flightsearch.trava.co Open in urlscan Pro
159.69.140.59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://support.flightsearch.trava.co/
Effective URL:
https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F
Submission: On June 14 via automatic, source certstream-suspicious (June 14th 2023, 6:08:56 pm UTC) — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 159.69.140.59, located in Nuremberg, Germany and belongs to HETZNER-AS, DE. The main domain is flightsearch.trava.co.
TLS certificate: Issued by R3 on June 14th 2023. Valid for: 3 months.

This is the only time flightsearch.trava.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	159.69.140.59 159.69.140.59	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700::68... 2606:4700::6812:1df3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2

7 159.69.140.59 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: flightsearch.traveknowledgy.com

support.flightsearch.trava.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flightsearch.trava.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1df3 (United States)

ASN13335 (CLOUDFLARENET, US)

unicons.iconscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	trava.co 1 redirects support.flightsearch.trava.co flightsearch.trava.co	10 MB
2	iconscout.com unicons.iconscout.com — Cisco Umbrella Rank: 76752	13 KB
8	2

	Domain	Requested by
6	flightsearch.trava.co	flightsearch.trava.co
2	unicons.iconscout.com	flightsearch.trava.co
1	support.flightsearch.trava.co	1 redirects
8	3

This site contains no links.

Subject Issuer	Validity	Valid
flightsearch.trava.co R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F
Frame ID: 6C12D1C23E4D06638A8B7C1079E72181
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FlightSearch - Traveknowledgy

Page URL History Show full URLs

https://support.flightsearch.trava.co/ HTTP 302
https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F Page URL

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

10159 kB
Transfer

38120 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://support.flightsearch.trava.co/ HTTP 302
https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
flightsearch.trava.co/en-GB/login/
Redirect Chain

https://support.flightsearch.trava.co/
https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F

2 KB
2 KB

35ms
18ms

Document
text/html

159.69.140.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

159.69.140.59 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

flightsearch.traveknowledgy.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

4e572a6a180f3813aabf9a1b74eb9432d89a4b6ea51923f4a751fdc70b283b17

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Wed, 14 Jun 2023 18:08:48 GMT
Expires: -1
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 14 Jun 2023 18:08:47 GMT
Location: https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F
Server: nginx/1.18.0 (Ubuntu)
X-XSS-Protection: 1; mode=block

GET
H2 200 line.css
unicons.iconscout.com/release/v4.0.0/css/ 57 KB
10 KB 69ms
28ms Stylesheet
text/css 2606:4700::6812:1df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unicons.iconscout.com/release/v4.0.0/css/line.css
Requested by: Host: flightsearch.trava.co
URL: https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61b7b24020789a0b18782eb7a9236d863777dacdbdc5960555b7cfe17768e370

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flightsearch.trava.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 18:08:48 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 2ZCNADMAQA2RPWJX
age: 815420
cf-polished: origSize=66419
alt-svc: h3=":443"; ma=86400
x-amz-id-2: zFnAYZ9toZWJz8OkZOYdZbQXv1csK4Rc2q0RACxaMw2oBhoqropY9AZ59fSunfbecbTZdZQXqlo=
cf-bgj: minify
last-modified: Thu, 20 May 2021 04:30:22 GMT
server: cloudflare
etag: W/"accdbde3b79ab05345137cafe7201b9d"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7d74854c8c2e994e-FRA
expires: Thu, 13 Jun 2024 18:08:48 GMT

GET
H2 200 solid.css
unicons.iconscout.com/release/v4.0.0/css/ 10 KB
2 KB 69ms
29ms Stylesheet
text/css 2606:4700::6812:1df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unicons.iconscout.com/release/v4.0.0/css/solid.css
Requested by: Host: flightsearch.trava.co
URL: https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea9529d1233210ebc921f6d64613b8244241b851e86f9832abdc6f4ace91ad94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flightsearch.trava.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 18:08:48 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: HXMEMRQ4TN91EQMV
age: 782237
cf-polished: origSize=12369
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dIOhSSssbrjZME0/Wccf6YLdhD1D/cYfW9uHYw6dreGHFsOUZs+1SBJNkv+aa9FbqrR6ct3vQxI=
cf-bgj: minify
last-modified: Thu, 20 May 2021 04:30:22 GMT
server: cloudflare
etag: W/"1e1e6afe1c28326635332439630fa033"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7d74854c8c2f994e-FRA
expires: Thu, 13 Jun 2024 18:08:48 GMT

GET
H/1.1 200
OK styles.css
flightsearch.trava.co/content/css/ 1 MB
274 KB 26ms
26ms Stylesheet
text/css 159.69.140.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://flightsearch.trava.co/content/css/styles.css?v=-SMx-UGr6Tyjl14eHfUKf2zgQCmkgL0x1nJrMD6zvis

