urlscan.io logo urlscan.io
SecurityTrails logo

booking.avialook.aero Open in urlscan Pro
37.200.71.162  Public Scan

Go To Rescan Add Verdict Report
URL: https://booking.avialook.aero/
Submission: On May 16 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 37.200.71.162, located in Moscow, Russian Federation and belongs to SELECTEL-MSK, RU. The main domain is booking.avialook.aero.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on March 24th 2023. Valid for: a year.
This is the only time booking.avialook.aero was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 37.200.71.162 50340 (SELECTEL-MSK)
1 91.194.3.208 51520 (RH)
9 2
Apex Domain
Subdomains		 Transfer
8 avialook.aero
booking.avialook.aero
avialook.aero
371 KB
1 nemo.travel
avialook.nemo.travel
86 KB
9 2
Domain Requested by
7 booking.avialook.aero booking.avialook.aero
1 avialook.nemo.travel avialook.aero
1 avialook.aero booking.avialook.aero
9 3

This site contains no links.

Subject Issuer Validity Valid
*.nemo.travel
AlphaSSL CA - SHA256 - G4		 2023-03-24 -
2024-04-24		 a year crt.sh
avialook.aero
R3		 2023-02-23 -
2023-05-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://booking.avialook.aero/
Frame ID: A53B26A39D7084D95E318E7BEA64D052
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Поиск авиабилетов

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

9
Requests

22 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

456 kB
Transfer

2069 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
booking.avialook.aero/ 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://booking.avialook.aero/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
sys.nemo.travel
Software
nginx /
Resource Hash
8f528919fbe5ad23af4089d95124b230969c2d063ab6b67f258c8707e7040b62

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 16 May 2023 13:03:44 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
font-awesome.min.css
booking.avialook.aero/templates/wurst/f2.0/css/font/fontawesome/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://booking.avialook.aero/templates/wurst/f2.0/css/font/fontawesome/css/font-awesome.min.css
Requested by
Host: booking.avialook.aero
URL: https://booking.avialook.aero/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
sys.nemo.travel
Software
nginx /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.avialook.aero/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 16 May 2023 13:03:44 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 10:43:32 GMT
server
nginx
etag
W/"7918-5f9ae185e1d00"
content-type
text/css
style.css
booking.avialook.aero/templates/wurst/f2.0/css/ 		555 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://booking.avialook.aero/templates/wurst/f2.0/css/style.css?version=v1.125.0.4
Requested by
Host: booking.avialook.aero
URL: https://booking.avialook.aero/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
sys.nemo.travel
Software
nginx /
Resource Hash
3b17d1581eb24ad16921089f0a7cbb29174d07e72da4e9a82b6cebfba52c627d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.avialook.aero/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 16 May 2023 13:03:44 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 10:43:32 GMT
server
nginx
etag
W/"8acab-5f9ae185e1d00"
content-type
text/css
require.js
booking.avialook.aero/templates/wurst/f2.0/js/lib/requirejs/v.2.1.15/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking.avialook.aero/templates/wurst/f2.0/js/lib/requirejs/v.2.1.15/require.js
Requested by
Host: booking.avialook.aero
URL: https://booking.avialook.aero/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
sys.nemo.travel
Software
nginx /
Resource Hash
adea132a1d1a148c5313a315d4389300981c48df4e3dcd42577e7f30be7d3ab9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.avialook.aero/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:44 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 10:43:32 GMT
server
nginx
etag
W/"3b73-5f9ae185e1d00"
content-type
application/javascript; charset=utf-8
nemo-search-ru.js
booking.avialook.aero/templates/wurst/dist/ 		863 KB
258 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking.avialook.aero/templates/wurst/dist/nemo-search-ru.js?version=v1.125.0.4
Requested by
Host: booking.avialook.aero
URL: https://booking.avialook.aero/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
sys.nemo.travel
Software
nginx /
Resource Hash
9b462879c4c763deb5520abc0882ea4fdf39ef76ae44922b3cb170410c3c1d38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.avialook.aero/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:44 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 10:43:32 GMT
server
nginx
etag
W/"d7ce8-5f9ae185e1d00"
content-type
application/javascript; charset=utf-8
style.css
booking.avialook.aero/templates/avialook_admin/extfiles/ 		0
121 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://booking.avialook.aero/templates/avialook_admin/extfiles/style.css?version=v1.125.0.0
Requested by
Host: booking.avialook.aero
URL: https://booking.avialook.aero/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
sys.nemo.travel
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.avialook.aero/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:44 GMT
last-modified
Wed, 19 Apr 2023 05:13:18 GMT
server
nginx
accept-ranges
bytes
etag
"0-5f9a97b5c7780"
content-length
0
content-type
text/css
nemo.min.css
avialook.aero/assets/front/build/css/ 		43 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://avialook.aero/assets/front/build/css/nemo.min.css
Requested by
Host: booking.avialook.aero
URL: https://booking.avialook.aero/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.194.3.208 , Russian Federation, ASN51520 (RH, RU),
Reverse DNS
Software
nginx /
Resource Hash
552a9717eebd927ecac5c572d270e9fd322a2f99dbf5b1203f4f84995edc23e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.avialook.aero/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 13:08:00 GMT
Strict-Transport-Security
max-age=31536000;
Content-Encoding
gzip
Last-Modified
Wed, 01 Mar 2023 07:09:26 GMT
Server
nginx
ETag
W/"63fefa26-ab07"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
warn_line.gif
booking.avialook.aero/static/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://booking.avialook.aero/static/images/warn_line.gif
Requested by
Host: booking.avialook.aero
URL: https://booking.avialook.aero/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
sys.nemo.travel
Software
nginx /
Resource Hash
d5783e88093f2b0e799ed040726f421bc8907476a3dfd8334a56f7ec9137a48d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.avialook.aero/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:03:44 GMT
last-modified
Wed, 19 Apr 2023 10:43:30 GMT
server
nginx
accept-ranges
bytes
etag
"4df-5f9ae183f9880"
content-length
1247
content-type
image/gif
style.css
avialook.nemo.travel/templates/wurst/f2.0/css/ 		555 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://avialook.nemo.travel/templates/wurst/f2.0/css/style.css
Requested by
Host: avialook.aero
URL: https://avialook.aero/assets/front/build/css/nemo.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
sys.nemo.travel
Software
nginx /
Resource Hash
3b17d1581eb24ad16921089f0a7cbb29174d07e72da4e9a82b6cebfba52c627d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://avialook.aero/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 16 May 2023 13:03:44 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 10:43:32 GMT
server
nginx
etag
W/"8acab-5f9ae1865381a"
content-type
text/css

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| requirejs function| require function| define function| initAnalytics function| $ function| jQuery function| numeral string| nemoSourceHost

3 Cookies

Domain/Path Name / Value
booking.avialook.aero/ Name: PHPSESSID
Value: 3a1f982d23af8756c2c17f42fc031266
.avialook.aero/ Name: user_unique_id
Value: 5220288f1565686f7e63f1861bb239e9
booking.avialook.aero/ Name: nemo_currency
Value: RUB