urlscan.io logo urlscan.io
SecurityTrails logo

region24.aero Open in urlscan Pro
91.230.211.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://04kja.ru/
Effective URL: https://region24.aero/
Submission: On June 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 91.230.211.80, located in Russian Federation and belongs to RU-OPTIBIT, RU. The main domain is region24.aero.
TLS certificate: Issued by R11 on June 12th 2024. Valid for: 3 months.
This is the only time region24.aero was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 91.230.211.24 8496 (RU-OPTIBIT)
1 13 91.230.211.80 8496 (RU-OPTIBIT)
1 2a00:1450:400... 15169 (GOOGLE)
2 109.71.9.232 50340 (SELECTEL-MSK)
2 2a00:1450:400... 15169 (GOOGLE)
17 5
1    91.230.211.24 (Russian Federation)

ASN8496 (RU-OPTIBIT, RU)
PTR: 04kja.ru
04kja.ru
13    91.230.211.80 (Russian Federation)

ASN8496 (RU-OPTIBIT, RU)
PTR: region24.aero
www.region24.aero
region24.aero
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    109.71.9.232 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
cdn.nemo.travel
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
13 region24.aero
www.region24.aero
region24.aero
794 KB
2 gstatic.com
fonts.gstatic.com
74 KB
2 nemo.travel
cdn.nemo.travel
602 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
2 KB
1 04kja.ru
04kja.ru
310 B
17 5
Domain Requested by
12 region24.aero region24.aero
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.nemo.travel region24.aero
1 fonts.googleapis.com region24.aero
1 www.region24.aero 1 redirects
1 04kja.ru 1 redirects
17 6

This site contains no links.

Subject Issuer Validity Valid
region24.aero
R11		 2024-06-12 -
2024-09-10		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.nemo.travel
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-04-18 -
2025-05-20		 a year crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://region24.aero/
Frame ID: F3F56F12F9F38A6E2FBFFDBB9369F8E1
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://04kja.ru/ HTTP 301
    https://www.region24.aero/ HTTP 301
    https://region24.aero/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

1481 kB
Transfer

1494 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://04kja.ru/ HTTP 301
    https://www.region24.aero/ HTTP 301
    https://region24.aero/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
region24.aero/
Redirect Chain
  • https://04kja.ru/
  • https://www.region24.aero/
  • https://region24.aero/
155 KB
155 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://region24.aero/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.230.211.80 , Russian Federation, ASN8496 (RU-OPTIBIT, RU),
Reverse DNS
region24.aero
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 / PHP/7.3.33
Resource Hash
5b46f353c69332352a5ad9cdfe69a7b51fe53a6581f78ef485c24733d58e6e35
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Jun 2024 05:28:26 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Host
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.3.33