Requested by

Host: flightsearch.trava.co
URL: https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

159.69.140.59 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

flightsearch.traveknowledgy.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

f92331f941abe93ca3975e1e1df50a7f6ce04029a480bd31d6726b303eb3be2b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 18:08:48 GMT
Content-Encoding: br
Last-Modified: Wed, 14 Jun 2023 15:21:31 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1d99ed3e59648d6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icons.svg
flightsearch.trava.co/content/img/ 112 KB
112 KB 33ms
20ms Image
image/svg+xml 159.69.140.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flightsearch.trava.co/content/img/icons.svg?v=Kutq0DNLzOTJZUgV6zMRHmIrXJxdWaTgBabkpuoQV_I

Requested by

Host: flightsearch.trava.co
URL: https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

159.69.140.59 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

flightsearch.traveknowledgy.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

2aeb6ad0334bcce4c9654815eb33111e622b5c9c5d59a4e005a6e4a6ea1057f2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 18:08:48 GMT
Last-Modified: Wed, 14 Jun 2023 15:21:31 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1d99ed3e582b1ec"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114284
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK trava.png
flightsearch.trava.co/content/img/logo/ 36 KB
36 KB 34ms
18ms Image
image/png 159.69.140.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flightsearch.trava.co/content/img/logo/trava.png

Requested by

Host: flightsearch.trava.co
URL: https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

159.69.140.59 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

flightsearch.traveknowledgy.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

01dac27d6933ef066aec71a20a25fc2a132773da45a51b84d13fee10fcb23b45

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 18:08:48 GMT
Last-Modified: Wed, 14 Jun 2023 15:21:31 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1d99ed3e58380b4"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36660
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK application-built.js Show response
flightsearch.trava.co/scripts/libs/require-js/ 36 MB
9 MB 34ms
21ms Script
application/javascript 159.69.140.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://flightsearch.trava.co/scripts/libs/require-js/application-built.js?v=yCApZviw7HwF5bxnHeaUBtB1H5C2S2KOfPycM7LEN3c

Requested by

Host: flightsearch.trava.co
URL: https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

159.69.140.59 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

flightsearch.traveknowledgy.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c8202966f8b0ec7c05e5bc671de69406d0751f90b64b628e7cfc9c33b2c43777

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 18:08:48 GMT
Content-Encoding: br
Last-Modified: Wed, 14 Jun 2023 15:21:31 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1d99ed3e7b9d4bd"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK settings Show response
flightsearch.trava.co/en-GB/app-api/ 6 KB
3 KB 344ms
344ms XHR
application/json 159.69.140.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://flightsearch.trava.co/en-GB/app-api/settings

Requested by

Host: flightsearch.trava.co
URL: https://flightsearch.trava.co/scripts/libs/require-js/application-built.js?v=yCApZviw7HwF5bxnHeaUBtB1H5C2S2KOfPycM7LEN3c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

159.69.140.59 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

flightsearch.traveknowledgy.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

64693a95619af040af2d8b4bf8048c9a686f50dc53b95323f0d4e51c68f4caa4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Jun 2023 18:08:49 GMT
Content-Encoding: br
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: -1

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://flightsearch.trava.co/en-GB/login/?returnUrl=http%3A%2F%2Fsupport.flightsearch.trava.co%2F Message: The resource https://flightsearch.trava.co/content/img/icons.svg?v=Kutq0DNLzOTJZUgV6zMRHmIrXJxdWaTgBabkpuoQV_I was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

flightsearch.trava.co
support.flightsearch.trava.co
unicons.iconscout.com
159.69.140.59
2606:4700::6812:1df3
01dac27d6933ef066aec71a20a25fc2a132773da45a51b84d13fee10fcb23b45
2aeb6ad0334bcce4c9654815eb33111e622b5c9c5d59a4e005a6e4a6ea1057f2
4e572a6a180f3813aabf9a1b74eb9432d89a4b6ea51923f4a751fdc70b283b17
61b7b24020789a0b18782eb7a9236d863777dacdbdc5960555b7cfe17768e370
64693a95619af040af2d8b4bf8048c9a686f50dc53b95323f0d4e51c68f4caa4
c8202966f8b0ec7c05e5bc671de69406d0751f90b64b628e7cfc9c33b2c43777
ea9529d1233210ebc921f6d64613b8244241b851e86f9832abdc6f4ace91ad94
f92331f941abe93ca3975e1e1df50a7f6ce04029a480bd31d6726b303eb3be2b

flightsearch.trava.co Open in urlscan Pro 159.69.140.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

2 Domains

3 Subdomains

2 IPs

2 Countries

10159 kBTransfer

38120 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

flightsearch.trava.co Open in urlscan Pro
159.69.140.59 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

10159 kB
Transfer

38120 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions