booking.klf.aero Open in urlscan Pro
37.200.71.162  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response booking.klf.aero/	44 KB 12 KB	533ms 86ms	Document text/html	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://booking.klf.aero/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash 29b62351df181fe6959d1de3c606162a53bf5f59fcdcbeac18cdcf12f366544b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin * cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=utf-8 date Thu, 08 Jun 2023 10:32:48 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx
GET H2	200	font-awesome.min.css booking.klf.aero/templates/wurst/f2.0/css/font/fontawesome/css/	30 KB 8 KB	54ms 54ms	Stylesheet text/css	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://booking.klf.aero/templates/wurst/f2.0/css/font/fontawesome/css/font-awesome.min.css Requested by Host: booking.klf.aero URL: https://booking.klf.aero/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:32:48 GMT content-encoding gzip last-modified Wed, 19 Apr 2023 10:43:32 GMT server nginx etag W/"643fc5d4-7918" content-type text/css access-control-allow-origin * cache-control max-age=604800 expires Thu, 15 Jun 2023 10:37:13 GMT
GET H2	200	style.css booking.klf.aero/templates/wurst/f2.0/css/	555 KB 86 KB	56ms 56ms	Stylesheet text/css	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://booking.klf.aero/templates/wurst/f2.0/css/style.css?version=v1.126.0.4 Requested by Host: booking.klf.aero URL: https://booking.klf.aero/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash ffc7af4a2c705cb60da8a47be912eba41f54fa52fb115bd8a7449012f883562c Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:32:48 GMT content-encoding gzip last-modified Wed, 17 May 2023 11:33:18 GMT server nginx etag W/"6464bb7e-8ad26" content-type text/css access-control-allow-origin * cache-control max-age=604800 expires Thu, 15 Jun 2023 10:37:13 GMT
GET H2	200	require.js Show response booking.klf.aero/templates/wurst/f2.0/js/lib/requirejs/v.2.1.15/	15 KB 7 KB	108ms 108ms	Script application/javascript	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://booking.klf.aero/templates/wurst/f2.0/js/lib/requirejs/v.2.1.15/require.js Requested by Host: booking.klf.aero URL: https://booking.klf.aero/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash adea132a1d1a148c5313a315d4389300981c48df4e3dcd42577e7f30be7d3ab9 Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:32:48 GMT content-encoding gzip last-modified Wed, 19 Apr 2023 10:43:32 GMT server nginx etag W/"643fc5d4-3b73" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=604800 expires Thu, 15 Jun 2023 10:37:13 GMT
GET H2	200	nemo-search-ru.js Show response booking.klf.aero/templates/wurst/dist/	863 KB 258 KB	109ms 108ms	Script application/javascript	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://booking.klf.aero/templates/wurst/dist/nemo-search-ru.js?version=v1.126.0.4 Requested by Host: booking.klf.aero URL: https://booking.klf.aero/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash 9b462879c4c763deb5520abc0882ea4fdf39ef76ae44922b3cb170410c3c1d38 Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:32:48 GMT content-encoding gzip last-modified Wed, 19 Apr 2023 10:43:32 GMT server nginx etag W/"643fc5d4-d7ce8" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=604800 expires Thu, 15 Jun 2023 10:37:13 GMT
GET H2	200	style.css booking.klf.aero/templates/klfaero/extfiles/	612 B 537 B	108ms 107ms	Stylesheet text/css	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://booking.klf.aero/templates/klfaero/extfiles/style.css?version=v1.126.0.0 Requested by Host: booking.klf.aero URL: https://booking.klf.aero/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash 2a0ed5868b97343c21aee9c5520494a32629d5ef5e10163acf6a6dee6fe512d5 Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:32:48 GMT content-encoding gzip last-modified Wed, 19 Apr 2023 05:13:16 GMT server nginx etag W/"643f786c-264" content-type text/css access-control-allow-origin * cache-control max-age=604800 expires Thu, 15 Jun 2023 10:37:13 GMT
GET H2	200	logo.png klf.aero/local/templates/klf2020/img/	6 KB 6 KB	297ms 76ms	Image image/png	178.177.3.21 SONICDUO-AS
General Check archive.org Show headers Download Go to Show image Full URL https://klf.aero/local/templates/klf2020/img/logo.png Requested by Host: booking.klf.aero URL: https://booking.klf.aero/templates/klfaero/extfiles/style.css?version=v1.126.0.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.177.3.21 , Russian Federation, ASN25159 (SONICDUO-AS, RU), Reverse DNS clients-21.3.177.178.misp.ru Software nginx / Resource Hash 6206f1d389a596667f53d9afd8a5de74554c99d6f67d33f819b871431ecf0f5e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:37:13 GMT x-content-type-options nosniff last-modified Thu, 16 Jun 2022 15:03:00 GMT server nginx etag "62ab4624-166f" x-frame-options SAMEORIGIN content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 5743 expires Sat, 08 Jul 2023 10:37:13 GMT
GET H2	200	flags.png booking.klf.aero/templates/wurst/f2.0/css/images/	14 KB 14 KB	54ms 54ms	Image image/png	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Show image Full URL https://booking.klf.aero/templates/wurst/f2.0/css/images/flags.png Requested by Host: booking.klf.aero URL: https://booking.klf.aero/templates/wurst/f2.0/css/style.css?version=v1.126.0.4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash e998fa2440b0e0028f6869bb868e27387ae87419c31a5b841e4741264013f7b9 Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/templates/wurst/f2.0/css/style.css?version=v1.126.0.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:32:48 GMT last-modified Wed, 19 Apr 2023 10:43:32 GMT server nginx etag "643fc5d4-369e" content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 13982 expires Thu, 15 Jun 2023 10:37:13 GMT
GET H2	200	jquery.nemoSVARX.js Show response booking.klf.aero/templates/wurst/f2.0/legacyJS/jquery.nemoSVARX/	39 KB 13 KB	54ms 54ms	Script application/javascript	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://booking.klf.aero/templates/wurst/f2.0/legacyJS/jquery.nemoSVARX/jquery.nemoSVARX.js?version=v1.126.0.4 Requested by Host: booking.klf.aero URL: https://booking.klf.aero/templates/wurst/f2.0/js/lib/requirejs/v.2.1.15/require.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash a58b84827f5f41e4732c1a21b9f5a1248657887ecc9feaf630a99b35203c19b6 Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:32:48 GMT content-encoding gzip last-modified Wed, 19 Apr 2023 10:43:32 GMT server nginx etag W/"643fc5d4-9ad6" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=604800 expires Thu, 15 Jun 2023 10:37:13 GMT
GET H2	200	jquery.nemoSVARX.methods.main.js Show response booking.klf.aero/templates/wurst/f2.0/legacyJS/jquery.nemoSVARX/	3 KB 1 KB	55ms 55ms	Script application/javascript	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://booking.klf.aero/templates/wurst/f2.0/legacyJS/jquery.nemoSVARX/jquery.nemoSVARX.methods.main.js?version=v1.126.0.4 Requested by Host: booking.klf.aero URL: https://booking.klf.aero/templates/wurst/f2.0/js/lib/requirejs/v.2.1.15/require.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash 2d10130c2d9d31fd1e9fd9bcaf7b3bf61f73356285d62d56718332fe00847ad4 Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:32:48 GMT content-encoding gzip last-modified Wed, 19 Apr 2023 10:43:32 GMT server nginx etag W/"643fc5d4-d44" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=604800 expires Thu, 15 Jun 2023 10:37:13 GMT
GET H2	200	jquery.SVARXBinder.js Show response booking.klf.aero/templates/wurst/f2.0/legacyJS/jquery.nemoSVARX/	5 KB 2 KB	56ms 56ms	Script application/javascript	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://booking.klf.aero/templates/wurst/f2.0/legacyJS/jquery.nemoSVARX/jquery.SVARXBinder.js?version=v1.126.0.4 Requested by Host: booking.klf.aero URL: https://booking.klf.aero/templates/wurst/f2.0/js/lib/requirejs/v.2.1.15/require.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash ce04430877a89c56b0f8f376a8cf0706110f9a1630a7fe5aad27b03dc46fa9b4 Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:32:48 GMT content-encoding gzip last-modified Wed, 19 Apr 2023 10:43:32 GMT server nginx etag W/"643fc5d4-13ee" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=604800 expires Thu, 15 Jun 2023 10:37:13 GMT
GET H2	200	popup-close.svg booking.klf.aero/templates/wurst/f2.0/css/images/ui/	618 B 837 B	56ms 56ms	Image image/svg+xml	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Show image Full URL https://booking.klf.aero/templates/wurst/f2.0/css/images/ui/popup-close.svg Requested by Host: booking.klf.aero URL: https://booking.klf.aero/templates/wurst/f2.0/css/style.css?version=v1.126.0.4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash 835c0bc04d70b5c08bb443a885374daa01365431a5f403380396178bf4fafe1a Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/templates/wurst/f2.0/css/style.css?version=v1.126.0.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:32:48 GMT last-modified Wed, 19 Apr 2023 10:43:32 GMT server nginx etag "643fc5d4-26a" content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 618 expires Thu, 15 Jun 2023 10:37:13 GMT
GET H2	200	captcha.php Show response booking.klf.aero/	1 KB 1 KB	160ms 160ms	XHR text/html	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://booking.klf.aero/captcha.php?sid=0.6773542090182372 Requested by Host: booking.klf.aero URL: https://booking.klf.aero/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash 43367ee40fd53853bd1655b508ee721c9716b5182dd09c2fe570f4db787445de Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Thu, 08 Jun 2023 10:32:48 GMT content-encoding gzip last-modified Thu, 08 Jun 2023 10:37:13GMT server nginx content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-transfer-encoding base64 expires Mon, 26 Jul 1997 05:00:00 GMT
POST H2	200	SVARXSupport__getSVARXErrors Show response booking.klf.aero/	9 KB 2 KB	110ms 109ms	XHR text/html	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://booking.klf.aero/SVARXSupport__getSVARXErrors Requested by Host: booking.klf.aero URL: https://booking.klf.aero/templates/wurst/dist/nemo-search-ru.js?version=v1.126.0.4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash 56908afc05709dabbd7eb4cabbb8f7f066cd45f1881724c42295de3155dbfc30 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://booking.klf.aero/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers content-type text/html; charset=utf-8 pragma no-cache date Thu, 08 Jun 2023 10:32:48 GMT cache-control no-store, no-cache, must-revalidate content-encoding gzip server nginx expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	authorization__get_captcha Show response booking.klf.aero/	69 B 232 B	64ms 63ms	XHR text/html	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://booking.klf.aero/authorization__get_captcha Requested by Host: booking.klf.aero URL: https://booking.klf.aero/templates/wurst/dist/nemo-search-ru.js?version=v1.126.0.4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash a3b332079bbde18b8d2d24d1602b463e3c5fb0857f3e3f9f9205c1efad0f12de Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://booking.klf.aero/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers content-type text/html; charset=utf-8 pragma no-cache date Thu, 08 Jun 2023 10:32:48 GMT cache-control no-store, no-cache, must-revalidate server nginx content-length 69 expires Thu, 19 Nov 1981 08:52:00 GMT
GET DATA	200 OK	truncated /	791 B 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d391b2a36770bd1c41250e97d1e99a4b79b0754a0fb7e29e66b277dc8309dbfb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	all Show response booking.klf.aero/api/guide/airlines/	679 KB 67 KB	65ms 65ms	XHR text/html	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://booking.klf.aero/api/guide/airlines/all?user_language_get_change=ru Requested by Host: booking.klf.aero URL: https://booking.klf.aero/templates/wurst/dist/nemo-search-ru.js?version=v1.126.0.4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash c8b5a92748b82c38332e35b3187cde9d4e21c3c96619d2b8a2e64740d00fc4a7 Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma date Thu, 08 Jun 2023 10:32:48 GMT content-encoding gzip last-modified Thu, 08 Jun 2023 10:37:14 GMT server nginx content-type text/html; charset=utf-8 access-control-allow-origin * cache-control max-age=3600, must-revalidate access-control-allow-credentials true expires
GET H2	200	arrow.svg booking.klf.aero/templates/wurst/f2.0/css/images/	430 B 648 B	54ms 53ms	Image image/svg+xml	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Show image Full URL https://booking.klf.aero/templates/wurst/f2.0/css/images/arrow.svg Requested by Host: booking.klf.aero URL: https://booking.klf.aero/templates/wurst/f2.0/css/style.css?version=v1.126.0.4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash 13cf5481d2dbec48d80a5887186d81c4e08762266f79dc0c733e7dce2fa4547b Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/templates/wurst/f2.0/css/style.css?version=v1.126.0.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:32:48 GMT last-modified Wed, 19 Apr 2023 10:43:32 GMT server nginx etag "643fc5d4-1ae" content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 430 expires Thu, 15 Jun 2023 10:37:14 GMT
GET H2	200	fsf-sprite.svg booking.klf.aero/templates/wurst/f2.0/css/images/	3 KB 3 KB	54ms 54ms	Image image/svg+xml	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Show image Full URL https://booking.klf.aero/templates/wurst/f2.0/css/images/fsf-sprite.svg Requested by Host: booking.klf.aero URL: https://booking.klf.aero/templates/wurst/f2.0/css/style.css?version=v1.126.0.4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash 13fa20f915ec57213eaf76c4d1f92e219481ba9e1ac1c10e132eb2b0167c47e9 Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/templates/wurst/f2.0/css/style.css?version=v1.126.0.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:32:48 GMT last-modified Wed, 19 Apr 2023 10:43:32 GMT server nginx etag "643fc5d4-c5c" content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 3164 expires Thu, 15 Jun 2023 10:37:14 GMT
GET H2	200	ui-select-arrow.svg booking.klf.aero/templates/wurst/f2.0/css/images/ui/	617 B 836 B	54ms 54ms	Image image/svg+xml	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Show image Full URL https://booking.klf.aero/templates/wurst/f2.0/css/images/ui/ui-select-arrow.svg Requested by Host: booking.klf.aero URL: https://booking.klf.aero/templates/wurst/f2.0/css/style.css?version=v1.126.0.4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash 8e0ddf0c84bb00769924b4e5318042306af1180c0be510ea8e398c8dfa79acf2 Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/templates/wurst/f2.0/css/style.css?version=v1.126.0.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:32:48 GMT last-modified Wed, 19 Apr 2023 10:43:32 GMT server nginx etag "643fc5d4-269" content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 617 expires Thu, 15 Jun 2023 10:37:14 GMT
GET H2	200	checkbox_sprite.svg booking.klf.aero/templates/wurst/f2.0/css/images/ui/	1010 B 1 KB	54ms 54ms	Image image/svg+xml	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Show image Full URL https://booking.klf.aero/templates/wurst/f2.0/css/images/ui/checkbox_sprite.svg Requested by Host: booking.klf.aero URL: https://booking.klf.aero/templates/wurst/f2.0/css/style.css?version=v1.126.0.4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash 5bbca5a70816eada3f4d0ba242bbae0cf789671903583a0c89e7e17754961172 Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/templates/wurst/f2.0/css/style.css?version=v1.126.0.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:32:48 GMT last-modified Wed, 19 Apr 2023 10:43:32 GMT server nginx etag "643fc5d4-3f2" content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 1010 expires Thu, 15 Jun 2023 10:37:14 GMT
GET H2	200	fontawesome-webfont.woff2 booking.klf.aero/templates/wurst/f2.0/css/font/fontawesome/fonts/	75 KB 76 KB	54ms 54ms	Font application/octet-stream	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://booking.klf.aero/templates/wurst/f2.0/css/font/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: booking.klf.aero URL: https://booking.klf.aero/templates/wurst/f2.0/css/font/fontawesome/css/font-awesome.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://booking.klf.aero/templates/wurst/f2.0/css/font/fontawesome/css/font-awesome.min.css Origin https://booking.klf.aero accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 10:32:48 GMT last-modified Wed, 19 Apr 2023 10:43:32 GMT server nginx etag "643fc5d4-12d68" content-type application/octet-stream access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 77160 expires Thu, 15 Jun 2023 10:37:14 GMT
GET H2	200	history Show response booking.klf.aero/api/flights/search/	857 B 591 B	58ms 58ms	XHR text/html	37.200.71.162 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://booking.klf.aero/api/flights/search/history?user_language_get_change=ru Requested by Host: booking.klf.aero URL: https://booking.klf.aero/templates/wurst/dist/nemo-search-ru.js?version=v1.126.0.4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.200.71.162 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sys.nemo.travel Software nginx / Resource Hash 78d760fb1504f3ee6768a0e8532ae9d5cd6f8707e2653b1e8ee3754313a85835 Request headers accept-language de-DE,de;q=0.9 Referer https://booking.klf.aero/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers pragma no-cache date Thu, 08 Jun 2023 10:32:48 GMT content-encoding gzip server nginx content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true expires Thu, 19 Nov 1981 08:52:00 GMT

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| requirejs function| require function| define function| initAnalytics function| $ function| jQuery function| numeral string| nemoSourceHost

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			booking.klf.aero/	1969-12-31 23:59:59	Name: PHPSESSID Value: deec88cce32481b53cfeb31db5ec2b40
			.klf.aero/	1970-01-20 16:02:40	Name: user_unique_id Value: e90eb015a1c8956e96f7ad5a17debf96
			booking.klf.aero/	1970-01-20 21:59:40	Name: ccCurrency Value: RUB
			booking.klf.aero/	1969-12-31 23:59:59	Name: nemo_currency Value: RUB

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.klf.aero
klf.aero
178.177.3.21
37.200.71.162
13cf5481d2dbec48d80a5887186d81c4e08762266f79dc0c733e7dce2fa4547b
13fa20f915ec57213eaf76c4d1f92e219481ba9e1ac1c10e132eb2b0167c47e9
29b62351df181fe6959d1de3c606162a53bf5f59fcdcbeac18cdcf12f366544b
2a0ed5868b97343c21aee9c5520494a32629d5ef5e10163acf6a6dee6fe512d5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d10130c2d9d31fd1e9fd9bcaf7b3bf61f73356285d62d56718332fe00847ad4
43367ee40fd53853bd1655b508ee721c9716b5182dd09c2fe570f4db787445de
56908afc05709dabbd7eb4cabbb8f7f066cd45f1881724c42295de3155dbfc30
5bbca5a70816eada3f4d0ba242bbae0cf789671903583a0c89e7e17754961172
6206f1d389a596667f53d9afd8a5de74554c99d6f67d33f819b871431ecf0f5e
78d760fb1504f3ee6768a0e8532ae9d5cd6f8707e2653b1e8ee3754313a85835
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
835c0bc04d70b5c08bb443a885374daa01365431a5f403380396178bf4fafe1a
8e0ddf0c84bb00769924b4e5318042306af1180c0be510ea8e398c8dfa79acf2
9b462879c4c763deb5520abc0882ea4fdf39ef76ae44922b3cb170410c3c1d38
a3b332079bbde18b8d2d24d1602b463e3c5fb0857f3e3f9f9205c1efad0f12de
a58b84827f5f41e4732c1a21b9f5a1248657887ecc9feaf630a99b35203c19b6
adea132a1d1a148c5313a315d4389300981c48df4e3dcd42577e7f30be7d3ab9
c8b5a92748b82c38332e35b3187cde9d4e21c3c96619d2b8a2e64740d00fc4a7
ce04430877a89c56b0f8f376a8cf0706110f9a1630a7fe5aad27b03dc46fa9b4
d391b2a36770bd1c41250e97d1e99a4b79b0754a0fb7e29e66b277dc8309dbfb
e998fa2440b0e0028f6869bb868e27387ae87419c31a5b841e4741264013f7b9
ffc7af4a2c705cb60da8a47be912eba41f54fa52fb115bd8a7449012f883562c