-GB,en;q=0.9 Referer https://obfa.fantasticservices.com/index.html?cache=1676044132228&parentOrigin=https://www.booking.dxr.cloud User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers pragma public date Fri, 10 Feb 2023 15:48:52 GMT content-encoding br last-modified Wed, 14 Dec 2022 11:51:08 GMT server FantasticWebServer etag W/"6399b8ac-f1a" vary Accept-Encoding node FantasticBG01 content-type application/javascript access-control-allow-origin * cache-control max-age=315360000, public, must-revalidate, proxy-revalidate expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	main-es2015.363ed5dd8609e2376392.js Show response obfa.fantasticservices.com/ Frame 8294	5 MB 971 KB	83ms 83ms	Script application/javascript	185.107.230.14 UK-DAO
General Check archive.org Show headers Download Go to Full URL https://obfa.fantasticservices.com/main-es2015.363ed5dd8609e2376392.js Requested by Host: obfa.fantasticservices.com URL: https://obfa.fantasticservices.com/index.html?cache=1676044132228&parentOrigin=https://www.booking.dxr.cloud Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.107.230.14 , United Kingdom, ASN200418 (UK-DAO, GB), Reverse DNS obfa.fantasticservices.com Software FantasticWebServer / Resource Hash 62c84d3acceaff213b00583a9e033192fa7265c1c55d8e7f45f778432d9459f3 Request headers Referer https://obfa.fantasticservices.com/index.html?cache=1676044132228&parentOrigin=https://www.booking.dxr.cloud Origin https://obfa.fantasticservices.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers pragma public date Fri, 10 Feb 2023 15:48:52 GMT content-encoding br last-modified Thu, 09 Feb 2023 09:31:30 GMT server FantasticWebServer etag W/"63e4bd72-4aecf6" vary Accept-Encoding node FantasticBG01 content-type application/javascript access-control-allow-origin * cache-control max-age=315360000, public, must-revalidate, proxy-revalidate expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	styles.45318e6d508d29f4e5e6.css obfa.fantasticservices.com/ Frame 8294	200 KB 45 KB	153ms 152ms	Stylesheet text/css	185.107.230.14 UK-DAO
General Check archive.org Show headers Download Go to Full URL https://obfa.fantasticservices.com/styles.45318e6d508d29f4e5e6.css Requested by Host: obfa.fantasticservices.com URL: https://obfa.fantasticservices.com/index.html?cache=1676044132228&parentOrigin=https://www.booking.dxr.cloud Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.107.230.14 , United Kingdom, ASN200418 (UK-DAO, GB), Reverse DNS obfa.fantasticservices.com Software FantasticWebServer / Resource Hash 7de7b6f44dbe2c874e45062716c7bbe0f894a2ac4e661cfd512c82e0da5a9b19 Request headers accept-language en-GB,en;q=0.9 Referer https://obfa.fantasticservices.com/index.html?cache=1676044132228&parentOrigin=https://www.booking.dxr.cloud User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers pragma public date Fri, 10 Feb 2023 15:48:52 GMT content-encoding br last-modified Wed, 05 Oct 2022 13:52:26 GMT server FantasticWebServer etag W/"633d8c1a-32068" vary Accept-Encoding node FantasticBG01 content-type text/css access-control-allow-origin * cache-control max-age=315360000, public, must-revalidate, proxy-revalidate expires Thu, 31 Dec 2037 23:55:55 GMT
POST H/1.1	200 OK	/ Show response sentry.serviceos.app/api/2/envelope/ Frame 8294	2 B 349 B	448ms 85ms	Fetch application/json	185.34.174.181 VCC-UK
General Check archive.org Show headers Download Go to Full URL https://sentry.serviceos.app/api/2/envelope/?sentry_key=0537563e4f70471d80dd61a2650d7aaf&sentry_version=7 Requested by Host: obfa.fantasticservices.com URL: https://obfa.fantasticservices.com/polyfills-es2015.ff5296b4ab08481b8ddb.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.34.174.181 , United Kingdom, ASN60200 (VCC-UK, GB), Reverse DNS Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://obfa.fantasticservices.com/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 10 Feb 2023 15:48:53 GMT Strict-Transport-Security max-age=31536000 Server nginx vary Origin Content-Type application/json access-control-allow-origin https://obfa.fantasticservices.com access-control-expose-headers retry-after, x-sentry-rate-limits, x-sentry-error Connection close Content-Length 2
GET H2	200	get-ip.php Show response obfa.fantasticservices.com/ Frame 8294	31 B 204 B	79ms 79ms	XHR text/html	185.107.230.14 UK-DAO
General Check archive.org Show headers Download Go to Full URL https://obfa.fantasticservices.com/get-ip.php Requested by Host: obfa.fantasticservices.com URL: https://obfa.fantasticservices.com/polyfills-es2015.ff5296b4ab08481b8ddb.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.107.230.14 , United Kingdom, ASN200418 (UK-DAO, GB), Reverse DNS obfa.fantasticservices.com Software FantasticWebServer / Resource Hash 3e7420ac470813451bf1488ed4104ae6174bee3dac0d3080ee65f9f3f434652b Request headers Accept application/json, text/plain, */* Referer https://obfa.fantasticservices.com/index.html?cache=1676044132228&parentOrigin=https://www.booking.dxr.cloud accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 15:48:53 GMT content-encoding br server FantasticWebServer x-robots-tag noindex, nofollow, nosnippet, noarchive vary Accept-Encoding node FantasticBG01 content-type text/html; charset=UTF-8
GET H2	200	server_time Show response login.fantasticxrm.com/api/v2.2/shared/ Frame 8294	66 B 765 B	109ms 109ms	XHR application/json	185.34.173.173 VCC-UK
General Check archive.org Show headers Download Go to Full URL https://login.fantasticxrm.com/api/v2.2/shared/server_time Requested by Host: obfa.fantasticservices.com URL: https://obfa.fantasticservices.com/polyfills-es2015.ff5296b4ab08481b8ddb.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.34.173.173 , United Kingdom, ASN60200 (VCC-UK, GB), Reverse DNS login.fantasticxrm.com Software nginx / Resource Hash c92e8bab1414e263230ab05b1831393a745ccbef04efc052ee3960864ebd0c62 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers X-Application 011ubmkb2lzsi477grcisfel49szzncqfzxmjdtcs8cq51k6o46zz9u9r4p4msl8 Referer https://obfa.fantasticservices.com/ X-Requested-With XMLHttpRequest accept-language en-GB,en;q=0.9 X-Profile 2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Fri, 10 Feb 2023 15:48:53 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=UTF-8 access-control-allow-origin * x-frame-options SAMEORIGIN access-control-allow-credentials true x-robots-tag noindex, nofollow, noindex, nofollow, nosnippet, noarchive access-control-allow-headers Content-Type, Accept, Authorization, X-Requested-With, X-Requested-With, X-Client-Token, Application, X-Application, X-Profile, X-Token, X-Client-Profile, X-XSRF-TOKEN, X-Device, X-Hotjar-Id, X-Request-Token, X-Last-Authorization, X-Date, X-Application-Build, X-React-Build active_node node21.fantasticxrm.com x-xss-protection 1; mode=block
OPTIONS H2	200	server_time login.fantasticxrm.com/api/v2.2/shared/ Frame	0 0	359ms 98ms	Preflight application/json	185.34.173.173 VCC-UK
General Check archive.org Show headers Download Go to Full URL https://login.fantasticxrm.com/api/v2.2/shared/server_time Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.34.173.173 , United Kingdom, ASN60200 (VCC-UK, GB), Reverse DNS login.fantasticxrm.com Software nginx / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type,x-application,x-profile,x-requested-with Access-Control-Request-Method GET Origin https://obfa.fantasticservices.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Accept, Authorization, X-Requested-With, X-Requested-With, X-Client-Token, Application, X-Application, X-Profile, X-Token, X-Client-Profile, X-XSRF-TOKEN, X-Device, X-Hotjar-Id, X-Request-Token, X-Last-Authorization, X-Date, X-Application-Build, X-React-Build access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin * active_node node21.fantasticxrm.com content-encoding gzip content-type application/json; charset=UTF-8 date Fri, 10 Feb 2023 15:48:53 GMT server nginx vary Accept-Encoding x-frame-options SAMEORIGIN x-robots-tag noindex, nofollow noindex, nofollow, nosnippet, noarchive x-xss-protection 1; mode=block
GET H2	200	hash-check.php Show response obfa.fantasticservices.com/ Frame 8294	27 B 197 B	203ms 203ms	XHR text/html	185.107.230.14 UK-DAO
General Check archive.org Show headers Download Go to Full URL https://obfa.fantasticservices.com/hash-check.php?api_url=https://login.fantasticxrm.com/api/v2.2/&api_profile=2&api_application=011ubmkb2lzsi477grcisfel49szzncqfzxmjdtcs8cq51k6o46zz9u9r4p4msl8&fingerprint=undefined Requested by Host: obfa.fantasticservices.com URL: https://obfa.fantasticservices.com/polyfills-es2015.ff5296b4ab08481b8ddb.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.107.230.14 , United Kingdom, ASN200418 (UK-DAO, GB), Reverse DNS obfa.fantasticservices.com Software FantasticWebServer / Resource Hash 58fcea433003c2979102306ec72f873ac11bd45f8eeeecaa5904582dd75fd9ee Request headers Accept application/json, text/plain, */* Referer https://obfa.fantasticservices.com/index.html?cache=1676044132228&parentOrigin=https://www.booking.dxr.cloud accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 15:48:53 GMT content-encoding br server FantasticWebServer x-robots-tag noindex, nofollow, nosnippet, noarchive vary Accept-Encoding node FantasticBG01 content-type text/html; charset=UTF-8