Redirect headers

Connection
Keep-Alive
Content-Length
230
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 17 Jun 2024 05:28:26 GMT
Keep-Alive
timeout=5, max=100
Location
https://region24.aero/
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
default.css
region24.aero/assets/components/ajaxform/css/ 		669 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://region24.aero/assets/components/ajaxform/css/default.css
Requested by
Host: region24.aero
URL: https://region24.aero/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.230.211.80 , Russian Federation, ASN8496 (RU-OPTIBIT, RU),
Reverse DNS
region24.aero
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
075885a2229f279784ac42352acc0aa1c0507d0915d55512c69dd569c4444d74
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://region24.aero/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 17 Jun 2024 05:28:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 23 May 2022 15:33:42 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"29d-5dfaf909c8180"
X-Frame-Options
SAMEORIGIN
Vary
Host
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
669
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,500,600,700&subset=cyrillic
Requested by
Host: region24.aero
URL: https://region24.aero/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4173621840a23b939c95ef40c488c66285c01d60cf68de4badf91d73f1b87cbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://region24.aero/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Jun 2024 05:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Jun 2024 05:28:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jun 2024 05:28:27 GMT
flights.search.widget.min.css
cdn.nemo.travel/search-form/v2.5.22/ 		96 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.nemo.travel/search-form/v2.5.22/flights.search.widget.min.css
Requested by
Host: region24.aero
URL: https://region24.aero/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.71.9.232 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
362f4e9e1dcbd39d5809c454688c57898ca2a528e0c9acfa7f2f2e016dace19d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://region24.aero/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 05:28:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 17 Sep 2018 17:55:00 GMT
server
nginx/1.22.0
etag
"5b9fea74-17f3e"
content-type
text/css
accept-ranges
bytes
content-length
98110
x-xss-protection
1; mode=block
flights.search.widget.min.js
cdn.nemo.travel/search-form/v2.5.22/ 		505 KB
505 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.nemo.travel/search-form/v2.5.22/flights.search.widget.min.js
Requested by
Host: region24.aero
URL: https://region24.aero/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.71.9.232 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
3909dbcd7c97a83bb318b4e4c15208b3d605c0d53d04473d5d275cf6a7959967
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://region24.aero/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 05:28:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 17 Sep 2018 17:55:00 GMT
server
nginx/1.22.0
etag
"5b9fea74-7e27d"
content-type
application/javascript
accept-ranges
bytes
content-length
516733
x-xss-protection
1; mode=block
mir-svgrepo-com%20(2).svg
region24.aero/app/img/header/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://region24.aero/app/img/header/mir-svgrepo-com%20(2).svg
Requested by
Host: region24.aero
URL: https://region24.aero/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.230.211.80 , Russian Federation, ASN8496 (RU-OPTIBIT, RU),
Reverse DNS
region24.aero
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
9acfbd380bdf474c92db3f24459e7e3c8b8a5710034c410519b48e83d6c16b1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://region24.aero/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 17 Jun 2024 05:28:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 31 Mar 2023 13:04:32 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"791-5f831d9a35800"
X-Frame-Options
SAMEORIGIN
Vary
Host
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1937
icon-viber.png
region24.aero/app/img/header/ 		984 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://region24.aero/app/img/header/icon-viber.png
Requested by
Host: region24.aero
URL: https://region24.aero/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.230.211.80 , Russian Federation, ASN8496 (RU-OPTIBIT, RU),
Reverse DNS
region24.aero
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
38e5d5cc2a5f0ca291b2c1f84bcc59951c21f701da1af0f9e4a61c49c5c82852
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://region24.aero/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 17 Jun 2024 05:28:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 04 Feb 2022 20:39:12 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"3d8-5d7373e4d9c00"
X-Frame-Options
SAMEORIGIN
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
984
icon-whatsapp.png
region24.aero/app/img/header/ 		674 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://region24.aero/app/img/header/icon-whatsapp.png
Requested by
Host: region24.aero
URL: https://region24.aero/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.230.211.80 , Russian Federation, ASN8496 (RU-OPTIBIT, RU),
Reverse DNS
region24.aero
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
be5f90642128ef2d3e02f77aa2ddd15afc2579668f81729faf1ac301c68a793d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://region24.aero/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 17 Jun 2024 05:28:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 04 Feb 2022 20:39:12 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"2a2-5d7373e4d9c00"
X-Frame-Options
SAMEORIGIN
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
674
1.png
region24.aero/app/img/start-page/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://region24.aero/app/img/start-page/1.png
Requested by
Host: region24.aero
URL: https://region24.aero/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.230.211.80 , Russian Federation, ASN8496 (RU-OPTIBIT, RU),
Reverse DNS
region24.aero
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
783df1892832c8cc899776150218a87302dae5ea051a7fa1aae81d35ea754422
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://region24.aero/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 17 Jun 2024 05:28:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 04 Feb 2022 20:39:12 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"24f92-5d7373e4d9c00"
X-Frame-Options
SAMEORIGIN
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
151442
2.png
region24.aero/app/img/start-page/ 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://region24.aero/app/img/start-page/2.png
Requested by
Host: region24.aero
URL: https://region24.aero/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.230.211.80 , Russian Federation, ASN8496 (RU-OPTIBIT, RU),
Reverse DNS
region24.aero
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
6f2fbb489aac2b3992a0d5e124ce8408709508105adf3295ea1a4e569e5dc65e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://region24.aero/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 17 Jun 2024 05:28:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 04 Feb 2022 20:39:12 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"25769-5d7373e4d9c00"
X-Frame-Options
SAMEORIGIN
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
153449
3.png
region24.aero/app/img/start-page/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://region24.aero/app/img/start-page/3.png
Requested by
Host: region24.aero
URL: https://region24.aero/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.230.211.80 , Russian Federation, ASN8496 (RU-OPTIBIT, RU),
Reverse DNS
region24.aero
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
725c4d188b50b2926c823dd5e26bccdde532fd9b1c4ff15ae957e532db530b13
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://region24.aero/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 17 Jun 2024 05:28:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 04 Feb 2022 20:39:12 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"25858-5d7373e4d9c00"
X-Frame-Options
SAMEORIGIN
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
153688
4.png
region24.aero/app/img/start-page/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://region24.aero/app/img/start-page/4.png
Requested by
Host: region24.aero
URL: https://region24.aero/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.230.211.80 , Russian Federation, ASN8496 (RU-OPTIBIT, RU),
Reverse DNS
region24.aero
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
c1bb7821ee1e75d45bfc3846229c3e33ebdbfd64165e2dcbcf8aee063d00b252
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://region24.aero/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 17 Jun 2024 05:28:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 04 Feb 2022 20:39:14 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"2aa37-5d7373e6c2080"
X-Frame-Options
SAMEORIGIN
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
174647
default.js
region24.aero/assets/components/ajaxform/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://region24.aero/assets/components/ajaxform/js/default.js
Requested by
Host: region24.aero
URL: https://region24.aero/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.230.211.80 , Russian Federation, ASN8496 (RU-OPTIBIT, RU),
Reverse DNS
region24.aero
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
cf89e62c950950fef31ffc63bce7a3bad13f5ad2f25aa949a93b73b63dd8f231
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://region24.aero/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 17 Jun 2024 05:28:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 23 May 2022 15:33:42 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"186d-5dfaf909c8180"
X-Frame-Options
SAMEORIGIN
Vary
Host
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6253
jquery.jgrowl.min.css
region24.aero/assets/components/ajaxform/css/lib/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://region24.aero/assets/components/ajaxform/css/lib/jquery.jgrowl.min.css
Requested by
Host: region24.aero
URL: https://region24.aero/assets/components/ajaxform/css/default.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.230.211.80 , Russian Federation, ASN8496 (RU-OPTIBIT, RU),
Reverse DNS
region24.aero
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
ad118ef2963bf326fac31ad81d3aea7efd26a2c9027eafa4bfd18b09f13fd687
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://region24.aero/assets/components/ajaxform/css/default.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 17 Jun 2024 05:28:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 23 May 2022 15:33:42 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"6af-5dfaf909c8180"
X-Frame-Options
SAMEORIGIN
Vary
Host
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1711
truncated
/ 		767 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf0238a96c069719b2dd26953e20d5f61688d41e58ef04c99e99f08dc05e1445

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,500,600,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://region24.aero
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 11:06:15 GMT
x-content-type-options
nosniff
age
325332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26736
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 11:06:15 GMT
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aefc29e5e8fd2cd6601112e0c7be778fc5331c4f74f42bb14323194e2fc72af6

Request headers

Referer
Origin
https://region24.aero
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,500,600,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://region24.aero
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:47:08 GMT
x-content-type-options
nosniff
age
297679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 18:47:08 GMT
icon.png
region24.aero/ 		3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://region24.aero/icon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.230.211.80 , Russian Federation, ASN8496 (RU-OPTIBIT, RU),
Reverse DNS
region24.aero
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
2272e1147124e1a6a8364596e346b378a71f39c760571f021e6cea45ce5090eb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://region24.aero/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 17 Jun 2024 05:28:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 14 Dec 2023 15:38:01 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"c77-60c7a11984840"
X-Frame-Options
SAMEORIGIN
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3191

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| setImmediate function| clearImmediate object| __core-js_shared__ object| FlightsSearchWidget string| today string| dd string| mm number| yyyy string| dd2 string| tomorrow object| AjaxForm

1 Cookies

Domain/Path Name / Value
region24.aero/ Name: PHPSESSID
Value: 46ah227jd5nqr0lh526mv8qvta

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

04kja.ru
cdn.nemo.travel
fonts.googleapis.com
fonts.gstatic.com
region24.aero
www.region24.aero
109.71.9.232
2a00:1450:4001:827::2003
2a00:1450:4001:82b::200a
91.230.211.24
91.230.211.80
075885a2229f279784ac42352acc0aa1c0507d0915d55512c69dd569c4444d74
2272e1147124e1a6a8364596e346b378a71f39c760571f021e6cea45ce5090eb
362f4e9e1dcbd39d5809c454688c57898ca2a528e0c9acfa7f2f2e016dace19d
38e5d5cc2a5f0ca291b2c1f84bcc59951c21f701da1af0f9e4a61c49c5c82852
3909dbcd7c97a83bb318b4e4c15208b3d605c0d53d04473d5d275cf6a7959967
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4173621840a23b939c95ef40c488c66285c01d60cf68de4badf91d73f1b87cbd
5b46f353c69332352a5ad9cdfe69a7b51fe53a6581f78ef485c24733d58e6e35
6f2fbb489aac2b3992a0d5e124ce8408709508105adf3295ea1a4e569e5dc65e
725c4d188b50b2926c823dd5e26bccdde532fd9b1c4ff15ae957e532db530b13
783df1892832c8cc899776150218a87302dae5ea051a7fa1aae81d35ea754422
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
9acfbd380bdf474c92db3f24459e7e3c8b8a5710034c410519b48e83d6c16b1b
ad118ef2963bf326fac31ad81d3aea7efd26a2c9027eafa4bfd18b09f13fd687
aefc29e5e8fd2cd6601112e0c7be778fc5331c4f74f42bb14323194e2fc72af6
be5f90642128ef2d3e02f77aa2ddd15afc2579668f81729faf1ac301c68a793d
bf0238a96c069719b2dd26953e20d5f61688d41e58ef04c99e99f08dc05e1445
c1bb7821ee1e75d45bfc3846229c3e33ebdbfd64165e2dcbcf8aee063d00b252
cf89e62c950950fef31ffc63bce7a3bad13f5ad2f25aa949a93b73b63dd8f231