urlscan.io logo urlscan.io
SecurityTrails logo

aerotour.su Open in urlscan Pro
91.220.146.220  Public Scan

Go To Rescan Add Verdict Report
URL: http://aerotour.su/
Submission Tags: ae su 💩 ru l4ing mass h8 Search All
Submission: On January 21 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 91.220.146.220, located in St Petersburg, Russian Federation and belongs to SKYTEL-AS, RU. The main domain is aerotour.su.
This is the only time aerotour.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 91.220.146.220 205998 (SKYTEL-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 85.119.149.237 49505 (SELECTEL)
2 2a00:1450:400... 15169 (GOOGLE)
8 5
Apex Domain
Subdomains		 Transfer
3 nemo.travel
cdn.nemo.travel
geodata.nemo.travel
182 KB
2 gstatic.com
fonts.gstatic.com
70 KB
2 aerotour.su
aerotour.su
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
8 4
Domain Requested by
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.nemo.travel aerotour.su
2 aerotour.su aerotour.su
1 geodata.nemo.travel cdn.nemo.travel
1 fonts.googleapis.com aerotour.su
8 5

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.nemo.travel
AlphaSSL CA - SHA256 - G2		 2022-03-05 -
2023-04-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://aerotour.su/
Frame ID: 761BF4DAFD1B003814DFBADB823C365B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Главная - MODX Revolution

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

75 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

265 kB
Transfer

695 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
aerotour.su/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://aerotour.su/
Protocol
HTTP/1.0
Server
91.220.146.220 St Petersburg, Russian Federation, ASN205998 (SKYTEL-AS, RU),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
305141e4f524344f13ee94eeef1b444c42efa0117a8a016ea785c743601363cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Jan 2023 16:43:06 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache/2.4.10 (Debian)
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,500,600,700&subset=cyrillic
Requested by
Host: aerotour.su
URL: http://aerotour.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8237cf50fab2c9b062a6fc6e3b5eb813724bfae894bbdb5cea24ff83adb480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://aerotour.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 21 Jan 2023 16:43:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 21 Jan 2023 16:43:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Jan 2023 16:43:06 GMT
flights.search.widget.min.css
cdn.nemo.travel/search-form/v2.5.22/ 		96 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.nemo.travel/search-form/v2.5.22/flights.search.widget.min.css
Requested by
Host: aerotour.su
URL: http://aerotour.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.119.149.237 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
362f4e9e1dcbd39d5809c454688c57898ca2a528e0c9acfa7f2f2e016dace19d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://aerotour.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 16:39:33 GMT
content-encoding
gzip
last-modified
Mon, 17 Sep 2018 17:55:00 GMT
server
nginx
etag
W/"5b9fea74-17f3e"
content-type
text/css
style.css
aerotour.su/assets/css/ 		2 KB
950 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://aerotour.su/assets/css/style.css
Requested by
Host: aerotour.su
URL: http://aerotour.su/
Protocol
HTTP/1.0
Server
91.220.146.220 St Petersburg, Russian Federation, ASN205998 (SKYTEL-AS, RU),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
880e58e8a7e3094e081c34f204ecbf39127efe1f1d2a1e434cbaba34691c25b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://aerotour.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sat, 21 Jan 2023 16:43:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Jul 2019 14:39:52 GMT
Server
Apache/2.4.10 (Debian)
ETag
"75c-58efb191d2122-gzip"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
674
flights.search.widget.min.js
cdn.nemo.travel/search-form/v2.5.22/ 		505 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.nemo.travel/search-form/v2.5.22/flights.search.widget.min.js
Requested by
Host: aerotour.su
URL: http://aerotour.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.119.149.237 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
3909dbcd7c97a83bb318b4e4c15208b3d605c0d53d04473d5d275cf6a7959967

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://aerotour.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 16:39:33 GMT
content-encoding
gzip
last-modified
Mon, 17 Sep 2018 17:55:00 GMT
server
nginx
etag
W/"5b9fea74-7e27d"
content-type
application/javascript
LED
geodata.nemo.travel/api/guide/airports/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geodata.nemo.travel/api/guide/airports/LED?apilang=ru
Requested by
Host: cdn.nemo.travel
URL: https://cdn.nemo.travel/search-form/v2.5.22/flights.search.widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.119.149.237 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
efc3402ac188cab9fb5dc0525df7e3202f166fe913eb1b777b641cb43af1d6cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://aerotour.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 16:39:33 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=utf-8
access-control-allow-origin
http://aerotour.su
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
expires
Thu, 19 Nov 1981 08:52:00 GMT
truncated
/ 		767 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf0238a96c069719b2dd26953e20d5f61688d41e58ef04c99e99f08dc05e1445

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,500,600,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://aerotour.su
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 19:02:01 GMT
x-content-type-options
nosniff
age
423666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26240
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jan 2024 19:02:01 GMT
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aefc29e5e8fd2cd6601112e0c7be778fc5331c4f74f42bb14323194e2fc72af6

Request headers

Referer
Origin
http://aerotour.su
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
application/font-woff
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,500,600,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://aerotour.su
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 22:49:22 GMT
x-content-type-options
nosniff
age
323625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:49:22 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| setImmediate function| clearImmediate object| __core-js_shared__ object| FlightsSearchWidget object| today string| month string| todayIsoStr

1 Cookies

Domain/Path Name / Value
aerotour.su/ Name: PHPSESSID
Value: gppvl1nlauc1767rnnvgvbqaa3