GET H2	200	version_manifest.json Show response obfa.fantasticservices.com/ Frame 8294	21 B 215 B	75ms 74ms	XHR application/json	185.107.230.14 UK-DAO
General Check archive.org Show headers Download Go to Full URL https://obfa.fantasticservices.com/version_manifest.json Requested by Host: obfa.fantasticservices.com URL: https://obfa.fantasticservices.com/polyfills-es2015.ff5296b4ab08481b8ddb.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.107.230.14 , United Kingdom, ASN200418 (UK-DAO, GB), Reverse DNS obfa.fantasticservices.com Software FantasticWebServer / Resource Hash a2d0e2a558c10a47c34e5a382df6419564563f52390974a98ec630b88fd744c1 Request headers Accept application/json, text/plain, */* Referer https://obfa.fantasticservices.com/index.html?cache=1676044132228&parentOrigin=https://www.booking.dxr.cloud accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 15:48:53 GMT last-modified Fri, 10 Feb 2023 15:48:49 GMT server FantasticWebServer etag "63e66761-15" node FantasticBG01 content-type application/json accept-ranges bytes x-robots-tag noindex, nofollow, nosnippet, noarchive content-length 21
POST H2	200	client Show response login.fantasticxrm.com/api/v2.2/ Frame 8294	118 KB 33 KB	225ms 223ms	XHR application/json	185.34.173.173 VCC-UK
General Check archive.org Show headers Download Go to Full URL https://login.fantasticxrm.com/api/v2.2/client Requested by Host: obfa.fantasticservices.com URL: https://obfa.fantasticservices.com/polyfills-es2015.ff5296b4ab08481b8ddb.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.34.173.173 , United Kingdom, ASN60200 (VCC-UK, GB), Reverse DNS login.fantasticxrm.com Software nginx / Resource Hash 91606399662fb21a7ae6b8e953dfc1061b0171d14b7d0b1ce372581e58eb4435 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers X-Application 011ubmkb2lzsi477grcisfel49szzncqfzxmjdtcs8cq51k6o46zz9u9r4p4msl8 Referer https://obfa.fantasticservices.com/ X-Requested-With XMLHttpRequest accept-language en-GB,en;q=0.9 X-Profile 2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Fri, 10 Feb 2023 15:48:53 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=UTF-8 access-control-allow-origin * x-frame-options SAMEORIGIN access-control-allow-credentials true x-robots-tag noindex, nofollow, noindex, nofollow, nosnippet, noarchive access-control-allow-headers Content-Type, Accept, Authorization, X-Requested-With, X-Requested-With, X-Client-Token, Application, X-Application, X-Profile, X-Token, X-Client-Profile, X-XSRF-TOKEN, X-Device, X-Hotjar-Id, X-Request-Token, X-Last-Authorization, X-Date, X-Application-Build, X-React-Build active_node node21.fantasticxrm.com x-xss-protection 1; mode=block
OPTIONS H2	200	client login.fantasticxrm.com/api/v2.2/ Frame	0 0	100ms 100ms	Preflight application/json	185.34.173.173 VCC-UK
General Check archive.org Show headers Download Go to Full URL https://login.fantasticxrm.com/api/v2.2/client Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.34.173.173 , United Kingdom, ASN60200 (VCC-UK, GB), Reverse DNS login.fantasticxrm.com Software nginx / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type,x-application,x-profile,x-requested-with Access-Control-Request-Method POST Origin https://obfa.fantasticservices.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Accept, Authorization, X-Requested-With, X-Requested-With, X-Client-Token, Application, X-Application, X-Profile, X-Token, X-Client-Profile, X-XSRF-TOKEN, X-Device, X-Hotjar-Id, X-Request-Token, X-Last-Authorization, X-Date, X-Application-Build, X-React-Build access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin * active_node node21.fantasticxrm.com content-encoding gzip content-type application/json; charset=UTF-8 date Fri, 10 Feb 2023 15:48:53 GMT server nginx vary Accept-Encoding x-frame-options SAMEORIGIN x-robots-tag noindex, nofollow noindex, nofollow, nosnippet, noarchive x-xss-protection 1; mode=block
POST H/1.1	200 OK	/ Show response sentry.serviceos.app/api/2/envelope/ Frame 8294	41 B 389 B	171ms 170ms	Fetch application/json	185.34.174.181 VCC-UK
General Check archive.org Show headers Download Go to Full URL https://sentry.serviceos.app/api/2/envelope/?sentry_key=0537563e4f70471d80dd61a2650d7aaf&sentry_version=7 Requested by Host: obfa.fantasticservices.com URL: https://obfa.fantasticservices.com/polyfills-es2015.ff5296b4ab08481b8ddb.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.34.174.181 , United Kingdom, ASN60200 (VCC-UK, GB), Reverse DNS Software nginx / Resource Hash ab265e265afb7493a686c7eaad5ca63b917c9becea45aae719709377a62ffb1c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://obfa.fantasticservices.com/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 10 Feb 2023 15:48:54 GMT Strict-Transport-Security max-age=31536000 Server nginx vary Origin Content-Type application/json access-control-allow-origin https://obfa.fantasticservices.com access-control-expose-headers x-sentry-rate-limits, retry-after, x-sentry-error Connection close Content-Length 41
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 8294	321 KB 83 KB	240ms 84ms	Script application/javascript	2a00:1450:400d:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P6QPHSJ Requested by Host: www.booking.dxr.cloud URL: https://www.booking.dxr.cloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 855b81eb7a6da071b81b454d515ff8c5ca1ce4f02c8781253576e1e1c91db789 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://obfa.fantasticservices.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 15:48:54 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 84885 x-xss-protection 0 last-modified Fri, 10 Feb 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 10 Feb 2023 15:48:54 GMT
GET H2	200	hotjar-1243610.js Show response static.hotjar.com/c/ Frame 8294	8 KB 4 KB	212ms 51ms	Script application/javascript	13.32.27.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1243610.js?sv=6 Requested by Host: www.booking.dxr.cloud URL: https://www.booking.dxr.cloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-7.fra56.r.cloudfront.net Software / Resource Hash 0fb5d5b3d8d2a291adac796acee7c40717aec7aac00262c932f2a8ec01b6fc11 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://obfa.fantasticservices.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Fri, 10 Feb 2023 15:48:54 GMT via 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 7 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/5709da188e86c1472047d59ca3c87036 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 x-amz-cf-id Q3Q0DRRTa-GyOuhlXspiUcf7AQdOTg3v3wOybH-nLp70Z1L-uqYmNQ==
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 8294	49 KB 20 KB	204ms 61ms	Script text/javascript	2a00:1450:400d:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6QPHSJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://obfa.fantasticservices.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 10 Feb 2023 15:12:06 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 2208 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Fri, 10 Feb 2023 17:12:06 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 8294	218 KB 76 KB	85ms 85ms	Script application/javascript	2a00:1450:400d:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-KVEN18EWCT&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6QPHSJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e2ddba7fa6e8ca3873b7731702b384d844d31517e118af1f120a0913c0718720 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://obfa.fantasticservices.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 15:48:54 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 77939 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 10 Feb 2023 15:48:54 GMT
GET H2	200	modules.08d4f065a7a29306a4f1.js Show response script.hotjar.com/ Frame 8294	261 KB 67 KB	189ms 55ms	Script application/javascript	13.32.27.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.08d4f065a7a29306a4f1.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1243610.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-21.fra56.r.cloudfront.net Software / Resource Hash 4cd4aaecdabe71bda5b5c1f56b18aa7934f2923963b860cc1875f7e85e7c9f97 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://obfa.fantasticservices.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 14:54:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 3288 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 68067 last-modified Fri, 10 Feb 2023 14:53:53 GMT etag "92a0e284b398aa5019198b4c945d2414" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id bp6ydKrzVNvDLkEK1hJdHGm2LygRzD9EXCYARUEi0wvUGcxb5EFqvg==
GET H2	200	box-e031119f9e9e307a08fa610f85dbfb52.html Show response vars.hotjar.com/ Frame BF50	2 KB 1 KB	562ms 48ms	Document text/html	143.204.215.118
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1243610.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.118 -, , ASN (), Reverse DNS Software / Resource Hash f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Referer https://obfa.fantasticservices.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers accept-ranges bytes age 614329 cache-control max-age=31536000 content-encoding br content-length 1034 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 03 Feb 2023 13:10:06 GMT etag "112fdf47cdb80b9ce3d033ed09717460" last-modified Fri, 03 Feb 2023 13:09:45 GMT strict-transport-security max-age=2592000; includeSubDomains vary Accept-Encoding via 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront) x-amz-cf-id 5VHr86UTmejqXnpMaps19617UZmfJ2ZtaYXhpqd9_y0r6WgF_BBaWA== x-amz-cf-pop FRA53-C1 x-cache Hit from cloudfront x-robots-tag none
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/1243610/ Frame 8294	147 B 323 B	206ms 63ms	XHR application/json	54.76.60.173
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/1243610/visit-data?sv=6 Requested by Host: obfa.fantasticservices.com URL: https://obfa.fantasticservices.com/polyfills-es2015.ff5296b4ab08481b8ddb.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.60.173 -, , ASN (), Reverse DNS Software / Resource Hash 7622f903aea5ca12c0cedd665448ad8496c4c9b954f42768c55f1a011897797b Request headers Referer https://obfa.fantasticservices.com/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Fri, 10 Feb 2023 15:48:55 GMT content-encoding br vary Accept-Encoding access-control-max-age 86400 content-type application/json access-control-allow-origin * cache-control no-cache, no-store access-control-allow-credentials true
POST H2	200	/ content.hotjar.io/ Frame 8294	0 0	303ms 94ms	XHR application/json	34.252.123.111
General Check archive.org Show headers Download Go to Full URL https://content.hotjar.io/ Requested by Host: obfa.fantasticservices.com URL: https://obfa.fantasticservices.com/polyfills-es2015.ff5296b4ab08481b8ddb.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.252.123.111 -, , ASN (), Reverse DNS Software / Resource Hash Request headers Referer https://obfa.fantasticservices.com/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers access-control-allow-origin * date Fri, 10 Feb 2023 15:48:55 GMT content-length 56 vary Origin content-type application/json

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| obfOptions function| async object| webpackChunkobf_client_typescript_webpack object| obfClientSDK

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content.hotjar.io
in.hotjar.com
login.fantasticxrm.com
obfa.fantasticservices.com
script.hotjar.com
sentry.serviceos.app
static.hotjar.com
vars.hotjar.com
www.booking.dxr.cloud
www.google-analytics.com
www.googletagmanager.com
13.32.27.21
13.32.27.7
143.204.215.118
185.107.229.1
185.107.230.14
185.34.173.173
185.34.174.181
2a00:1450:400d:806::200e
2a00:1450:400d:808::2008
34.252.123.111
54.76.60.173
0cad50a790b08032cb93aa558421f2bcf852e981b550ede86b6859f92d41323c
0fb5d5b3d8d2a291adac796acee7c40717aec7aac00262c932f2a8ec01b6fc11
3e7420ac470813451bf1488ed4104ae6174bee3dac0d3080ee65f9f3f434652b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4cd4aaecdabe71bda5b5c1f56b18aa7934f2923963b860cc1875f7e85e7c9f97
58fcea433003c2979102306ec72f873ac11bd45f8eeeecaa5904582dd75fd9ee
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d448bd9d4204c3c90477013090baacdbb96a41c6b2510832825cc2d60f7bc9d
62c84d3acceaff213b00583a9e033192fa7265c1c55d8e7f45f778432d9459f3
6bf22fd80daf5bddf9caa344ffb9f7eb10761d4ef4c3a36cdf0cfde85b5ff118
7622f903aea5ca12c0cedd665448ad8496c4c9b954f42768c55f1a011897797b
7de7b6f44dbe2c874e45062716c7bbe0f894a2ac4e661cfd512c82e0da5a9b19
855b81eb7a6da071b81b454d515ff8c5ca1ce4f02c8781253576e1e1c91db789
91606399662fb21a7ae6b8e953dfc1061b0171d14b7d0b1ce372581e58eb4435
a2d0e2a558c10a47c34e5a382df6419564563f52390974a98ec630b88fd744c1
ab265e265afb7493a686c7eaad5ca63b917c9becea45aae719709377a62ffb1c
c92e8bab1414e263230ab05b1831393a745ccbef04efc052ee3960864ebd0c62
e2ddba7fa6e8ca3873b7731702b384d844d31517e118af1f120a0913c0718720
ecf9567e0c013ffaf9f44aca9e3f9d8561281cd1ff5bad5aa420f74f30eeea79
ed6a2c6d56879d1c31b37a8a0f1fc17899de7e9099e527dae7d27cf95927dd75
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e
fb55f0f93f208d54a7528742060c940e24abaec59f71d81d09907365d1e29cb2