travelool.com Open in urlscan Pro
185.136.91.181 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://booking.travelool.com/
Effective URL:
https://travelool.com/
Submission: On September 18 via automatic, source certstream-suspicious (September 18th 2024, 1:56:50 pm UTC) — Scanned from ES

Summary HTTP 3 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 185.136.91.181, located in Spain and belongs to EUSKALTEL, ES. The main domain is travelool.com.
TLS certificate: Issued by R10 on September 9th 2024. Valid for: 3 months.

This is the only time travelool.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	212.222.42.65 212.222.42.65	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3	185.136.91.181 185.136.91.181	12338 (EUSKALTEL) (EUSKALTEL)
3	1

1 212.222.42.65 (Madrid, Spain) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

booking.travelool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.136.91.181 (Spain)

ASN12338 (EUSKALTEL, ES)
PTR: vps16116.ervers.com

travelool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	travelool.com 1 redirects booking.travelool.com travelool.com	38 KB
3	1

	Domain	Requested by
3	travelool.com	travelool.com
1	booking.travelool.com	1 redirects
3	2

This site contains no links.

Subject Issuer	Validity	Valid
cpcontacts.travelool.com R10	`2024-09-09` - `2024-12-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://travelool.com/
Frame ID: 97355F79D33AB9AC9C217C59923391C5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Travelool

Page URL History Show full URLs

https://booking.travelool.com/ HTTP 301
http://travelool.com/ HTTP 307
https://travelool.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

37 kB
Transfer

37 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://booking.travelool.com/ HTTP 301
http://travelool.com/ HTTP 307
https://travelool.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response travelool.com/ Redirect Chain https://booking.travelool.com/ http://travelool.com/ https://travelool.com/	5 KB 5 KB	484ms 378ms	Document text/html	185.136.91.181 EUSKALTEL
General Check archive.org Show headers Download Go to Full URL https://travelool.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.136.91.181 , Spain, ASN12338 (EUSKALTEL, ES), Reverse DNS vps16116.ervers.com Software nginx / Resource Hash `953447daf6ef868b048f329b8b48ae1b5fd4f85e6074c55d3c72b31dae07c0fe` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers content-type text/html; charset=UTF-8 date Wed, 18 Sep 2024 13:56:45 GMT link <https://travelool.com/wp-json/>; rel="https://api.w.org/", <https://travelool.com/wp-json/wp/v2/pages/122>; rel="alternate"; title="JSON"; type="application/json", <https://travelool.com/>; rel=shortlink server nginx Redirect headers Location https://travelool.com/ Non-Authoritative-Reason HttpsUpgrades
GET H2	200	fondo-mantenimiento-1.jpg travelool.com/wp-content/plugins/mantenimiento-web/frontal/img/	27 KB 27 KB	94ms 94ms	Image image/jpeg	185.136.91.181 EUSKALTEL
General Check archive.org Show headers Download Go to Show image Full URL https://travelool.com/wp-content/plugins/mantenimiento-web/frontal/img/fondo-mantenimiento-1.jpg Requested by Host: travelool.com URL: https://travelool.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.136.91.181 , Spain, ASN12338 (EUSKALTEL, ES), Reverse DNS vps16116.ervers.com Software nginx / Resource Hash `e45fa8108f769391052477a5dd84b86eeeea5e4ead757e62e8fa8930febad1d2` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://travelool.com/ Response headers accept-ranges bytes content-length 27859 date Wed, 18 Sep 2024 13:56:45 GMT content-type image/jpeg last-modified Wed, 28 Feb 2024 08:22:00 GMT server nginx
GET H2	200	FAVICON.png travelool.com/wp-content/uploads/2023/02/	4 KB 4 KB	49ms 49ms	Other image/png	185.136.91.181 EUSKALTEL
General Check archive.org Show headers Download Go to Full URL https://travelool.com/wp-content/uploads/2023/02/FAVICON.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.136.91.181 , Spain, ASN12338 (EUSKALTEL, ES), Reverse DNS vps16116.ervers.com Software nginx / Resource Hash `e8e8781fb2a1c00cdc69f87615e897179bf5ded121e7d5289e21befeec7281ad` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://travelool.com/ Response headers accept-ranges bytes content-length 4396 date Wed, 18 Sep 2024 13:56:46 GMT content-type image/png last-modified Tue, 17 Sep 2024 08:09:26 GMT server nginx

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.travelool.com/	1969-12-31 23:59:59	Name: brand Value: 37788
.travelool.com/	1970-01-21 00:42:35	Name: mkt_pref Value: YToxOntzOjEwOiJ0cmFja3BhcmFtIjtzOjM4OiJhJTNBMCUzQSU3QiU3RERBVEFfU0VQQVJBVE9SNDE4OTAyMDk3NyI7fQ%3D%3D
.travelool.com/	1970-01-20 23:59:09	Name: info_localizacion Value: 30200%2Fes%2FEUR%2F
.travelool.com/	1970-01-21 00:42:35	Name: _upfs Value: eyJtYXJrZXRfaWQiOjEsImxhbmdfMSI6ImVzIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.travelool.com
travelool.com
185.136.91.181
212.222.42.65
953447daf6ef868b048f329b8b48ae1b5fd4f85e6074c55d3c72b31dae07c0fe
e45fa8108f769391052477a5dd84b86eeeea5e4ead757e62e8fa8930febad1d2
e8e8781fb2a1c00cdc69f87615e897179bf5ded121e7d5289e21befeec7281ad

travelool.com Open in urlscan Pro 185.136.91.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

37 kBTransfer

37 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

4 Cookies

Indicators

travelool.com Open in urlscan Pro
185.136.91.181 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

37 kB
Transfer

37 kB
Size

4
Cookies

3 HTTP transactions
0 data transactions