booking.dxr.cloud - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 185.107.229.1, located in United Kingdom and belongs to UK-DAO, GB. The main domain is booking.dxr.cloud.
TLS certificate: Issued by R10 on August 8th 2024. Valid for: 3 months.

This is the only time booking.dxr.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	185.107.229.1 185.107.229.1	200418 (UK-DAO) (UK-DAO)
2	185.107.230.14 185.107.230.14	200418 (UK-DAO) (UK-DAO)
2	185.34.173.173 185.34.173.173	60200 (VCC-UK) (VCC-UK)
6	3

2 185.107.229.1 (United Kingdom)

ASN200418 (UK-DAO, GB)
PTR: thehuracanfoundation.org

booking.dxr.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.107.230.14 (United Kingdom)

ASN200418 (UK-DAO, GB)
PTR: obfa.fantasticservices.com

obfa.fantasticservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.34.173.173 (United Kingdom)

ASN60200 (VCC-UK, GB)
PTR: login.fantasticxrm.com

login.fantasticxrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	fantasticxrm.com login.fantasticxrm.com	863 B
2	fantasticservices.com obfa.fantasticservices.com	59 KB
2	dxr.cloud booking.dxr.cloud	6 KB
6	3

	Domain	Requested by
2	login.fantasticxrm.com	obfa.fantasticservices.com
2	obfa.fantasticservices.com	booking.dxr.cloud obfa.fantasticservices.com
2	booking.dxr.cloud
6	3

This site contains no links.

Subject Issuer	Validity	Valid
booking.dxr.cloud R10	`2024-08-08` - `2024-11-06`	3 months	crt.sh
*.fantasticservices.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-07` - `2024-09-06`	a year	crt.sh
*.fantasticxrm.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-23` - `2025-07-23`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://booking.dxr.cloud/
Frame ID: 7BBED695ED7905E3569CCAE02F71ED43
Requests: 4 HTTP requests in this frame

Frame: https://obfa.fantasticservices.com/index.html?cache=1723685644918&parentOrigin=https://booking.dxr.cloud
Frame ID: F21B6FC01EB63BB46419B86C379DE868
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Booking Form

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

66 kB
Transfer

245 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
booking.dxr.cloud/ 2 KB
1012 B 310ms
74ms Document
text/html 185.107.229.1
UK-DAO

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.dxr.cloud/

Protocol

H2

Security

TLS 1.3, , CHACHA20_POLY1305

Server

185.107.229.1 , United Kingdom, ASN200418 (UK-DAO, GB),

Reverse DNS

thehuracanfoundation.org

Software

LiteSpeed / ClientsBG

Resource Hash

c4d4b05e58fa8580a6f2de4f61a8c9a1f31272b2495dd6cb8be90f2f978b317d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 674
content-type: text/html
date: Thu, 15 Aug 2024 01:34:04 GMT
last-modified: Wed, 29 May 2024 08:24:49 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-powered-by: ClientsBG
x-xss-protection: 1; mode=block

GET
H2 200 client.min.js Show response
obfa.fantasticservices.com/client/ 233 KB
59 KB 246ms
71ms Script
application/javascript 185.107.230.14
UK-DAO

General

Check archive.org

Show headers Download Go to

Full URL: https://obfa.fantasticservices.com/client/client.min.js?478801
Requested by: Host: booking.dxr.cloud
URL: https://booking.dxr.cloud/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.107.230.14 , United Kingdom, ASN200418 (UK-DAO, GB),
Reverse DNS: obfa.fantasticservices.com
Software: FantasticWebServer /
Resource Hash: 66ee6f90ceaaa736e87d3c6d3d0fb3db09cd00596be3b4389b22331f8b5c1882

Request headers

Referer: https://booking.dxr.cloud/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Thu, 15 Aug 2024 01:34:04 GMT
content-encoding: br
last-modified: Mon, 22 Jul 2024 13:08:49 GMT
server: FantasticWebServer
etag: W/"669e59e1-3a408"
vary: Accept-Encoding
node: FantasticBG01
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 interactions
login.fantasticxrm.com/api/v2/system/ Frame 0
0 346ms
105ms Preflight
application/json 185.34.173.173
VCC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://login.fantasticxrm.com/api/v2/system/interactions

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.34.173.173 , United Kingdom, ASN60200 (VCC-UK, GB),

Reverse DNS

login.fantasticxrm.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-application
Access-Control-Request-Method: POST
Origin: https://booking.dxr.cloud
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Authorization, X-Requested-With, X-Requested-With, X-Client-Token, Application, X-Application, X-Profile, X-Token, X-Client-Profile, X-XSRF-TOKEN, X-Device, X-Hotjar-Id, X-Request-Token, X-Last-Authorization, X-Date, X-Application-Build, X-React-Build, X-Gateway, X-Vsid, X-Language
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
active_node: node21.fantasticxrm.com
content-encoding: gzip
content-type: application/json; charset=UTF-8
date: Thu, 15 Aug 2024 01:34:05 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

POST
H2 200 interactions Show response
login.fantasticxrm.com/api/v2/system/ 167 B
863 B 123ms
121ms XHR
application/json 185.34.173.173
VCC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://login.fantasticxrm.com/api/v2/system/interactions

Requested by

Host: obfa.fantasticservices.com
URL: https://obfa.fantasticservices.com/client/client.min.js?478801

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.34.173.173 , United Kingdom, ASN60200 (VCC-UK, GB),

Reverse DNS

login.fantasticxrm.com

Software

nginx /

Resource Hash

b3bf858b7e6753225ba9389b277e45c1c5a205596eb1e59c367b4df0958e0eeb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Application: 011ubmkb2lzsi477grcisfel49szzncqfzxmjdtcs8cq51k6o46zz9u9r4p4msl8
Referer: https://booking.dxr.cloud/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Thu, 15 Aug 2024 01:34:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow, noindex, nofollow, nosnippet, noarchive
access-control-allow-headers: Content-Type, Accept, Authorization, X-Requested-With, X-Requested-With, X-Client-Token, Application, X-Application, X-Profile, X-Token, X-Client-Profile, X-XSRF-TOKEN, X-Device, X-Hotjar-Id, X-Request-Token, X-Last-Authorization, X-Date, X-Application-Build, X-React-Build, X-Gateway, X-Vsid, X-Language
active_node: node21.fantasticxrm.com
x-xss-protection: 1; mode=block

GET
H2 200 index.html
obfa.fantasticservices.com/ Frame F21B 0
0 210ms
69ms Document
text/html 185.107.230.14
UK-DAO

General

Check archive.org

Show headers Download Go to

Full URL: https://obfa.fantasticservices.com/index.html?cache=1723685644918&parentOrigin=https://booking.dxr.cloud
Requested by: Host: obfa.fantasticservices.com
URL: https://obfa.fantasticservices.com/client/client.min.js?478801
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.107.230.14 , United Kingdom, ASN200418 (UK-DAO, GB),
Reverse DNS: obfa.fantasticservices.com
Software: FantasticWebServer /
Resource Hash

Request headers

Referer: https://booking.dxr.cloud/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html
date: Thu, 15 Aug 2024 01:34:05 GMT
etag: W/"66b45c7a-2691"
last-modified: Thu, 08 Aug 2024 05:49:46 GMT
node: FantasticBG01
server: FantasticWebServer
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, nosnippet, noarchive

GET
H2 404 favicon.ico
booking.dxr.cloud/ 10 KB
5 KB 74ms
73ms Other
text/html 185.107.229.1
UK-DAO

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.dxr.cloud/favicon.ico

Protocol

H2

Security

TLS 1.3, , CHACHA20_POLY1305

Server

185.107.229.1 , United Kingdom, ASN200418 (UK-DAO, GB),

Reverse DNS

thehuracanfoundation.org

Software

LiteSpeed / ClientsBG

Resource Hash

3ef7ab70038bd9e48e5878bb6198f5c533805cd1da70c20167bdd8e314f31ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://booking.dxr.cloud/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 01:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: LiteSpeed
x-powered-by: ClientsBG
vary: Accept-Encoding,User-Agent,User-Agent
content-type: text/html
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			booking.dxr.cloud/	1970-01-21 08:24:05	Name: __sosint_uid Value: ozar5fnw5suicno2tp8n1olrwe2r2maw665b372ch1hz4x61wcqj8njxjei1dw3i

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://booking.dxr.cloud/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.dxr.cloud
login.fantasticxrm.com
obfa.fantasticservices.com
185.107.229.1
185.107.230.14
185.34.173.173
3ef7ab70038bd9e48e5878bb6198f5c533805cd1da70c20167bdd8e314f31ff6
66ee6f90ceaaa736e87d3c6d3d0fb3db09cd00596be3b4389b22331f8b5c1882
b3bf858b7e6753225ba9389b277e45c1c5a205596eb1e59c367b4df0958e0eeb
c4d4b05e58fa8580a6f2de4f61a8c9a1f31272b2495dd6cb8be90f2f978b317d

booking.dxr.cloud Open in urlscan Pro 185.107.229.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

66 kBTransfer

245 kBSize

1 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

booking.dxr.cloud Open in urlscan Pro
185.107.229.1 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

66 kB
Transfer

245 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions