mkb.level.travel Open in urlscan Pro
178.154.205.88 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mkb.level.travel/
Submission: On February 19 via api (February 19th 2023, 11:15:24 am UTC) from RU — Scanned from DE

Summary HTTP 113 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 18 domains to perform 113 HTTP transactions. The main IP is 178.154.205.88, located in Russian Federation and belongs to YANDEXCLOUD, RU. The main domain is mkb.level.travel.
TLS certificate: Issued by R3 on December 6th 2022. Valid for: 3 months.

This is the only time mkb.level.travel was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	178.154.205.88 178.154.205.88	200350 (YANDEXCLOUD) (YANDEXCLOUD)
51	2a13:1ec0:100... 2a13:1ec0:1000::1073	201589 (EDGEAMLLC) (EDGEAMLLC)
1 9	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	52.17.120.67 52.17.120.67	16509 (AMAZON-02) (AMAZON-02)
4	84.252.130.113 84.252.130.113	200350 (YANDEXCLOUD) (YANDEXCLOUD)
5 11	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:400d:808::2008	15169 (GOOGLE) (GOOGLE)
1	35.186.228.179 35.186.228.179	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 2	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1 2	34.117.176.229 34.117.176.229	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	188.72.109.103 188.72.109.103	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.218.121.66 52.218.121.66	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
113	21

21 178.154.205.88 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

mkb.level.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.level.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
conversion.cx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2a13:1ec0:1000::1073 (Armenia)

ASN201589 (EDGEAMLLC, AM)

cdn.yc.level.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3.yc.level.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8:20::215 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.17.120.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-120-67.eu-west-1.compute.amazonaws.com

api.flocktory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.252.130.113 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

api.mindbox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2008 (Ireland)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.228.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.228.186.35.bc.googleusercontent.com

google-analytics.bi.owox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.52.67 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.176.229 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.176.117.34.bc.googleusercontent.com

wf.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.109.103 (Sucre, Bolivia, Plurinational State Of) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

tag.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o180558.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.121.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

lt-assets.s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	level.travel mkb.level.travel cdn.yc.level.travel api.level.travel s3.yc.level.travel	4 MB
9	yastatic.net 1 redirects yastatic.net — Cisco Umbrella Rank: 7197	187 KB
8	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9388	3 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 ssl.google-analytics.com — Cisco Umbrella Rank: 362	103 KB
5	yandex.ru 2 redirects yandex.ru — Cisco Umbrella Rank: 1724 mc.yandex.ru — Cisco Umbrella Rank: 3701 an.yandex.ru — Cisco Umbrella Rank: 3718	156 KB
4	mindbox.ru api.mindbox.ru — Cisco Umbrella Rank: 38869	22 KB
4	flocktory.com api.flocktory.com — Cisco Umbrella Rank: 78446	98 KB
3	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 10359 ad.mail.ru — Cisco Umbrella Rank: 9987	2 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77	17 KB
2	conversion.cx conversion.cx	659 B
2	weborama.fr 1 redirects wf.frontend.weborama.fr — Cisco Umbrella Rank: 64973	654 B
1	amazonaws.com lt-assets.s3-eu-west-1.amazonaws.com	37 KB
1	sentry.io o180558.ingest.sentry.io	278 B
1	rutarget.ru 1 redirects tag.rutarget.ru — Cisco Umbrella Rank: 89610	598 B
1	google.de www.google.de — Cisco Umbrella Rank: 6232	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	owox.com google-analytics.bi.owox.com — Cisco Umbrella Rank: 68389	14 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	81 KB
113	18

	Domain	Requested by
50	cdn.yc.level.travel	mkb.level.travel cdn.yc.level.travel
11	api.level.travel	cdn.yc.level.travel
9	yastatic.net	1 redirects yastatic.net
8	mc.yandex.com	3 redirects mkb.level.travel cdn.yc.level.travel
8	mkb.level.travel	mkb.level.travel cdn.yc.level.travel
4	api.mindbox.ru	www.googletagmanager.com api.mindbox.ru
4	api.flocktory.com	www.googletagmanager.com api.flocktory.com mkb.level.travel
4	www.google-analytics.com	www.googletagmanager.com mkb.level.travel cdn.yc.level.travel
3	mc.yandex.ru	2 redirects mkb.level.travel
3	stats.g.doubleclick.net	mkb.level.travel www.google-analytics.com
2	conversion.cx	cdn.yc.level.travel
2	wf.frontend.weborama.fr	1 redirects api.flocktory.com
2	top-fwz1.mail.ru	1 redirects api.flocktory.com
1	an.yandex.ru	yastatic.net
1	lt-assets.s3-eu-west-1.amazonaws.com	mkb.level.travel
1	s3.yc.level.travel	mkb.level.travel
1	o180558.ingest.sentry.io	cdn.yc.level.travel
1	ad.mail.ru	api.flocktory.com
1	tag.rutarget.ru	1 redirects
1	www.google.de	mkb.level.travel
1	www.google.com	mkb.level.travel
1	google-analytics.bi.owox.com	mkb.level.travel
1	ssl.google-analytics.com	mkb.level.travel
1	www.googletagmanager.com	mkb.level.travel
1	yandex.ru	mkb.level.travel
113	25

This site contains links to these domains. Also see Links.

Domain
telegram.me
vk.com
wa.clck.bar

Subject Issuer	Validity	Valid
level.travel R3	`2022-12-06` - `2023-03-06`	3 months	crt.sh
cdn.yc.level.travel R3	`2023-01-09` - `2023-04-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.flocktory.com Go Daddy Secure Certificate Authority - G2	`2022-06-09` - `2023-07-11`	a year	crt.sh
*.mindbox.ru Go Daddy Secure Certificate Authority - G2	`2022-03-16` - `2023-04-17`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
google-analytics.bi.owox.com GTS CA 1D4	`2023-02-03` - `2023-05-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
*.frontend.weborama.fr Go Daddy Secure Certificate Authority - G2	`2022-02-22` - `2023-03-26`	a year	crt.sh
*.ingest.sentry.io R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
s3.yc.level.travel R3	`2023-01-09` - `2023-04-09`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2022-09-21` - `2023-08-30`	a year	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-21` - `2023-04-21`	6 months	crt.sh
conversion.cx R3	`2023-01-28` - `2023-04-28`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://mkb.level.travel/
Frame ID: B5025BF88E69E0E5EDF3E75AD32EA9FD
Requests: 106 HTTP requests in this frame

Frame: https://api.flocktory.com/v2/provider/provider.html
Frame ID: 1A97DA78D4569C526619278419989449
Requests: 1 HTTP requests in this frame

Frame: https://top-fwz1.mail.ru/counter2?id=2951107;pid=bdc24c89-8faa-45fc-9590ddf3aa794110
Frame ID: FA593CCF86F71641F1DE076DE2A655C3
Requests: 1 HTTP requests in this frame

Frame: https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22bdc24c89-8faa-45fc-9590ddf3aa794110%22%7D&d.r=1676805313035&bounce=1&random=3744767948
Frame ID: A7BB3783EC10ADCBB0D036647C9F27D4
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/cm.gif?p=34&id=-DnfoWdXqNLL
Frame ID: AE5DB31238D1DD0CC431554E5FC3A42E
Requests: 1 HTTP requests in this frame

Frame: https://an.yandex.ru/adfox/262376/getBulk/v2?dl=https%3A%2F%2Fmkb.level.travel%2F&date=2023-02-19T11%3A15%3A19.687%2B00%3A00&pd=19&pdh=1200&pdw=1600&pr1=1318328337&pr=3095909412&prr=&pv=11&pw=0&extid_loader=MTY3NjgwNTMxMzg0MDM3NTc3Mw%3D%3D&extid_tag_loader=mkb.level.travel&ylv=0.724193&ybv=0.724193&ytt=123696669917189&is-turbo=0&skip-token=&ad-session-id=2303271676805319690&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=724193&p1=cqjqx&p2=hhzi&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&duid=MTY3NjgwNTMxMzg0MDM3NTc3Mw%3D%3D&pcode-test-ids=657519%2C0%2C46%3B711825%2C0%2C43%3B706837%2C0%2C97%3B719186%2C0%2C10%3B719404%2C0%2C36%3B720454%2C0%2C98%3B720948%2C0%2C49%3B720934%2C0%2C56%3B716708%2C0%2C76%3B717057%2C0%2C54%3B717741%2C0%2C34%3B672078%2C0%2C33%3B720773%2C0%2C19%3B724193%2C0%2C52%3B681848%2C0%2C74&pcode-flags-map=eJytWG1v2zYQ%2FiuDPw%2BZ3l%2F6jZIom7AkaiTl1C0Kwk3dxENehtTpuhb97zuKsi3JDp1sAwokcX0Pj3fP3T3HHxMyrSjDsiSc40xmSCBZI4ZKLnPK5IJkmEpSyZSWCZ28ef9j8nV1%2B7SevJmsv%2F05%2BXWyXX%2FZkk%2Fwpx9bnu9Pfn74dbJAXDL8e4O5kIsS1TJntJQo4wN7wRrcBwjs0ImsFgBXKCnw6HD4JScVERj8S%2Bd8RoW8JGJGGyER%2BC64ybvA94PIfTX4%2F4GMikLWjGZNKvjxMa%2BDxgD5yrz0QFRe4MxLSIUsUIKLFgpAElRVmJmzE7iuF%2FZ9qfCl5HOwhn8KkKIMM1kXaDmCGjsU%2BU4c7x0iVY2mWHJB0vlSZoQr8KyNWqJSm%2BX0LXzMcCokx0UxgMZv6yF0aDsH6IYPvaxQVTfmW8Z2aHl7AJSpQC0VxVIKmZtKQTWjO3obwUIr9KLwAFYUEHpaFUtZN0lBUolq0mYAoscFFKEZzbYt3%2B7VV0kXWNICbMk7vK9ZVWkv99B2I88acmNPVVoBKITwDELsueERRfcgBYEeAKEf1wQrTRQBVN%2FVvaQjBNg1lYBLdUwgFaprs2eO5XnO4W5C1yZmnNBqYBk6nh05Q1svDDWPmop0zG4zVQ4O3T4%2BrXtmnhO5sQ6noh7nbXGNbMZ37RkpHmBcSZpwzBbjKrpffbxdDyzdwIl17HPyFjp4JWeYTGdCVsJ8pOe7sabSElUZfitZIzNaIlIZO7wVOm6wPy9hdA7OwllyykhmtLRDPwpOHqgqXjCSGM0d2wp0Vb7DlSPzBprDJcmgP5MSmofR1rO9bqq0tjs%2BJZSppDKUkYb%2F8kKEJVJ%2Ba4ehni%2FR0jgafCiNLs5ZriqS17QCYghSYugpA1PHsqyhrWe5%2Bs51SjNVAGBaGeeF7%2FkA01FJtU2GFXd350nVLY3mwHrn2JzkqkNdqiICdv4bhJ0DC1Q0g2y51mnrAiNWyVIJkwViBI3uPShW37esLso1I5QRsZTJEjoOvqwpMwcsCIOu9na86PpLyo0zzIc5EfUYSbhMEWOgGlCaQpa4oUv4sevb9sC2ZTHfy5ka5g6ppmYQz%2B86d9sZgcpiWWPpmr2GeeT30lOyFOLESUIKiJr5uDgMnrVUsyKFiTY%2Fc%2FoOo2wKQbTokNBgcwIDn6hL5Cg1V3McOWHY86MD0eMFhjOQTSmQBNSVqhjBaFGckSOW47madVOGEsf8XaCodfhuO3r7Br7tWKbvn6h823%2FGYkeOGW7HD4w%2BzEGsG%2F2zfSfQ1kr3MJxDz5mBNJuS1GwXuV2DbXUOK1UFMVzt5l7NcGJu8QH0aMcelBLMQAa8hrGdzjDkQ7VtnjI14Tg3dqLAjm3PG4DNiGg96YFAPOaCmoHc0HEGCjqtS1mCikASQJAgi3ZOmzFid7iXpHX6nzFGgijDOYKieOV%2B4PlWEAzCxEvEhATl12AFfi7OfhAEh51NzBgIwJFnGNoaUwVOKmjfBCRKccar0A67gkqViqdVRySUqzZFchCqWK8LZkaFURzEezWVMwIwIJ61vRJWtflyQ%2FtkflStRxZB7Ha061m8dhEOwtizwj0KjLJMIRgFbxBEXmCPT9YkM5%2FlOJaOda8wlBx7UXVEgWe7u7IHVQOSHa4KpJGuY2mZ1bZ1rZiOl8QjvDByj28hpuY7QJqig9Wha3NZw0SA4QjbxAKX47E6%2BfxFbh%2Berm5GC5wVOeM1VXfOE3nslvwzyYmdoCteXV6wT9ZSsHbGnJt6QQwLUrdiDY%2FOC6p3P%2B3oGZCoK6nnQFqmDsOz%2BSbvVt%2FkzXpzfbN9Bq7do%2BQcJyiRIOqNS5kF6mFQ17o1XM6Acj32VXS3LTcws9olHiQVhi5pLPfQtrxOnDAm9fgSDahA3TbaQLcdqpnOzi7Knq77Ar1btp1Gthq6b%2FZj8nm9vbopV4%2FXm%2FtuCt89fNzcrvnV6nZzfz154%2FwcoPogPXok0D0WJLVMCsUEten2D3g%2FuVttbi8en8C3v1f3n9bf4PffNner6%2FWXwUfXq7v2k0%2Ff1%2Ff666uvm%2B2D%2FvXuovfHp%2FtN96lC3iPAB4%2Br77cP32%2B6%2F%2F7%2BqH8%2BPa4u7td%2FfTn6wh%2Brh7tNa%2Frh9BX75XtIrTl9wY7nA2PFT3Qm8WCp638G5B5uZoe3A1CaRUIRG2CNZCp0Q9%2F2x%2B0QNSAM04KOnjJono92frc3C9uRQxgX3bzp3ml2A3%2BAlKOCjykYOXsug3haKBWkVf1OVhWkAj4jUijlS2HNGb3VdH1wWIFB1D229Pu1Gton1eHHp%2B324X70sGJ3i7iYUrWzULhooV5%2BmBIfGUkRQBq3WvXk072R7XMiIQRFK7pbDY7qVhRZnh0ZkRwLtpij%2B6SUKw0PvbnIEugxBJv9cSzYa16CIhNRndwnM6wSwV%2BBukQSusAcG5WQwnCfv98e47V%2BuUNpnPMTY%2BhqezsqstDS1%2BFw4E5utk%2BvVVMmo8F%2BZB1a%2FjHx2rW1e37sNm8zccLQs00o6glL7eyjFzrrIjoNM9gBu4dkIOBrN0CIaRg9Czh67jbFqYekRJR%2BxZMCl%2BCRwMYIg2HoHp57xq9%2F6o0ydkf9Sn3y88PPfwAlIZIt&use-server-side-rendering=1&pcode-icookie=fJgbwzsJs91HlB4XuLEvLtoDm91ILvs3cw%2F%2F804Egnaq97o9Lh1PXRaWXmOdWluTjoEtKhLBInSPS5mtQ6EiPu%2BSK9g%3D&top-ancestor=https%3A%2F%2Fmkb.level.travel&top-ancestor-undetermined=0&grab-orig-len=2944&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo3OH0KEqWkjCQ56oEQUCcerAT_7B-6W5inmR0r5tiOwzGnktmBPn8bdXv7_ef_6zbIoB3b4lhS7EjQMVqWWSwWtK2laTlPm7aAng5whTHRv_3b365v04btwLfbiTAmwgcJxOjjL0SxyFaOliouH3z78PcEaeL7iCbRxJ-kAyyY0PeE7SOexJNkBj7CSeDDO15QJ3sSTKLd7gmw7wmuZ89gT1jfhP-swQAjHZ3BJN4-Qh9B592DgfCZoU8CIMuFoSCXyYWrFMvkYRHmS4Yeucp1PW-5rmcqTcWcLcnLKAKCnpe3AnKpXiYXF2Qup6AsskpY8J5L9zx2xohM1EZhGi9LtqNhxa20zLIHL8WUKZfV2RltbdurX9ykzMRLvPXWNFa8uEySFVsxSkVtIShFy4otiVNB-syJbAL_t8PwEUxo3kn_Gt7AevwJa0-8fxLhJPZBf0BED5K0X_WPgSbXJYP-w3_C7wTj3rqe_fh45bB8QD9IvH8iuC_w7ovB4MBzoudE_Fzszz-g2z_-hDnxGdfv8nnbn-yRdj_N_IdKkmbhysJWKvJu8wDyf255weR2K1GOSvBWxoe4DJcojTlV5YJEXgpWG0namjIXSlWteosgRokUKaVeNkH8dPE-N9BHXv87wSGoPUvdEYmJxP2hLmYGAzOJoBqRhyvQHnsBc1gAFUkGxYf_5JLQka47HLVz0cfeKmOJ0AvhqqPawl9v3eDG7c4Wb_NyW3cethcJraQQlfEKw9XeZp_bjUPG1Ur5YZhmbgnqgVpVqMtoIYvTJEIacvKBINpco-YVbbPd7sEshoifScIizcq8czi7_l1wAYtKiGJL-UkKIST7mUUR4MGHBNwtokjALrJ_EbgLUx-eXNdTd-IyemUKwkX8B0Dg-AnpOIGKkyyqUuoSjHzxIJR0GniNRhpStvVGjQQcESq9DDkqcFycsCPimDplGgscWE4H0Ilh4hWFRVYeArdJISH_VVdJXkqWMM2H14mitlavXMvltk6OR27Y79ZIJnvfvB5hvch4f_buEH53dJBaz8tqTLjmRpXy4yIKI2QjxU-IPEwT91wUpXTlI4qLKCJTUDyeijJyZOTg62Xa_R4Gxvmod_mEPjwfvsHE6e5Myjjkxwt7h8L5vM8tkHyib6EJ_1mE509outdySlSR5ZCUXBGloGQNye1lYKidDP0yZPEbtpjDXIrXptkUfCQZqmxToIYg4aLcRRxmKQS7T4kV43ypoAiZRbVGHVNolU-ypMyRQAQ4z9afoQucS-pI1seE0_XmVjMlW3FecvRWRb1JJo_WCCU7xR79jK6xIFttkVGm5jytNE8l5Dt_HxI9Ib-2OGpdzd2qvniCt_AdFacN-2QGr6WKy6x1kdFKTabvNGXJL76fLXodVna27rTr1-YV-1TrYdhIu42B8YA_MmDOyfqAlOtG-attEwZT6f4dbVyT-RCTxEVyx-i_iOi9-5ucSQikEoieVjwI3T5Y7_xIP-LZH2agdc4JoNNw2wlyV5p9BPuy3T2NWqPYaBr11n0q78LQehmaDhwrD9cq04MB-oGE-FVR4gkd_c89XwSL8eW63rW2wcCX3ZvZ9qMBeOhAsbs1pqMG6dSFR2yMuPkzh_M6MILPO_AB5ThZpdoqNBj4Mu6RSzrsH-EICQx4GOAfPcG3fPKOh5XqrWyUGPmw1vRhuI-O7k_DHjBa7Gt3BuwHrVJNjQ5bvqsvwesMGBwQbK-R4OFhoPrFeAdfAvzh_qcZHOyF895fsoYaCl8yyZDvQ9E2tlFsZd1A-YYE7qkjj7yIMODjzxu4BxF4PpHE8a9Cs5u3qLgejNOpXeESpuGrXoVk0axzRfys5ZVk34Qxete5AfaE9vC_D09H0iWWA4bXFXpiG_M9HOiwBWCeJrUPpmtrtVutpXMdvYUVPW6L4hs05j12y3496mYrtGrzFhB-msB6jZ89Gq15I-Pkr0Gp2WpVbd5gU3MuKq-aWrE1GiWmr3igdAEw7SNmonnVGLHeAeN2Ez7xl114dXH6WHRiJSIaDP_DNMZDwtOV_61UqLZCocLxLno6BOMxvTVnNWQU24HeJqVYXGQiqw7Ttxz0Vw7fx9g_WKuDC7pDQT5hy0mdLjTBvCc_NLtXZQYjc49WlI5Hj04AewXvAolca3Q0ku5zh_8BGENPJPZsPf5jLEuw4pQ3e7w423v38YxBOkezTDmJmDLlyL10guLKoIcLcIino5UvSSiTp2PrMqahP73T4_uEvFbzdJLzQCtc3F9O1x4Z8xuJe6vU2APDFgv_5b8WsP71CnUW1CpxopZpCXGktK4xjU61ATpxFDE6CWaKi_lZGHOqrBR8vDgcCI0JmVPstM5Ypdhpg7FK8TDLWERch_HFJrWCNF5VES4BK1gBMeDJYHb_jOh9NeLu6rGDU33pcIbbButpJPIcavfZttliYwhdF9Ttbs4GBETiDinTXkJraiwo2WEZtlFenMDNfXy4KVPCrWliOvFKuqKwGpoji0rXhbBfn-6XM0py6KBDe8JM7VY0jdW_LIjeXfei3lpc-waUeptzjMKTgYgrwVsT4ecGELs2pG1eXZ0w0dIioJDJS9OTBvGt-CRE2obxupK2wtpYodZYocZYodpYocpYIbWxQqWxQgVdodm8nbE-aK-8NbqaXxdRnkpgtkmak22MjbwxNvLG2MgbYyNvjI28MTbyxtjIG4WxQjQGC2tjTrs2Nuja2KBrY4OujQ26Njbo2tiga2ODro0NujY2aMhGGGhohGktNDZojbFBa2pMM25wB3AxiXHWNSEbNsiGDbJhw4JhoxlIw5gPwBJo0wk3txTolVmZc97ZRzbRXFJwVx7pzWSn_KwgW3FU5lWSJvxEj_1u3QGP54CJfMCOAcA%3D&tga-with-creatives=1
Frame ID: 5FA2922A732E80FEEC7153FADB9B7E22
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Level.Travel х Московский Кредитный Банк - Поиск и бронирование туров онлайн

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

113
Requests

96 %
HTTPS

57 %
IPv6

18
Domains

25
Subdomains

21
IPs

7
Countries

4411 kB
Transfer

12066 kB
Size

36
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.me/LevelTravelChatBot
Title: Telegram

Search URL Search Domain Scan URL

URL: https://vk.com/im?sel=-29855322
Title: Вконтакте

Search URL Search Domain Scan URL

URL: https://wa.clck.bar/79150424411
Title: Whatsapp

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://yandex.ru/ads/system/context.js

Request Chain 71

https://top-fwz1.mail.ru/counter?id=2951107;pid=bdc24c89-8faa-45fc-9590ddf3aa794110 HTTP 302
https://top-fwz1.mail.ru/counter2?id=2951107;pid=bdc24c89-8faa-45fc-9590ddf3aa794110

Request Chain 72

https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22bdc24c89-8faa-45fc-9590ddf3aa794110%22%7D&d.r=1676805313035 HTTP 307
https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22bdc24c89-8faa-45fc-9590ddf3aa794110%22%7D&d.r=1676805313035&bounce=1&random=3744767948

Request Chain 73

https://tag.rutarget.ru/tag?event=sync&partner=flocktory&external_visitor_id=bdc24c89-8faa-45fc-9590ddf3aa794110 HTTP 302
https://ad.mail.ru/cm.gif?p=34&id=-DnfoWdXqNLL

Request Chain 74

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9919.Dv-6C1SV--HHn9TQl4FfRz9b95_CwfyTAClsqgTKpMazSzUdA9l8g1Lfxchx2r2l.u2oB3O4aPBLSGBHA0uLLshSJxSQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9919.5V8jzh00ne3xb4Jnch2oZtIsqJ60DMh2c8VwhQVIL4fBVE1Dtv-6ZwUz-w1QhAgDecpQ3SUvAcFg5iIh4Ho-s1M4ka5DMXAJPF_jqsH8B2I%2C.6C5zghnduezo3QjTICUbKMsIYJ8%2C

Request Chain 76

https://mc.yandex.com/watch/18706828?wmode=7&page-url=https%3A%2F%2Fmkb.level.travel%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1028%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A699289518221%3Ahid%3A446119328%3Az%3A0%3Ai%3A20230219111513%3Aet%3A1676805313%3Ac%3A1%3Arn%3A105708173%3Arqn%3A1%3Au%3A1676805313840375773%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A25%2C116%2C291%2C55%2C0%2C0%2C%2C475%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1676805311349%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676805313%3At%3ALevel.Travel%20%D1%85%20%D0%9C%D0%BE%D1%81%D0%BA%D0%BE%D0%B2%D1%81%D0%BA%D0%B8%D0%B9%20%D0%9A%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%91%D0%B0%D0%BD%D0%BA%20-%20%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B8%20%D0%B1%D1%80%D0%BE%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%83%D1%80%D0%BE%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/18706828/1?wmode=7&page-url=https%3A%2F%2Fmkb.level.travel%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1028%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A699289518221%3Ahid%3A446119328%3Az%3A0%3Ai%3A20230219111513%3Aet%3A1676805313%3Ac%3A1%3Arn%3A105708173%3Arqn%3A1%3Au%3A1676805313840375773%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A25%2C116%2C291%2C55%2C0%2C0%2C%2C475%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1676805311349%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676805313%3At%3ALevel.Travel%20%D1%85%20%D0%9C%D0%BE%D1%81%D0%BA%D0%BE%D0%B2%D1%81%D0%BA%D0%B8%D0%B9%20%D0%9A%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%91%D0%B0%D0%BD%D0%BA%20-%20%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B8%20%D0%B1%D1%80%D0%BE%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%83%D1%80%D0%BE%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 77

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9919.W-XVsvEd9MS_k27W9PgmEuNfcOMC4ThQ5ppNSo9-VBwa24S3bZMoCThJuZ0gmn_D.g5o_mg186iU9nMYB2JBO6MtjX7I%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9919.ud9EdxGV8VZfP2VTzSnN6fwRaa6NA-6DVcDfSMVD0gqvklqGhYFFzXXS4mmpIABhOG6Ri7cNlQlKbXlw8xvNFU9H1MSkgP_QjhofIrQzS24%2C.cjT32Wg7BORPwElHvV_GII3rIfI%2C

113 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mkb.level.travel/ 67 KB
26 KB 432ms
291ms Document
text/html 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://mkb.level.travel/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

f431b4387f334072e66aa90f429c13d30559ce0b035845258cccdc9f1ac1f12a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 19 Feb 2023 11:15:11 GMT
etag: W/"f431b4387f334072e66aa90f429c13d3"
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.23.2
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-envoy-upstream-service-time: 213
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 613adffc-ee9b-4ca1-9d63-d2a4c7fe8a9e
x-runtime: 0.201220
x-xss-protection: 1; mode=block

GET
H2 200 advertising.js Show response
mkb.level.travel/ 19 B
155 B 67ms
65ms Script
application/javascript 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://mkb.level.travel/advertising.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 8a4df19b0bf3a3bd51dae4e0750181c7b35046cb1c3d32d8ca80b926cbb8fc1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:11 GMT
x-envoy-upstream-service-time: 10
last-modified: Wed, 01 Feb 2023 14:26:44 GMT
server: nginx/1.23.2
content-length: 19
content-type: application/javascript

GET
H2 200 index.prod-d06d5f6aba208de368cd0fbad39b844c6864396c1e14dd83db6e0ae1cbc552d8.css
cdn.yc.level.travel/assets/application_new/ 164 KB
47 KB 352ms
129ms Stylesheet
text/css 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/application_new/index.prod-d06d5f6aba208de368cd0fbad39b844c6864396c1e14dd83db6e0ae1cbc552d8.css
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 0891e821245dbc4c12acbae740c2ec4792b8a8d4ffbc3fba9570dee51501486c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc97
date: Sun, 19 Feb 2023 11:15:12 GMT
via: 1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: AMS1-C1
age: 158128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-cached-since: 2023-02-16T07:51:51+00:00
last-modified: Tue, 14 Feb 2023 11:53:15 GMT
server: nginx
etag: W/"e73d5fe4b27514d402b66bec2ae31240"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: GHzZjrgwsxpsiTSUB70b130S7wXgsYcQDwJNxIGqi1KuWGEdHyiwhg==
expires: Sun, 19 Feb 2023 15:15:12 GMT

GET
H2 200 pages.prod-5217186c903ca0b6537860f42d33dc536b8a369d2bac7aa561a6f34778d3e828.css
cdn.yc.level.travel/assets/application_new/ 797 KB
123 KB 386ms
162ms Stylesheet
text/css 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/application_new/pages.prod-5217186c903ca0b6537860f42d33dc536b8a369d2bac7aa561a6f34778d3e828.css
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 221c04df196a8f87a4b9b2ca9acb18e3c512510c5745e7b56a52d1019ad3064b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc8
date: Sun, 19 Feb 2023 11:15:12 GMT
content-encoding: gzip
via: 1.1 d75767e25d58a643b0b793855f4459c8.cloudfront.net (CloudFront)
x-amz-cf-pop: BRU50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T17:20:58+00:00
content-length: 125521
last-modified: Thu, 22 Dec 2022 10:12:56 GMT
server: nginx
etag: "886270bd585aec4bc077fb08d3c2d49f"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
accept-ranges: bytes
x-amz-cf-id: xCaT8CvGb8eNtdrbzZlPtQyZfvY9CAgokUIblUijOYeRqgQt0zLw3A==
expires: Sun, 19 Feb 2023 15:15:12 GMT

GET
H2 200 Backpack-Regular.woff2
cdn.yc.level.travel/fonts/backpack/2.004/ 60 KB
60 KB 330ms
88ms Font
binary/octet-stream 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/fonts/backpack/2.004/Backpack-Regular.woff2
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: fa83df65c1d49b28fe45cbb89379d9bf9ecc9a99457b7ddba7f4ff6b66c0371e

Request headers

Referer: https://mkb.level.travel/
Origin: https://mkb.level.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc47
date: Sun, 19 Feb 2023 11:15:12 GMT
via: 1.1 a64b49e5551565c12c7314b5e4419ba4.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
age: 62542
x-cache: Hit from cloudfront
x-cached-since: 2023-02-19T11:15:09+00:00
content-length: 61100
last-modified: Mon, 05 Sep 2022 10:52:09 GMT
server: nginx
etag: "2615800d72f959f185ef4cff9e106c5c"
vary: Accept-Encoding
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
accept-ranges: bytes
x-amz-cf-id: LTMMZ04VoqUYQt9OgULXc-IZ7fEZsgmXPFBPe-SJYoJHT_Z1BzBWJA==
expires: Sun, 19 Feb 2023 15:15:12 GMT

GET
H2 200 Backpack-Bold.woff2
cdn.yc.level.travel/fonts/backpack/2.004/ 60 KB
60 KB 297ms
55ms Font
binary/octet-stream 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/fonts/backpack/2.004/Backpack-Bold.woff2
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 7a42c7ef169a03d3c3db6f4371b67fc0e4ed9bb238a9009bcc3472d00e6e6e05

Request headers

Referer: https://mkb.level.travel/
Origin: https://mkb.level.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc47
date: Sun, 19 Feb 2023 11:15:12 GMT
via: 1.1 a64b49e5551565c12c7314b5e4419ba4.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
age: 71932
x-cache: Hit from cloudfront
x-cached-since: 2023-02-16T01:06:38+00:00
content-length: 61028
last-modified: Mon, 05 Sep 2022 10:52:09 GMT
server: nginx
etag: "808fee202a362b5d1a59ab0d98aeef8d"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
accept-ranges: bytes
x-amz-cf-id: ZYkMAqi1xo5hBn8OYUah41bv7PehubGULSWqICzgmmbNbV683BMZmw==
expires: Sun, 19 Feb 2023 15:15:12 GMT

GET
H2

200

context.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://yandex.ru/ads/system/context.js

279 KB
82 KB

193ms
62ms

Script
text/javascript

2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

90e6c55ba14e7ee634603e185b74abab10eea3279519a373a2c64e187950dcc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1676805312519832-13446700474347200455-sas3-0632-00e-sas-l7-balancer-8080-BAL-3481
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 19 Feb 2023 12:15:12 GMT

Redirect headers

date: Sun, 19 Feb 2023 11:15:12 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
location: https://yandex.ru/ads/system/context.js
access-control-allow-origin: *
timing-allow-origin: *
content-length: 0

GET
H2 200 open_api.js Show response
cdn.yc.level.travel/5.0/ 2 MB
553 KB 2613ms
2613ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/5.0/open_api.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 2b5d42a173daf57cdd8f1be562ea25b4ebb42753a2d755dc5f0d70ea04249487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc91
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: AMS1-C1
age: 3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-cached-since: 2023-02-15T14:01:09+00:00
last-modified: Tue, 07 Feb 2023 12:51:28 GMT
server: nginx
etag: W/"b954be18d8b90cf6a545d73fbc5fb951"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: om0Oih44PGJf7xL1pq2nIC0x_ZospWUXdg4LDb5Mr1wuWSQDg2geUA==
expires: Sun, 19 Feb 2023 15:15:13 GMT

GET
H2 200 widget_base.css
cdn.yc.level.travel/5.0/stylesheets/ 40 KB
21 KB 339ms
116ms Stylesheet
text/css 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/5.0/stylesheets/widget_base.css
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: ff4e3cc74a0796cd0b5679fe7de5507703cd4793c9f657328f36a6b0b970dd30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc43
date: Sun, 19 Feb 2023 11:15:12 GMT
via: 1.1 7599c9263666c70e7c78c161a02a07f8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
age: 480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-cached-since: 2023-02-15T14:01:09+00:00
last-modified: Tue, 07 Feb 2023 12:51:28 GMT
server: nginx
etag: W/"2d4136f7a37e3b5715315ac93a3bcfea"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: TBA8grvcw_6PsAocSP8j58NU5CuTQ44DJBakvm80ccP0sPcbp4wfrg==
expires: Sun, 19 Feb 2023 15:15:12 GMT

GET
H2 200 modern.css
cdn.yc.level.travel/5.0/stylesheets/widgets/search_widget/ 58 KB
10 KB 348ms
125ms Stylesheet
text/css 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/5.0/stylesheets/widgets/search_widget/modern.css
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 32e11ea44f4e016aeac986c0c12e7b23591c3920973d6712c0c20c94510e4979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc43
date: Sun, 19 Feb 2023 11:15:12 GMT
via: 1.1 c5986ba12cee41e584b5d9b9a9b15446.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
age: 1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-cached-since: 2023-02-15T14:01:09+00:00
last-modified: Tue, 07 Feb 2023 12:51:28 GMT
server: nginx
etag: W/"12ad9a55e967938ee7111def4d0bb586"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: t7pTzvWvszKmJqId3Mo7jHqP6t3W2GVXRMqVwjh-a-ChIzsLttGnuQ==
expires: Sun, 19 Feb 2023 15:15:12 GMT

GET
H2 200 js-assets-production.js Show response
mkb.level.travel/assets/ 321 KB
107 KB 66ms
59ms Script
application/javascript 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://mkb.level.travel/assets/js-assets-production.js?v=a70ce6d39763fcb0e77358e202c04de0
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 043cefda94117c97515858fff9cd8ab21690431bb45c4a66e7b081e766ad8f54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:12 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 3
last-modified: Fri, 17 Feb 2023 11:50:31 GMT
server: nginx/1.23.2
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 common.prod-ede48821d435896eefb67ca8bee8ce07e8853384fe0fa3a905b24459f805eca8.js Show response
cdn.yc.level.travel/assets/lt/ 886 KB
265 KB 2722ms
2713ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/lt/common.prod-ede48821d435896eefb67ca8bee8ce07e8853384fe0fa3a905b24459f805eca8.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: ede48821d435896eefb67ca8bee8ce07e8853384fe0fa3a905b24459f805eca8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc88
date: Sun, 19 Feb 2023 11:15:14 GMT
content-encoding: gzip
via: 1.1 071c6d250f90381986ebbec31df7b7e4.cloudfront.net (CloudFront)
x-amz-cf-pop: BRU50-C1
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T16:02:32+00:00
content-length: 271056
last-modified: Thu, 10 Nov 2022 10:47:16 GMT
server: nginx
etag: "339af919b2a168c24ba8113451fe0f28"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
accept-ranges: bytes
x-amz-cf-id: bNSf6WKhP_qI5e15KmoVzEsrzCsqDBklD7dvompF8aSJSDtRlVDIhw==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 channel_tracker.prod-aa1f145001d24d5637a5009672ea8ba9900d69b0e9d914229cbcb8c79460308c.js Show response
cdn.yc.level.travel/assets/lt/ 28 B
299 B 2725ms
2716ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/lt/channel_tracker.prod-aa1f145001d24d5637a5009672ea8ba9900d69b0e9d914229cbcb8c79460308c.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: aa1f145001d24d5637a5009672ea8ba9900d69b0e9d914229cbcb8c79460308c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc90
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 9e7d825887069100f188900375c625e6.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
age: 18041548
x-cache: Hit from cloudfront
x-cached-since: 2023-02-17T13:40:55+00:00
content-length: 28
last-modified: Fri, 15 Apr 2022 10:22:46 GMT
server: nginx
etag: "f423880311cb53ed06e2c208c310995c"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
accept-ranges: bytes
x-amz-cf-id: SYdYcGHayBo4DU5TW4jbYh7dWyJLEVkOOrDf-YrLBcfAMHdHNCWkFQ==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 analitics_starter.prod-74c4d53543308577c8d4ff8bcdaa4929f1b20174f8434abc6b9d2d6135245c88.js Show response
cdn.yc.level.travel/assets/lt/ 28 B
275 B 2653ms
2644ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/lt/analitics_starter.prod-74c4d53543308577c8d4ff8bcdaa4929f1b20174f8434abc6b9d2d6135245c88.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 74c4d53543308577c8d4ff8bcdaa4929f1b20174f8434abc6b9d2d6135245c88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc45
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 d00a1eb2ccbcadee246787853beba6e4.cloudfront.net (CloudFront)
x-amz-cf-pop: BUD50-C1
x-cache: Miss from cloudfront
x-cached-since: 2023-02-16T13:41:22+00:00
content-length: 28
last-modified: Wed, 18 May 2022 17:50:25 GMT
server: nginx
etag: "78173e05d9b688b2b839a3e03064c663"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
accept-ranges: bytes
x-amz-cf-id: b863ExWr5H9Yg7zcYXyVH-wENqy24gw8yr0Ke-weXswQZgiSkTgBXw==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 locations.js Show response
mkb.level.travel/ 91 KB
15 KB 120ms
119ms Script
text/javascript 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://mkb.level.travel/locations.js

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

7d5d9614f2ec7f119a6b3dbff0a7b9099ab8f2e179eb87cdc518c5c2e831cabf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-runtime: 0.048433
date: Sun, 19 Feb 2023 11:15:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.23.2
x-permitted-cross-domain-policies: none
etag: W/"7d5d9614f2ec7f119a6b3dbff0a7b909"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 58
x-xss-protection: 1; mode=block
x-request-id: 803dd588-91b2-4598-9280-98e5017399a2

GET
H2 200 messages-locale.js Show response
mkb.level.travel/ 40 KB
14 KB 112ms
112ms Script
text/javascript 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://mkb.level.travel/messages-locale.js

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

893b65220aa42e31dad92a0db810f67f090a1fecacf8cd1e7b573aaddb6cacd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-runtime: 0.046723
date: Sun, 19 Feb 2023 11:15:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.23.2
x-permitted-cross-domain-policies: none
etag: W/"893b65220aa42e31dad92a0db810f67f"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 53
x-xss-protection: 1; mode=block
x-request-id: 7170f806-6142-4ef0-9a69-0b2bced41c44

GET
H2 200 core.prod-c0e257515bce60ae11d51ae5c16cb07d6fccd866fb96e28fefb5894e3f0ce1d6.js Show response
cdn.yc.level.travel/assets/lt/ 1002 KB
280 KB 2636ms
2628ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/lt/core.prod-c0e257515bce60ae11d51ae5c16cb07d6fccd866fb96e28fefb5894e3f0ce1d6.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: c0e257515bce60ae11d51ae5c16cb07d6fccd866fb96e28fefb5894e3f0ce1d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc86
date: Sun, 19 Feb 2023 11:15:14 GMT
content-encoding: gzip
via: 1.1 828a61ebc3af4e0465a5577a4c08af7a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T16:56:30+00:00
content-length: 286315
last-modified: Sun, 04 Dec 2022 16:06:07 GMT
server: nginx
etag: "d85c9bf83a31f080bcadf45ae0a626ed"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
accept-ranges: bytes
x-amz-cf-id: zVN87RUZQD1Yg_NgKe7flpmRimc1wjziXmcO1X3aU7rxjZUVCeR4Ng==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 13.5b6e72845049153bc43e.css
cdn.yc.level.travel/assets/ 780 B
787 B 256ms
84ms Stylesheet
text/css 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/13.5b6e72845049153bc43e.css
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 6188448749f38159f7cbdcd476a9ac250716b3de489d320f9ce0bf8493cfef91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc88
date: Sun, 19 Feb 2023 11:15:12 GMT
via: 1.1 60e71fe7e3db53eea86ce8b59ae62a6a.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-C1
x-cache: Miss from cloudfront
x-cached-since: 2023-02-18T09:00:48+00:00
last-modified: Mon, 06 Feb 2023 03:44:23 GMT
server: nginx
etag: W/"38fbc1e3814d2eb07449c65d00f15046"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: Faq_507_GKje6-I1SJeCfBUN6v18HChsto55NWM0lB0oULke9daHMA==
expires: Sun, 19 Feb 2023 15:15:12 GMT

GET
H2 200 49.e91924b986dd6c65ef77.css
cdn.yc.level.travel/assets/ 852 B
653 B 335ms
163ms Stylesheet
text/css 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/49.e91924b986dd6c65ef77.css
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: bc430539591468bf57af8595dfbbdda52aaf207186f9e9cd88a00768466be38e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc7
date: Sun, 19 Feb 2023 11:15:12 GMT
via: 1.1 dc19f9aa143f2b0385b8365f1f0463ee.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-16T09:24:13+00:00
last-modified: Thu, 16 Feb 2023 09:14:54 GMT
server: nginx
etag: W/"67b8a66b4fbda16d9d2eaa2cde182200"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: 6tSOHIrZLfdfQi00yRT3yd1WuSPfNFaUDji8PdSd0RgLYGTkPw3jqw==
expires: Sun, 19 Feb 2023 15:15:12 GMT

GET
H2 200 runtime._910ac3b7fd1f704f3d85.prod.js Show response
cdn.yc.level.travel/assets/ 6 KB
3 KB 2725ms
2717ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/runtime._910ac3b7fd1f704f3d85.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: effc08e377417759ae108cd32fcd1351d7a21018d2619b61f0c36a3189c3ee6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc89
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 b71ee3139663184bee1555c303dce71e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"68b14f9c026623315cc0ec63e89431ce"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: yKK3nVS2NpsLSb6HlpozJhGB01I5-rrotdaxx9S7i0u4JCY4VE9Stw==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~about~client~confirm_email~faq~gift_certificate~header_app~home~hotel_reviews_page~hotels~or~332efeba._fc7b42f12182b74f1cfd.prod.js Show response
cdn.yc.level.travel/assets/ 40 KB
17 KB 2724ms
2716ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~about~client~confirm_email~faq~gift_certificate~header_app~home~hotel_reviews_page~hotels~or~332efeba._fc7b42f12182b74f1cfd.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 00a34b6d9b188b60177248efe34734eb3889ad8a54a2fe4a1706c631d3f5ee0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc98
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 c5f2c8f2b8922a39129e7a665358cf9e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T13:13:42+00:00
last-modified: Fri, 17 Feb 2023 13:09:03 GMT
server: nginx
etag: W/"f571171ca20e44141eb2528dff6f4f1e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: b69J_Gh1pQ1iDzvmVfrhJYJN3Et_EmT8_12Y3IxBlCkWfhncYy5NkQ==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~about~client~confirm_email~faq~gift_certificate~header_app~home~hotel_reviews_page~hotels~or~b1b67422._8042bc32f22e6777b050.prod.js Show response
cdn.yc.level.travel/assets/ 249 KB
95 KB 2719ms
2712ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~about~client~confirm_email~faq~gift_certificate~header_app~home~hotel_reviews_page~hotels~or~b1b67422._8042bc32f22e6777b050.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: fc9bd73a42e44d620b7c1e1f7357d7138bd3e215e47f7a3efb8b025b48d1365d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc45
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 69154db4091f3dbde5ecf072840fdce0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"ec0e3af16208f6aaefd7750350397ed2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: l4Zl7jfjyLY75yHCJlKhtJl3VyRuxjn_37qtstavknHNNvf0lGpnUA==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~about~client~faq~gift_certificate~header_app~home~hotel_reviews_page~hotels~order~order_chan~76292368._d192748e6ac1000bc3d8.prod.js Show response
cdn.yc.level.travel/assets/ 113 KB
42 KB 2723ms
2716ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~about~client~faq~gift_certificate~header_app~home~hotel_reviews_page~hotels~order~order_chan~76292368._d192748e6ac1000bc3d8.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 6e3147a1afe472902a2191e21db89a01b78710d634f8aa691044d33af67761c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc91
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 753b5d9899259f7b8bd50e1338255e42.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"60b56402fc8864374f9df02dbf0fe718"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: mMxLemjPBposgybag1oxqtMKSGmw05BnSfSOndQxr-aQxzmIDv7yTg==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~about~client~gift_certificate~header_app~home~hotel_reviews_page~hotels~order~order_changing~5ce475db._31e520e4304e666f584a.prod.js Show response
cdn.yc.level.travel/assets/ 248 KB
82 KB 2720ms
2713ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~about~client~gift_certificate~header_app~home~hotel_reviews_page~hotels~order~order_changing~5ce475db._31e520e4304e666f584a.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 6bba741c50ad1356cad804f44ef95d9dadd883fe7a9e9bffa95cc0a67c51fbfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc99
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 d3e98d8cca4d16199794e4f4191b942c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"87e4c5178a99233265cc7bca10e99f72"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: dboDqJY5wA6Y8vpiemfshE3RbGe5xiH_U9orbPX8jI1x1uCXJrCCKQ==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~about~client~gift_certificate~header_app~home~hotel_reviews_page~hotels~order~order_changing~cc28ca94._7ae8f8936a22a8d99b7c.prod.js Show response
cdn.yc.level.travel/assets/ 189 KB
68 KB 2720ms
2713ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~about~client~gift_certificate~header_app~home~hotel_reviews_page~hotels~order~order_changing~cc28ca94._7ae8f8936a22a8d99b7c.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 3d967c577738715c8018063868b249f9548ab7bc8621dab56522acbc1a77edff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc45
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 78d8604061740cf37281a862360cef5c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"db42ef7ddc5a687dd8dd874cb34fbcb4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: gf1j_4nsYwn2uV_Dhxcojsoo-sm_to0zfeXQvCUsEjOQ9yMQPtmWTA==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~about~client~faq~gift_certificate~header_app~home~hotel_reviews_page~hotels~order~order_chan~bd3f7c11._1801cd8bb1c5d0231846.prod.js Show response
cdn.yc.level.travel/assets/ 81 KB
20 KB 2716ms
2709ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~about~client~faq~gift_certificate~header_app~home~hotel_reviews_page~hotels~order~order_chan~bd3f7c11._1801cd8bb1c5d0231846.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 76deaffe901c37bbc52a16686f01068ea3698272e3e9b8731743f39b02e631c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc43
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 9e7d825887069100f188900375c625e6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"6bcbafdaaed64bee5ef5ea6b92ee2c7f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: 11sUTaNZstzwce_t_wI63KC47ysOFs_WO8_PWy4JgQGAKF348ZR4gQ==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~HeaderAuth~about~client~gift_certificate~header_app~home~hotels~order~order_changing_request~26f5bfc2._68f131ea3154da9e75bf.prod.js Show response
cdn.yc.level.travel/assets/ 90 KB
34 KB 2723ms
2717ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~HeaderAuth~about~client~gift_certificate~header_app~home~hotels~order~order_changing_request~26f5bfc2._68f131ea3154da9e75bf.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 9ad6dda2045d852a9cbc1be3790511cb31d9e9e0c8d51bd4f56439345ee2b335

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc90
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 c5f2c8f2b8922a39129e7a665358cf9e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"3803f07f2bc49c2411a42d0a84d239ac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: pjHBel8S8oMuQdwBmVzPIRyJ-8tAP4Bd74HJ2IC6DUG70znyx9EriA==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~about~client~gift_certificate~header_app~home~hotel_reviews_page~hotels~order~order_changing~f4b01f79._66d89638869c7dbcf961.prod.js Show response
cdn.yc.level.travel/assets/ 75 KB
28 KB 2721ms
2715ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~about~client~gift_certificate~header_app~home~hotel_reviews_page~hotels~order~order_changing~f4b01f79._66d89638869c7dbcf961.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: efe62cf122a23e6b2c0096ccdbdc76f62b6287da1e9f49daf73d4a1578a07762

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc89
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 8f67e81092ebd47bc649d954af911676.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"a0ddef1a2d8633eeaa41b060b6a49728"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: fLhmBZKmz7OfPoZL9Ltd54ipvF4sIcwJOap50Tz62iGs8dlfRm8cnQ==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~HeaderAuth~about~client~gift_certificate~header_app~home~hotel_reviews_page~hotels~order~pac~02511aba._96c566e4e2e76334a89f.prod.js Show response
cdn.yc.level.travel/assets/ 20 KB
8 KB 2721ms
2715ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~HeaderAuth~about~client~gift_certificate~header_app~home~hotel_reviews_page~hotels~order~pac~02511aba._96c566e4e2e76334a89f.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 3f05b0e5451aae16a1a8ffe0ad14b522475d45eec5d69dbcdf8142a2858b4d54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc89
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 1be5216f770ec05deb91e9e25b61b898.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"6e57ab4554f7c54b1bdf61dcc1008ea8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: X7cVzra5VI8Rjdu1Qy7i8YGPpIakOXXFjDU2vunow5xSYbc4yHjqdg==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~HeaderAuth~about~client~header_app~home~hotel_reviews_page~hotels~order~order_changing_reque~56f0790d._1344035dffa0cdbaaedb.prod.js Show response
cdn.yc.level.travel/assets/ 13 KB
5 KB 2649ms
2643ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~HeaderAuth~about~client~header_app~home~hotel_reviews_page~hotels~order~order_changing_reque~56f0790d._1344035dffa0cdbaaedb.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 59a3b44a649f9c614746281ecffa320a0373ec1b97eb588e20d6b5744f5cbe01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc91
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 7d12bef71f48487e9202b581d949876e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"b66566533b70d9cf9fd0952b21388a3c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: VtdikUZoGydxFN5CR7cWUScyjxn4bgHlZxBZv2EVIJ4LDDY1aawcsg==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~HeaderAuth~about~client~gift_certificate~header_app~home~order~order_changing_request~packag~0e86e378._4eb291b039d49c0109c4.prod.js Show response
cdn.yc.level.travel/assets/ 31 KB
11 KB 2718ms
2712ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~HeaderAuth~about~client~gift_certificate~header_app~home~order~order_changing_request~packag~0e86e378._4eb291b039d49c0109c4.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 92a38f46aeb188dfcb4bd32edd7a74b4e698c5a18934684a3665c0acffdfd90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc88
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: AMS1-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"59be5e532b8b706f86a7d91b7c368898"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: 0sWeEc2Skj-_yfHlmegrkzHXUSnVRxbCWHq5fTzKVXz6APRqZx-yaA==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~about~client~gift_certificate~header_app~home~hotel_reviews_page~hotels~order~packages~searc~8d87c16f._030a505559753a04ec7d.prod.js Show response
cdn.yc.level.travel/assets/ 18 KB
7 KB 2723ms
2717ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~about~client~gift_certificate~header_app~home~hotel_reviews_page~hotels~order~packages~searc~8d87c16f._030a505559753a04ec7d.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: e6abdfd0d571c6e988e55de003348bf09570be6bb9063bdd949ca4661cf74b70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc98
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 60e71fe7e3db53eea86ce8b59ae62a6a.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"deb47a27572764b33b1f1ae5847309b6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: IHlZebVnVOS2NSSe5wUUv3L1K3apKRNDvg0Tygmf-oOayZ5QZJSA-A==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~HeaderAuth~about~client~header_app~home~hotels~order~order_changing_request~packages~search~~deca8834._1fd470e2478629aad7d2.prod.js Show response
cdn.yc.level.travel/assets/ 16 KB
6 KB 2721ms
2716ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~HeaderAuth~about~client~header_app~home~hotels~order~order_changing_request~packages~search~~deca8834._1fd470e2478629aad7d2.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: cd406d92383c115e6275d817e219d3d891b1c2dcd6ed8484d013cd35982bdc64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc91
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 d04998a67c7a3fb6819bd5fdd0bbe124.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"685e89754384140c10af0938a5936700"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: 0wYAfP-KEw-YOT5DLwVSMTZb7kwYaZ0flnGJt0Mfup4dQx14DVOutA==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~HeaderAuth~about~client~header_app~home~hotels~order~packages~search~seo_page~testimonials._0c6c02c31a840d2d9660.prod.js Show response
cdn.yc.level.travel/assets/ 15 KB
5 KB 2649ms
2643ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~HeaderAuth~about~client~header_app~home~hotels~order~packages~search~seo_page~testimonials._0c6c02c31a840d2d9660.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 5b20a9c3edcca52de72bed13f0005092bab954ab594dddb022de097a228593c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc86
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 854e69d09dba9252a1cd2401bf2be25e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"a3ad34c2dd9eb9c6c3c3cdaa739257de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: dBcL7_2BDUs01sDO6e6ud5Wu7lSaDzCs7bQWasoDN4ey-2U6jYQhFQ==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~Cigarette~HeaderAuth~about~client~header_app~home~order~order_changing_request~packages~testimonials._55ee770bae8c85617dce.prod.js Show response
cdn.yc.level.travel/assets/ 56 KB
20 KB 2604ms
2599ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~Cigarette~HeaderAuth~about~client~header_app~home~order~order_changing_request~packages~testimonials._55ee770bae8c85617dce.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 883aa99a1a0e874e1ede1eca7a5db6c04ff9b11d793c9295f6031f1cea91f1eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc79
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 99578e20c0b3a3e3de02b1f1fe508f98.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"12f05535790bcad3d1822e792aa32962"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: RHrqwXLY9Q0uBowmzHWb0qwsulNDVfkX8pSX9lUrebGZyA3Yu1NAoQ==
expires: Sun, 19 Feb 2023 15:15:13 GMT

GET
H2 200 vendors~HeaderAuth~about~client~header_app~home~order~order_changing_request~packages~testimonials._77582d878d7465d382d7.prod.js Show response
cdn.yc.level.travel/assets/ 141 KB
47 KB 2719ms
2714ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~HeaderAuth~about~client~header_app~home~order~order_changing_request~packages~testimonials._77582d878d7465d382d7.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 5984ae19b88a1704b132a34f647985d4062f492faec97c645d5c4ea66a240145

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc91
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 2b6f385212d54f32d2c4991db852b20e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"da066a1dc66d60a2dd138b54093f66ad"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: fJ9KgxAHjnP2GLQ8z3e5PsHdKGCmFKc1zeSNZ8TePdDA_kEXPV873w==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~HeaderAuth~about~client~header_app~home~order~packages~socialAuthRedirectHandles~testimonials._ca87d637322460bbf6d4.prod.js Show response
cdn.yc.level.travel/assets/ 99 KB
39 KB 2717ms
2712ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~HeaderAuth~about~client~header_app~home~order~packages~socialAuthRedirectHandles~testimonials._ca87d637322460bbf6d4.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: c14049ed9ea27318bc5784b140a91c8ba59bbee385ab34ed27d2406358b060e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc43
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 e3d7e26a5df51c85de01773b18b95a58.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"411108c6be1e0191de2c6487588d218a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: jf6TBPyjvDByNDnFQpTNkS9lxoqwiH79bqPVSALKQ592jBy3lp16hQ==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 vendors~HeaderAuth~about~client~header_app~home~testimonials._0ac6233f26427a4d9c40.prod.js Show response
cdn.yc.level.travel/assets/ 571 KB
386 KB 2718ms
2714ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~HeaderAuth~about~client~header_app~home~testimonials._0ac6233f26427a4d9c40.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 57911eb2d491143e1ffcc35ce768e588b14e6eca21844b96f1f3d015985e61d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc79
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 0186e9c41d0aebb13c1398b95b7f4756.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: AMS1-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"f1f095fade1125cfa9fd27eaec924c6a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: gBplnPq3H9H-SIFbu-YaHG7Xfakjqj_IShYA7eZaIjOJ7XfkTc2LWg==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 about~gift_certificate~header_app~home~hotel_reviews_page~pay_card._9620340ccdd8a7215b5a.prod.js Show response
cdn.yc.level.travel/assets/ 17 KB
7 KB 2649ms
2645ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/about~gift_certificate~header_app~home~hotel_reviews_page~pay_card._9620340ccdd8a7215b5a.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: e6a6ebb1db649d83a213df6daacf0accd2a529d938003754765344b7386c6cad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc45
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 2b6f385212d54f32d2c4991db852b20e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-C1
age: 8
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-cached-since: 2023-02-17T13:14:03+00:00
last-modified: Fri, 17 Feb 2023 13:09:03 GMT
server: nginx
etag: W/"85400afa60f90178fac248d0f6389d12"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: r70Pwto7D8yEAQ-f9dFmbdNAE2c-Fg0MsqLhMyG8aJmAem0f9Zg9ng==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 home._5d80adabe7499345ab54.prod.js Show response
cdn.yc.level.travel/assets/ 321 KB
116 KB 2718ms
2714ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/home._5d80adabe7499345ab54.prod.js
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: d9891ba809608e1fc1f97bce33cdd24422cd6a3aca8286f71d32ac516a72ed14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc91
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 d549fb9f9483336ecc8e66bbc5db422a.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:22:58+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"01e1b0ea3a6c8ae530901e6031e14506"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: Fa6iObaInWzNykiUKCE6jgpM4bh_Wydl6c8cT5PewgKrEXLZ4Zo01A==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 378 KB
81 KB 140ms
75ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6VN73

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cdf2708e75cf50e9a997d8193138a9693643401aaf4f0d03b79da90f14e461a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82680
x-xss-protection: 0
last-modified: Sun, 19 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Feb 2023 11:15:12 GMT

GET
H2 200 flags-e0897b7176ddb11f350484098188fa45604c020bb112cb5bb1e94502338ff6d8.png
cdn.yc.level.travel/assets/ 122 KB
122 KB 2696ms
2695ms Image
image/png 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.yc.level.travel/assets/flags-e0897b7176ddb11f350484098188fa45604c020bb112cb5bb1e94502338ff6d8.png
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/assets/application_new/index.prod-d06d5f6aba208de368cd0fbad39b844c6864396c1e14dd83db6e0ae1cbc552d8.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: e0897b7176ddb11f350484098188fa45604c020bb112cb5bb1e94502338ff6d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.yc.level.travel/assets/application_new/index.prod-d06d5f6aba208de368cd0fbad39b844c6864396c1e14dd83db6e0ae1cbc552d8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc89
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 1be5216f770ec05deb91e9e25b61b898.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
age: 17916656
x-cache: Hit from cloudfront
x-cached-since: 2023-02-17T13:40:55+00:00
content-length: 124897
last-modified: Tue, 13 Mar 2018 16:22:15 GMT
server: nginx
etag: "4bce9dd33500f2b02883d32efb3cd88f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
accept-ranges: bytes
x-amz-cf-id: my5AZWte6MoHv3JWpKFZRPa78-y8Uap9Z63Y9deQplD5b_e1hXR8Gw==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 flags@2x-fc36c4479e7fc1e376a57235910b110db6a3247a02b400c0e6dd6a4909453205.png
cdn.yc.level.travel/assets/ 246 KB
247 KB 2694ms
2694ms Image
image/png 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.yc.level.travel/assets/flags@2x-fc36c4479e7fc1e376a57235910b110db6a3247a02b400c0e6dd6a4909453205.png
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/assets/application_new/index.prod-d06d5f6aba208de368cd0fbad39b844c6864396c1e14dd83db6e0ae1cbc552d8.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: fc36c4479e7fc1e376a57235910b110db6a3247a02b400c0e6dd6a4909453205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.yc.level.travel/assets/application_new/index.prod-d06d5f6aba208de368cd0fbad39b844c6864396c1e14dd83db6e0ae1cbc552d8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc90
date: Sun, 19 Feb 2023 11:15:14 GMT
via: 1.1 a64b49e5551565c12c7314b5e4419ba4.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
age: 5812774
x-cache: Hit from cloudfront
x-cached-since: 2023-02-17T13:37:08+00:00
content-length: 252017
last-modified: Tue, 13 Mar 2018 16:22:16 GMT
server: nginx
etag: "1419d1ae2e802ca8a25b1e2f3be11d65"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
accept-ranges: bytes
x-amz-cf-id: YskUh9_N0Dc97sDZaTGG36NLPJ0W6hJzW8jLBDwwWqoeBiwLVNfx2A==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 bg-9.jpg
mkb.level.travel/s3/head/ 145 KB
145 KB 249ms
249ms Image
image/jpeg 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mkb.level.travel/s3/head/bg-9.jpg
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 30c0a81bb7b8f7295d8369bfd50edf23edcf96735048714a8e57138c45aa45f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:12 GMT
x-amz-version-id: bJoJfJcZ86rbnpDg2POVry5v00ICp37Z
last-modified: Mon, 23 Jul 2018 10:41:58 GMT
server: nginx/1.23.2
x-amz-request-id: CNT96C9NJ1A1NEA2
etag: "5fb6079c049090a572cac358a828ccf1"
content-type: image/jpeg
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 148442
x-amz-id-2: jaSiOAmvViPjJ1lzG0mD2mnjpPmw9sl8QKvVbo6tCwD3rmCiir86AAAVRalba5zl01B+6FTUxSg=

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ff8e17ec3f755a7844908ba233a30eee9e82ccca0d543f72adf688c4d660643

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 71ms
22ms Script
text/javascript 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 10:08:39 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3993
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Sun, 19 Feb 2023 12:08:39 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 119 KB
46 KB 50ms
26ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-T5QFWGM

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VN73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a829f0bfc7b7f14d0c5b4c0e8ba24e9e694ba071783271230de6ae7357956cac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46701
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 19 Feb 2023 11:15:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 19ms
12ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VN73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 10:54:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1228
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 19 Feb 2023 12:54:44 GMT

GET
H/1.1 200
OK loader.js Show response
api.flocktory.com/v2/ 268 KB
79 KB 341ms
74ms Script
application/javascript 52.17.120.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flocktory.com/v2/loader.js?site_id=2113
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VN73
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.120.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-120-67.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 8f7ea8576ab051ca7f8e4dfd20abcd7ada3994ace4a7b4eb1fbd6f56d7557041

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 11:15:12 GMT
Content-Encoding: br
x-amz-request-id: H3C3HB922CZVHPGB
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 80230
x-amz-id-2: RugVTcgcWa4ou3VjwOOtXGUR0bNAa04ZeQtpAiJXAq4vxi4dAytdLjrkLswCKB/sxHEWqLdYPc4=
Last-Modified: Tue, 07 Feb 2023 11:51:50 GMT
Server: openresty
x-amz-meta-s3cmd-attrs: atime:1675770665/ctime:1675770665/gid:0/gname:root/md5:9241b678704372f4d7ea2591a6141bc0/mode:33188/mtime:1675770665/uid:0/uname:root
ETag: W/"9241b678704372f4d7ea2591a6141bc0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK tracker.js Show response
api.mindbox.ru/scripts/v1/ 62 KB
20 KB 344ms
107ms Script
application/javascript 84.252.130.113
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mindbox.ru/scripts/v1/tracker.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VN73

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

84.252.130.113 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx /

Resource Hash

d78e9fe6ff5155c0a981e5216f354d7475b9e5977d65dadac07b6ae77472bf9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=315360000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src 'self' 'unsafe-inline'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 11:15:12 GMT
strict-transport-security: max-age=315360000; includeSubDomains; preload
x-amz-request-id: 8c6c457ae43a98bf
transfer-encoding: chunked
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 03 Feb 2023 10:29:40 GMT
server: nginx
etag: W/"955b21457f057e8014f21aee64e44d54"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-frame-options: DENY
content-type: application/javascript
cache-control: public,max-age=604800
feature-policy: vibrate 'self'

GET
H2 200 tracker.js Show response
cdn.yc.level.travel/tracker/ 26 KB
11 KB 2569ms
2569ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/tracker/tracker.js?1676805312502
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 4663ef8d83e43b296729ac8ac6fc18977c3f082a91a4d7475b14b147eaeb95bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc7
date: Sun, 19 Feb 2023 11:15:15 GMT
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: AMS1-C1
age: 60
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 09 Feb 2023 15:13:15 GMT
server: nginx
etag: W/"b79ccf25d2e9302825a2cc5b60a467e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: MISS
x-amz-cf-id: mDRWI4eTECIjhWHb-ys0F7kYtCdCr3Tz3MydiUHogo56B3btO-mDsw==
expires: Sun, 19 Feb 2023 15:15:14 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
73 KB 474ms
108ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63e36f34-11ffd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73725
expires: Sun, 19 Feb 2023 12:15:12 GMT

GET
H2 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
198 B 24ms
23ms Image
image/gif 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1790245610&utmhn=mkb.level.travel&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Level.Travel%20%D1%85%20%D0%9C%D0%BE%D1%81%D0%BA%D0%BE%D0%B2%D1%81%D0%BA%D0%B8%D0%B9%20%D0%9A%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%91%D0%B0%D0%BD%D0%BA%20-%20%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B8%20%D0%B1%D1%80%D0%BE%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%83%D1%80%D0%BE%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&utmhid=332545083&utmr=-&utmp=%2F&utmht=1676805312493&utmac=UA-27369706-1&utmgtm=45He32f0n71P6VN73&utmcc=__utma%3D224965766.1687838476.1676805312.1676805312.1676805312.1%3B%2B__utmz%3D224965766.1676805312.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=202830835&utmredir=3&utmu=qmAgAABAAAGBAAAAAgAAAAAE~

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 19 Feb 2023 11:15:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 96ms
20ms Script
text/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 10:30:17 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2695
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sun, 19 Feb 2023 12:30:17 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-27369706-7&cid=1687838476.1676805312&jid=240606478&gjid=11091736&_gid=39970895.1676805313&_u=aSBCiEABRAAAAEAEK~&z=1333362050

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mkb.level.travel/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 19 Feb 2023 11:15:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mkb.level.travel
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
192 B 8ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=332545083&t=pageview&_s=1&dl=https%3A%2F%2Fmkb.level.travel%2F&ul=en-us&de=UTF-8&dt=Level.Travel%20%D1%85%20%D0%9C%D0%BE%D1%81%D0%BA%D0%BE%D0%B2%D1%81%D0%BA%D0%B8%D0%B9%20%D0%9A%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%91%D0%B0%D0%BD%D0%BA%20-%20%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B8%20%D0%B1%D1%80%D0%BE%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%83%D1%80%D0%BE%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&xid=gUwg0vEXS8y1Gepk1in1lA&xvar=1&_utma=224965766.1687838476.1676805312.1676805312.1676805312.1&_utmz=224965766.1676805312.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1676805312558&_u=aSBCiEABRAAAAAAEK~&jid=240606478&gjid=11091736&cid=1687838476.1676805312&tid=UA-27369706-7&_gid=39970895.1676805313&gtm=45He32f0n71P6VN73&cd3=none&cd5=1687838476.1676805312_1676805312558&cd4=1687838476.1676805312&cd6=none&z=1026783873

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 00:48:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37616
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 403 UA-27369706-7
google-analytics.bi.owox.com/ 14 B
14 B 76ms
17ms Image
text/plain 35.186.228.179
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://google-analytics.bi.owox.com/UA-27369706-7?v=1&_v=j99&a=332545083&t=pageview&_s=1&dl=https%3A%2F%2Fmkb.level.travel%2F&ul=en-us&de=UTF-8&dt=Level.Travel%20%D1%85%20%D0%9C%D0%BE%D1%81%D0%BA%D0%BE%D0%B2%D1%81%D0%BA%D0%B8%D0%B9%20%D0%9A%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%91%D0%B0%D0%BD%D0%BA%20-%20%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B8%20%D0%B1%D1%80%D0%BE%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%83%D1%80%D0%BE%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&xid=gUwg0vEXS8y1Gepk1in1lA&xvar=1&_utma=224965766.1687838476.1676805312.1676805312.1676805312.1&_utmz=224965766.1676805312.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1676805312558&_u=aSBCiEABRAAAAAAEK~&jid=240606478&gjid=11091736&cid=1687838476.1676805312&tid=UA-27369706-7&_gid=39970895.1676805313&gtm=45He32f0n71P6VN73&cd3=none&cd5=1687838476.1676805312_1676805312558&cd4=1687838476.1676805312&cd6=none&z=1026783873
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.228.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 179.228.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
content-type: text/plain

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 57ms
32ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-27369706-7&cid=1687838476.1676805312&jid=240606478&_u=aSBCiEABRAAAAEAEK~&z=213702279

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:15:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 55ms
30ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-27369706-7&cid=1687838476.1676805312&jid=240606478&_u=aSBCiEABRAAAAEAEK~&z=213702279

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:15:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1c0942547d39e10f5f56.js Show response
yastatic.net/partner-code-bundles/724193/ 14 KB
5 KB 36ms
36ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/724193/1c0942547d39e10f5f56.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

7d01f3eee46cd583abc3f0b0b30ec7e8b29029563be741cb7e8231720433a8b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://mkb.level.travel/
Origin: https://mkb.level.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:12 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4802
last-modified: Thu, 16 Feb 2023 15:45:50 GMT
server: nginx/1.17.9
etag: "e98ae5c8cadc9fee5f3920da9eeb2f2e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 18 Feb 2053 17:50:03 GMT

GET
H2 200 92b68fa2efde4b15e577.js Show response
yastatic.net/partner-code-bundles/724193/ 109 KB
24 KB 63ms
63ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/724193/92b68fa2efde4b15e577.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4519a36d095c6dfc4bae166c286d646705640c4fde4a751ab604eb3f24599286

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://mkb.level.travel/
Origin: https://mkb.level.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:12 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 23683
last-modified: Thu, 16 Feb 2023 15:45:51 GMT
server: nginx/1.17.9
etag: "a75af76f99968953147e3346a18f81e0"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 18 Feb 2053 17:50:03 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 82ms
82ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://mkb.level.travel/
Origin: https://mkb.level.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:12 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 18 Feb 2053 17:47:26 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 94ms
94ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://mkb.level.travel/
Origin: https://mkb.level.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:12 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: aff3d8963d417072
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Feb 2024 17:00:38 GMT

GET
H2 200 07cea2bf8567304efc16.js Show response
yastatic.net/partner-code-bundles/724193/ 23 KB
8 KB 100ms
100ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/724193/07cea2bf8567304efc16.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5384a770bd7a904a9d83df30726d08b7ef77b7486ddaafaafd652d957ef682d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://mkb.level.travel/
Origin: https://mkb.level.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:12 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7922
last-modified: Thu, 16 Feb 2023 15:45:50 GMT
server: nginx/1.17.9
etag: "b30427af2d87ae1d7fc6cf4c485c40fd"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 18 Feb 2053 17:50:03 GMT

GET
H2 200 2ec9a88e40a26b53acde.js Show response
yastatic.net/partner-code-bundles/724193/ 7 KB
3 KB 101ms
100ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/724193/2ec9a88e40a26b53acde.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

adb951d47a01feb07cbcda6c9fa6d2d64ded5e85c00d25407aa7ff26a6dbbaec

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://mkb.level.travel/
Origin: https://mkb.level.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:12 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2065
last-modified: Thu, 16 Feb 2023 15:45:50 GMT
server: nginx/1.17.9
etag: "ef8dc2e3dc237f177e36ff4584b143b1"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 18 Feb 2053 17:50:03 GMT

GET
H2 200 464ade9f0fa6167f7452.js Show response
yastatic.net/partner-code-bundles/724193/ 564 KB
108 KB 101ms
100ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/724193/464ade9f0fa6167f7452.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2cf1611b158aeef1c393e22b03262b4ec857aae9a4b037b1b003611842208b85

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://mkb.level.travel/
Origin: https://mkb.level.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:12 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 109689
last-modified: Thu, 16 Feb 2023 15:45:50 GMT
server: nginx/1.17.9
etag: "f2d959e61d326d6cb0bca66c6351d3f7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 18 Feb 2053 17:50:03 GMT

GET
H/1.1 200
OK provider.html Show response
api.flocktory.com/v2/provider/ Frame 1A97 38 KB
14 KB 35ms
35ms Document
text/html 52.17.120.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flocktory.com/v2/provider/provider.html
Requested by: Host: api.flocktory.com
URL: https://api.flocktory.com/v2/loader.js?site_id=2113
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.120.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-120-67.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: dde19c00156fa9aaf2943c7e85e6f09640a2d546ecacc60435bdb630e4d56837

Request headers

Referer: https://mkb.level.travel/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=604800
Connection: keep-alive
Content-Encoding: br
Content-Length: 14007
Content-Type: text/html
Date: Sun, 19 Feb 2023 11:15:12 GMT
ETag: W/"58501bae4cfa7ab42c180d63859c1088"
Last-Modified: Tue, 07 Feb 2023 11:42:21 GMT
Server: openresty
Vary: Accept-Encoding
x-amz-id-2: dDGRDZx/aRm/ex6gkEGonBJxDYCfS69v7WvhAFNAWQyLWwlWRHXZTysH9nrTu2xykNlSp1U39Ks=
x-amz-meta-s3cmd-attrs: atime:1675770093/ctime:1675770096/gid:0/gname:root/md5:58501bae4cfa7ab42c180d63859c1088/mode:33188/mtime:1675770093/uid:0/uname:root
x-amz-request-id: HRPWJH30E3K0SZ8Y
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK setup-api.js Show response
api.flocktory.com/u_shaman/ 17 KB
4 KB 122ms
87ms Script
application/javascript 52.17.120.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.flocktory.com/u_shaman/setup-api.js?body=%7B%22siteId%22%3A%222113%22%2C%22utm%22%3A%7B%22source%22%3A%22direct%22%2C%22medium%22%3A%22none%22%2C%22campaign%22%3A%22direct%22%2C%22term%22%3A%22%22%2C%22content%22%3A%22%22%7D%2C%22site-session-id%22%3A%22210cf21f-56f5-4697-9b58-df0a69f1dee0-4%22%7D&callback=flock_jsonp_1

Requested by

Host: api.flocktory.com
URL: https://api.flocktory.com/v2/loader.js?site_id=2113

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.120.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-120-67.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

bd3c25473f8f9055d553a479d27d8f4e9b189b0139dee0db3652b730b3e54c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 11:15:13 GMT
Content-Encoding: br
x-envoy-decorator-operation: shaman-public-api.production.svc.cluster.local:80/*
Strict-Transport-Security: max-age=604800;
Server: openresty
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
x-envoy-upstream-service-time: 30
Connection: keep-alive
Content-Length: 3754

POST
H/1.1 200
OK track-visit Show response
api.mindbox.ru/v1.1/customer/ 134 B
894 B 93ms
92ms XHR
application/json 84.252.130.113
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mindbox.ru/v1.1/customer/track-visit?version=1.0.418&transport=XmlHttpRequest

Requested by

Host: api.mindbox.ru
URL: https://api.mindbox.ru/scripts/v1/tracker.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

84.252.130.113 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

Kestrel /

Resource Hash

96aea82cf4b88974a3aba08a2f7076254867d8691882d4ae1b4a278f3e9ff717

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=315360000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://mkb.level.travel/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' 'unsafe-inline'
date: Sun, 19 Feb 2023 11:15:12 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=315360000; includeSubDomains; preload
content-length: 134
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: Kestrel
vary: Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mkb.level.travel
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
feature-policy: vibrate 'self'
expires: -1

GET
H/1.1 322
status code 322 mkb.level.travel.js
api.mindbox.ru/js/bydomain/ 0
0 178ms
68ms Fetch
application/javascript 84.252.130.113
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mindbox.ru/js/bydomain/mkb.level.travel.js?_=465779

Requested by

Host: api.mindbox.ru
URL: https://api.mindbox.ru/scripts/v1/tracker.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

84.252.130.113 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=315360000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src 'self' 'unsafe-inline'
date: Sun, 19 Feb 2023 11:15:13 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=315360000; includeSubDomains; preload
x-amz-request-id: ed0fc3eb27e22385
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: nginx
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
location: https://personalization-web-stable.mindbox.ru/init/unknown?_=465779
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method,Origin
feature-policy: vibrate 'self'
x-frame-options: DENY
access-control-allow-headers: *

GET
H/1.1 200
OK *.level.travel.js Show response
api.mindbox.ru/js/bydomain/ 0
948 B 194ms
82ms Fetch
application/javascript 84.252.130.113
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mindbox.ru/js/bydomain/*.level.travel.js?_=465779

Requested by

Host: api.mindbox.ru
URL: https://api.mindbox.ru/scripts/v1/tracker.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

84.252.130.113 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=315360000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src 'self' 'unsafe-inline'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 11:15:13 GMT
strict-transport-security: max-age=315360000; includeSubDomains; preload
x-amz-request-id: ef3f46a234b672ae
transfer-encoding: chunked
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 19 Feb 2023 09:07:39 GMT
server: nginx
etag: W/"d5b39e342a1899ea60ea6e5228adcfdc"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method,Origin
feature-policy: vibrate 'self'
x-frame-options: DENY
access-control-allow-headers: *

GET
H/1.1 200
OK ultimate.js
api.flocktory.com/underworld/tracks/ 33 B
33 B 60ms
59ms Image
application/javascript 52.17.120.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.flocktory.com/underworld/tracks/ultimate.js?body=%7B%22data%22%3A%7B%22action%22%3A%22session.page_visit%22%2C%22payload%22%3A%7B%22resolution%22%3A%221600x1200%22%2C%22ga%22%3A%7B%22utmcsr%22%3A%22direct%22%2C%22utmccn%22%3A%22direct%22%2C%22utmcmd%22%3A%22none%22%2C%22h_utmcsr%22%3A%22%22%2C%22h_utmccn%22%3A%22%22%2C%22h_utmcmd%22%3A%22%22%2C%22previous_visit_ts%22%3A1676805312%2C%22current_visit_ts%22%3A1676805312%2C%22initial_visit_ts%22%3A1676805312%2C%22pageviews%22%3A1%7D%2C%22url%22%3A%22https%3A%2F%2Fmkb.level.travel%2F%22%7D%2C%22links%22%3A%7B%22site%22%3A2113%7D%7D%2C%22site-session-id%22%3A%22210cf21f-56f5-4697-9b58-df0a69f1dee0-4%22%7D&callback=flock_jsonp_9999

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.120.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-120-67.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 11:15:13 GMT
Content-Encoding: br
x-envoy-decorator-operation: tracks-general.production.svc.cluster.local:80/*
Strict-Transport-Security: max-age=604800;
Server: openresty
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
x-envoy-upstream-service-time: 5
Connection: keep-alive
Content-Length: 37

GET
H2

200

counter2 Show response
top-fwz1.mail.ru/ Frame FA59
Redirect Chain

https://top-fwz1.mail.ru/counter?id=2951107;pid=bdc24c89-8faa-45fc-9590ddf3aa794110
https://top-fwz1.mail.ru/counter2?id=2951107;pid=bdc24c89-8faa-45fc-9590ddf3aa794110

43 B
960 B

51ms
51ms

Document
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter2?id=2951107;pid=bdc24c89-8faa-45fc-9590ddf3aa794110

Requested by

Host: api.flocktory.com
URL: https://api.flocktory.com/v2/loader.js?site_id=2113

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin: *
cache-control: private, no-cache, no-store, max-age=0
content-length: 43
content-type: image/gif
date: Sun, 19 Feb 2023 11:15:13 GMT
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
pragma: no-cache
server: nginx
timing-allow-origin: *
x-content-type-options: nosniff

Redirect headers

accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin: *
cache-control: private, no-cache, no-store, max-age=0
content-length: 0
date: Sun, 19 Feb 2023 11:15:13 GMT
location: https://top-fwz1.mail.ru/counter2?id=2951107;pid=bdc24c89-8faa-45fc-9590ddf3aa794110
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
pragma: no-cache
server: nginx
timing-allow-origin: *
x-content-type-options: nosniff

GET
H2

200

/ Show response
wf.frontend.weborama.fr/streampixel/ Frame A7BB
Redirect Chain

https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22bdc24c89-8faa-45fc-9590ddf3aa794110%22%7D&d.r=1676805313035
https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22bdc24c89-8faa-45fc-9590ddf3aa794110%22%7D&d.r=1676805313035&bounce=1&random=3744767948

67 B
143 B

25ms
23ms

Document
image/gif

34.117.176.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22bdc24c89-8faa-45fc-9590ddf3aa794110%22%7D&d.r=1676805313035&bounce=1&random=3744767948
Requested by: Host: api.flocktory.com
URL: https://api.flocktory.com/v2/loader.js?site_id=2113
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.176.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.176.117.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: 09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length: 67
content-type: image/gif
date: Sun, 19 Feb 2023 11:15:13 GMT
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Sun, 19 Feb 2023 11:15:13 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
pragma: no-cache
server: Weborama Collect Frontend
vary: Origin
via: 1.1 google

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length: 0
date: Sun, 19 Feb 2023 11:15:12 GMT
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Sun, 19 Feb 2023 11:15:13 GMT
location: https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22bdc24c89-8faa-45fc-9590ddf3aa794110%22%7D&d.r=1676805313035&bounce=1&random=3744767948
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
pragma: no-cache
server: Weborama Collect Frontend
vary: Origin
via: 1.1 google

GET
H/1.1

200
OK

cm.gif Show response
ad.mail.ru/ Frame AE5D
Redirect Chain

https://tag.rutarget.ru/tag?event=sync&partner=flocktory&external_visitor_id=bdc24c89-8faa-45fc-9590ddf3aa794110
https://ad.mail.ru/cm.gif?p=34&id=-DnfoWdXqNLL

43 B
764 B

169ms
54ms

Document
image/gif

2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/cm.gif?p=34&id=-DnfoWdXqNLL
Requested by: Host: api.flocktory.com
URL: https://api.flocktory.com/v2/loader.js?site_id=2113
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=21600
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 19 Feb 2023 11:15:13 GMT
Expires: Sun, 19 Feb 2023 17:15:13 GMT
Last-Modified: Sun, 19 Feb 2023 11:15:13 GMT
Server: nginx
Timing-Allow-Origin: *

Redirect headers

Connection: close
Content-Length: 0
Date: Sun, 19 Feb 2023 11:15:13 GMT
Location: https://ad.mail.ru/cm.gif?p=34&id=-DnfoWdXqNLL
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Server: nginx
Timing-Allow-Origin: *

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9919.Dv-6C1SV--HHn9TQl4FfRz9b95_CwfyTAClsqgTKpMazSzUdA9l8g1Lfxchx2r2l.u2oB3O4aPBLSGBHA0uLLshSJxSQ%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9919.5V8jzh00ne3xb4Jnch2oZtIsqJ60DMh2c8VwhQVIL4fBVE1Dtv-6ZwUz-w1QhAgDecpQ3SUvAcFg5iIh4Ho-s1M4ka5DMXAJPF_jqsH8B2I%2C.6C5zghnduezo3QjTICUbKMsIYJ8%2C

43 B
67 B

62ms
62ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9919.5V8jzh00ne3xb4Jnch2oZtIsqJ60DMh2c8VwhQVIL4fBVE1Dtv-6ZwUz-w1QhAgDecpQ3SUvAcFg5iIh4Ho-s1M4ka5DMXAJPF_jqsH8B2I%2C.6C5zghnduezo3QjTICUbKMsIYJ8%2C

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:13 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9919.5V8jzh00ne3xb4Jnch2oZtIsqJ60DMh2c8VwhQVIL4fBVE1Dtv-6ZwUz-w1QhAgDecpQ3SUvAcFg5iIh4Ho-s1M4ka5DMXAJPF_jqsH8B2I%2C.6C5zghnduezo3QjTICUbKMsIYJ8%2C
date: Sun, 19 Feb 2023 11:15:13 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
161 B 68ms
56ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:13 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63e36f34-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 19 Feb 2023 12:15:13 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/18706828/
Redirect Chain

https://mc.yandex.com/watch/18706828?wmode=7&page-url=https%3A%2F%2Fmkb.level.travel%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1028%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...
https://mc.yandex.com/watch/18706828/1?wmode=7&page-url=https%3A%2F%2Fmkb.level.travel%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1028%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...

454 B
788 B

54ms
54ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/18706828/1?wmode=7&page-url=https%3A%2F%2Fmkb.level.travel%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1028%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A699289518221%3Ahid%3A446119328%3Az%3A0%3Ai%3A20230219111513%3Aet%3A1676805313%3Ac%3A1%3Arn%3A105708173%3Arqn%3A1%3Au%3A1676805313840375773%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A25%2C116%2C291%2C55%2C0%2C0%2C%2C475%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1676805311349%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676805313%3At%3ALevel.Travel%20%D1%85%20%D0%9C%D0%BE%D1%81%D0%BA%D0%BE%D0%B2%D1%81%D0%BA%D0%B8%D0%B9%20%D0%9A%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%91%D0%B0%D0%BD%D0%BA%20-%20%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B8%20%D0%B1%D1%80%D0%BE%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%83%D1%80%D0%BE%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c617fbc50e70b12d23139a3729c3edbf5c7b10a6373764fd1339bb4c009b3b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:15:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 19-Feb-2023 11:15:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mkb.level.travel
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 454
x-xss-protection: 1; mode=block
expires: Sun, 19-Feb-2023 11:15:13 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:15:13 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 19-Feb-2023 11:15:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/18706828/1?wmode=7&page-url=https%3A%2F%2Fmkb.level.travel%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1028%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A699289518221%3Ahid%3A446119328%3Az%3A0%3Ai%3A20230219111513%3Aet%3A1676805313%3Ac%3A1%3Arn%3A105708173%3Arqn%3A1%3Au%3A1676805313840375773%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A25%2C116%2C291%2C55%2C0%2C0%2C%2C475%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1676805311349%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676805313%3At%3ALevel.Travel%20%D1%85%20%D0%9C%D0%BE%D1%81%D0%BA%D0%BE%D0%B2%D1%81%D0%BA%D0%B8%D0%B9%20%D0%9A%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%91%D0%B0%D0%BD%D0%BA%20-%20%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B8%20%D0%B1%D1%80%D0%BE%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%83%D1%80%D0%BE%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://mkb.level.travel
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 19-Feb-2023 11:15:13 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9919.W-XVsvEd9MS_k27W9PgmEuNfcOMC4ThQ5ppNSo9-VBwa24S3bZMoCThJuZ0gmn_D.g5o_mg186iU9nMYB2JBO6MtjX7I%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9919.ud9EdxGV8VZfP2VTzSnN6fwRaa6NA-6DVcDfSMVD0gqvklqGhYFFzXXS4mmpIABhOG6Ri7cNlQlKbXlw8xvNFU9H1MSkgP_QjhofIrQzS24%2C.cjT32Wg7BORPwElHvV...

43 B
79 B

58ms
58ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9919.ud9EdxGV8VZfP2VTzSnN6fwRaa6NA-6DVcDfSMVD0gqvklqGhYFFzXXS4mmpIABhOG6Ri7cNlQlKbXlw8xvNFU9H1MSkgP_QjhofIrQzS24%2C.cjT32Wg7BORPwElHvV_GII3rIfI%2C

Requested by

Host: mkb.level.travel
URL: https://mkb.level.travel/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:13 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9919.ud9EdxGV8VZfP2VTzSnN6fwRaa6NA-6DVcDfSMVD0gqvklqGhYFFzXXS4mmpIABhOG6Ri7cNlQlKbXlw8xvNFU9H1MSkgP_QjhofIrQzS24%2C.cjT32Wg7BORPwElHvV_GII3rIfI%2C
date: Sun, 19 Feb 2023 11:15:13 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

POST
H2 200 track Show response
mkb.level.travel/event/ 16 B
384 B 88ms
88ms XHR
application/json 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://mkb.level.travel/event/track

Requested by

Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/assets/lt/common.prod-ede48821d435896eefb67ca8bee8ce07e8853384fe0fa3a905b24459f805eca8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mkb.level.travel/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

x-runtime: 0.027800
date: Sun, 19 Feb 2023 11:15:16 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.23.2
x-permitted-cross-domain-policies: none
etag: W/"c955e57777ec0d73639dca6748560d00"
x-download-options: noopen
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 31
content-length: 16
x-xss-protection: 1; mode=block
x-request-id: fa2aa17e-cd3b-4f5a-8b0a-6b0d99660cfa

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/assets/lt/core.prod-c0e257515bce60ae11d51ae5c16cb07d6fccd866fb96e28fefb5894e3f0ce1d6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 10:54:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1232
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 19 Feb 2023 12:54:44 GMT

GET
H2 200 25-7afb7a03822e3d9c8991321e680581cca1ece4f520ba13bbc13b598ca601feed.gif
cdn.yc.level.travel/assets/ 13 KB
14 KB 524ms
524ms Image
image/gif 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.yc.level.travel/assets/25-7afb7a03822e3d9c8991321e680581cca1ece4f520ba13bbc13b598ca601feed.gif
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 7afb7a03822e3d9c8991321e680581cca1ece4f520ba13bbc13b598ca601feed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc97
date: Sun, 19 Feb 2023 11:15:16 GMT
via: 1.1 e3d7e26a5df51c85de01773b18b95a58.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
age: 19548872
x-cache: Hit from cloudfront
x-cached-since: 2023-02-17T13:29:22+00:00
content-length: 13726
last-modified: Thu, 23 Mar 2017 13:59:27 GMT
server: nginx
etag: "d8107b5e21cb76a65f61acb37f7b9ec8"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
accept-ranges: bytes
x-amz-cf-id: hZI0KsNXLMZ4pwFRKMGtTkj1E3YmS09Et0F6C8p-qDQnYvDLqPCSIQ==
expires: Sun, 19 Feb 2023 15:15:16 GMT

GET
H2 200 leveltravel.css
cdn.yc.level.travel/5.0/stylesheets/widgets/statistic_widget/ 32 KB
7 KB 515ms
514ms Stylesheet
text/css 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/5.0/stylesheets/widgets/statistic_widget/leveltravel.css?v=1676805316398
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/5.0/open_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 9365987da6a5639d7fc14276583f9910dd2b229872cfa17aeea7720b8721b80f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc88
date: Sun, 19 Feb 2023 11:15:16 GMT
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P3
age: 225
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 Feb 2023 12:51:28 GMT
server: nginx
etag: W/"eb635215540eea60928c7235628638f0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cache: MISS
x-amz-cf-id: TC9-zO5jPk38z6579mXkVR6In7OHIDxePXdPa7AjkjfOeLbZgdAdyw==
expires: Sun, 19 Feb 2023 15:15:16 GMT

GET
H2 200 widget_base.css
cdn.yc.level.travel/5.0/stylesheets/ 40 KB
21 KB 465ms
464ms Stylesheet
text/css 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/5.0/stylesheets/widget_base.css?v=1676805316399
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/5.0/open_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: ff4e3cc74a0796cd0b5679fe7de5507703cd4793c9f657328f36a6b0b970dd30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc43
date: Sun, 19 Feb 2023 11:15:16 GMT
via: 1.1 1006b6fade1118dfc3284a26ac82fccc.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
age: 404
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 Feb 2023 12:51:28 GMT
server: nginx
etag: W/"2d4136f7a37e3b5715315ac93a3bcfea"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cache: MISS
x-amz-cf-id: -bMrog0zbnbq5e6dqmurJkg8RNX66mIPFPqMaUwWyUAMGS1Xz3p_Sw==
expires: Sun, 19 Feb 2023 15:15:16 GMT

GET
H2 200 tracker.js Show response
cdn.yc.level.travel/tracker/ 26 KB
11 KB 465ms
465ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/tracker/tracker.js
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/5.0/open_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 4663ef8d83e43b296729ac8ac6fc18977c3f082a91a4d7475b14b147eaeb95bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc7
date: Sun, 19 Feb 2023 11:15:16 GMT
via: 1.1 4aba10f1ef4bda5f7c1b86a07ca64264.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
age: 64
x-cache: Hit from cloudfront
x-cached-since: 2023-02-15T12:52:16+00:00
last-modified: Thu, 02 Feb 2023 16:44:41 GMT
server: nginx
etag: W/"b79ccf25d2e9302825a2cc5b60a467e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: _qkcRkXrIibWmaFwasx-DHvrqEeKr7yq49ajKMB4xl0R3ZdcsLJbhQ==
expires: Sun, 19 Feb 2023 15:15:16 GMT

GET
H2 200 departures Show response
api.level.travel/references/ 9 KB
10 KB 115ms
94ms XHR
text/aes 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.level.travel/references/departures?api_version=3&key=ef5451f89bd1658c767e43c1ef2ed8c1&js=true&ltev=0.1.4&sign=b59c427b2b45fbb2b2ab3a1b0ae8368b

Requested by

Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/5.0/open_api.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

d7fd6d08e99b5b1dc01412bab90c7ac860c6826d3cdd0300707457880815dd4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://mkb.level.travel/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:17 GMT
access-control-request-method: GET, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-envoy-upstream-service-time: 30
x-xss-protection: 1; mode=block
x-request-id: 3b2e3d0c18c3eb42b72689a1c709a5ae
pragma: no-cache
x-runtime: 0.023944
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 01 00 2000 00:01:00 GMT
server: nginx/1.23.2
x-download-options: noopen
access-control-max-age: 1000
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type: text/aes; charset=utf-8
access-control-allow-origin: https://mkb.level.travel
access-control-expose-headers: WWW-Authenticate
cache-control: no-cache, post-check=0, pre-check=0, no-store
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-requested-with,x-requested-by,authorization
x-frame-options: SAMEORIGIN
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
DATA 200
OK truncated
/ 12 KB
12 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d5bb1884c84599d6210dde09b4a37a2abe9e48ea922481f5c2f6f1c3e281418

Request headers

Referer
Origin: https://mkb.level.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: font/truetype

GET
H2 200 countries Show response
api.level.travel/references/ 4 KB
5 KB 698ms
697ms XHR
text/aes 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.level.travel/references/countries?from_city=Moscow&api_version=3&key=ef5451f89bd1658c767e43c1ef2ed8c1&js=true&ltev=0.1.4&sign=76491a2d002c1de53f1edf796da3297f

Requested by

Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/5.0/open_api.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

8b37b52878bf5447239b52059970bb005702a1e903463e8cf8b11c1e88dbbc6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://mkb.level.travel/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:17 GMT
access-control-request-method: GET, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-envoy-upstream-service-time: 637
x-xss-protection: 1; mode=block
x-request-id: 0b9be600adf8c87f6072a52f7a150485
pragma: no-cache
x-runtime: 0.629212
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 01 00 2000 00:01:00 GMT
server: nginx/1.23.2
x-download-options: noopen
access-control-max-age: 1000
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type: text/aes; charset=utf-8
access-control-allow-origin: https://mkb.level.travel
access-control-expose-headers: WWW-Authenticate
cache-control: no-cache, post-check=0, pre-check=0, no-store
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-requested-with,x-requested-by,authorization
x-frame-options: SAMEORIGIN
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 flags.png
cdn.yc.level.travel/5.0/images/ 122 KB
122 KB 998ms
998ms Image
image/png 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.yc.level.travel/5.0/images/flags.png?1675774146
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/5.0/stylesheets/widgets/statistic_widget/leveltravel.css?v=1676805316398
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: e0897b7176ddb11f350484098188fa45604c020bb112cb5bb1e94502338ff6d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.yc.level.travel/5.0/stylesheets/widgets/statistic_widget/leveltravel.css?v=1676805316398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc86
date: Sun, 19 Feb 2023 11:15:18 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-18T07:54:18+00:00
content-length: 124897
last-modified: Tue, 07 Feb 2023 12:51:28 GMT
server: nginx
etag: "4bce9dd33500f2b02883d32efb3cd88f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
accept-ranges: bytes
x-amz-cf-id: g2SeSDd6q1M09OjB9Y4zKLFW_KXodXy992nPDy11yNbrciXXKjZzEQ==
expires: Sun, 19 Feb 2023 15:15:18 GMT

GET
H2 200 prices Show response
api.level.travel/statistics/ 2 KB
2 KB 112ms
112ms XHR
text/aes 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.level.travel/statistics/prices?count=55&from_city=Moscow&from_country=RU&to_country=EG&nights=7&adults=2&start_date=19.02.2023&kids=0&stars_from=1&stars_to=5&flex_dates=false&api_version=3&key=ef5451f89bd1658c767e43c1ef2ed8c1&js=true&ltev=0.1.4&sign=636c050d61244ca88a870ce00306a221

Requested by

Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/5.0/open_api.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

0a4bf4f2e95f3b68a71a3c4680339d948b488cbc2164a1f231954fce21220b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://mkb.level.travel/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:18 GMT
access-control-request-method: GET, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-envoy-upstream-service-time: 55
x-xss-protection: 1; mode=block
x-request-id: f7514b1005105a08a6651e4ff32368af
pragma: no-cache
x-runtime: 0.050525
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 01 00 2000 00:01:00 GMT
server: nginx/1.23.2
x-download-options: noopen
access-control-max-age: 1000
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type: text/aes; charset=utf-8
access-control-allow-origin: https://mkb.level.travel
access-control-expose-headers: WWW-Authenticate
cache-control: no-cache, post-check=0, pre-check=0, no-store
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-requested-with,x-requested-by,authorization
x-frame-options: SAMEORIGIN
expires: Tue, 03 Jul 2001 06:00:00 GMT

POST
H2 200 / Show response
o180558.ingest.sentry.io/api/4504219661828096/envelope/ 2 B
278 B 51ms
12ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o180558.ingest.sentry.io/api/4504219661828096/envelope/?sentry_key=45c357db8ad5469ba010883dd7cb846b&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.28.1

Requested by

Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/assets/vendors~about~client~confirm_email~faq~gift_certificate~header_app~home~hotel_reviews_page~hotels~or~b1b67422._8042bc32f22e6777b050.prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mkb.level.travel/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 11:15:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://mkb.level.travel
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 vendors~Cigarette~HeaderAuth~client~gift_certificate~hotel_reviews_page~hotels~order~order_changing_~4d89d5f4._9a859dabe6d40a2d2114.prod.js Show response
cdn.yc.level.travel/assets/ 19 KB
8 KB 388ms
387ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~Cigarette~HeaderAuth~client~gift_certificate~hotel_reviews_page~hotels~order~order_changing_~4d89d5f4._9a859dabe6d40a2d2114.prod.js
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/assets/runtime._910ac3b7fd1f704f3d85.prod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: eb1d7d9d94b112bf1e967e71764c990b3ac18fdc8ef7ac0afc7f96914b64a952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc89
date: Sun, 19 Feb 2023 11:15:19 GMT
via: 1.1 28854270ecee3f8e2272bf40b3de08fa.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:23:00+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"3359d9da15479dc6231644d668f4127b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: eAJB5hpTfnePoy3OAgl0r0-u63gGNcSHjc0Tmdn_ANxHANTbQSVTLg==
expires: Sun, 19 Feb 2023 15:15:19 GMT

GET
H2 200 vendors~HeaderAuth._987977b19a4bc03013c9.prod.js Show response
cdn.yc.level.travel/assets/ 18 KB
7 KB 163ms
161ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~HeaderAuth._987977b19a4bc03013c9.prod.js
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/assets/runtime._910ac3b7fd1f704f3d85.prod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 929c7d2e514eacb5130d859126928912cb0eae882794634fc31d60abf32619d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc91
date: Sun, 19 Feb 2023 11:15:19 GMT
via: 1.1 1006b6fade1118dfc3284a26ac82fccc.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:23:00+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"87e0e96672f10e3ad367a4dc0e1a14e1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: 4nKIdE-GlvVb1_KcWbmRrciROB3kR9MYGZpGzT-gQkazYh00ragong==
expires: Sun, 19 Feb 2023 15:15:19 GMT

GET
H2 200 35.746b2f90c7b596a08a68.css
cdn.yc.level.travel/assets/ 739 B
711 B 157ms
156ms Stylesheet
text/css 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/35.746b2f90c7b596a08a68.css
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/assets/runtime._910ac3b7fd1f704f3d85.prod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 6f69c838d0cd2ae7579e75bed6f26e14f0ce1ff3e4d9dc0fb6f782090c0bd37c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc85
date: Sun, 19 Feb 2023 11:15:19 GMT
via: 1.1 c5986ba12cee41e584b5d9b9a9b15446.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
age: 183377
x-cache: Hit from cloudfront
x-cached-since: 2023-02-18T13:12:33+00:00
last-modified: Tue, 31 Jan 2023 10:12:20 GMT
server: nginx
etag: W/"b55301b25aa8f4bfb8d69ef0fa8598d9"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: YVVzF08H_CmeF20e2za9Ah5FxQnEg1qy6emJz1oKxV_3kqALFndq0Q==
expires: Sun, 19 Feb 2023 15:15:19 GMT

GET
H2 200 HeaderAuth._db69da47b0a0d2fe7fb5.prod.js Show response
cdn.yc.level.travel/assets/ 170 KB
51 KB 270ms
270ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/HeaderAuth._db69da47b0a0d2fe7fb5.prod.js
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/assets/runtime._910ac3b7fd1f704f3d85.prod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: b8c8cc2743ea43adc8dbe938b8800eeba4c001ba9bd483edaac941139d3ceb64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc90
date: Sun, 19 Feb 2023 11:15:19 GMT
via: 1.1 99092867f863705e8ff048fff99f968c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:23:00+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"be563188917c4465e600c33447db4f45"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: pUQg7qhpEIiQ75_5d75RH6cP_aPNFlemzIswCMGW1F5ANbrTTMoxNw==
expires: Sun, 19 Feb 2023 15:15:19 GMT

GET
H2 200 vendors~Cigarette~order_changing_request._e42da723b4aba175bce5.prod.js Show response
cdn.yc.level.travel/assets/ 219 KB
69 KB 156ms
155ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~Cigarette~order_changing_request._e42da723b4aba175bce5.prod.js
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/assets/runtime._910ac3b7fd1f704f3d85.prod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 128fb5eb23af464f38696c9ff9f065d13a0e3628254a100d1c8ec3d1f79c09de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc79
date: Sun, 19 Feb 2023 11:15:19 GMT
via: 1.1 f5046bb9ebd1a8f25b2025d7d9a283f2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: AMS1-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:23:00+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"0d4da2feac6899f51be14a72b52ed448"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: E_57c1f-hcyWvaqZI8yVtIGxTwA8NJ8qF9nVh2oaVRHP7D43_3mTwg==
expires: Sun, 19 Feb 2023 15:15:19 GMT

GET
H2 200 63.067230b48210246c3507.css
cdn.yc.level.travel/assets/ 22 KB
4 KB 165ms
164ms Stylesheet
text/css 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/63.067230b48210246c3507.css
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/assets/runtime._910ac3b7fd1f704f3d85.prod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: e675f710b72f4b19eef4e073c6c9138c3869fc135a582e0c242be4d7f96e2a2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc89
date: Sun, 19 Feb 2023 11:15:19 GMT
via: 1.1 a64b49e5551565c12c7314b5e4419ba4.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-16T09:24:16+00:00
last-modified: Thu, 16 Feb 2023 09:14:54 GMT
server: nginx
etag: W/"9f9fd1cc423e68b82f6f495c2b2d7820"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: FNeF4KtUMdr23X7lLIRbRk6oc3yAFTUUCgnda03kVbKIYvSpZ96-Bw==
expires: Sun, 19 Feb 2023 15:15:19 GMT

GET
H2 200 vendors~Cigarette._6563a47980397834664e.prod.js Show response
cdn.yc.level.travel/assets/ 606 KB
185 KB 177ms
176ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/vendors~Cigarette._6563a47980397834664e.prod.js
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/assets/runtime._910ac3b7fd1f704f3d85.prod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 151872b838ed37b03ddf157ad220581adae772c278a911a74b0232e917a50fa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc8
date: Sun, 19 Feb 2023 11:15:19 GMT
via: 1.1 660625642e0df86c41275db1ce1ac922.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ARN54-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-17T12:23:00+00:00
last-modified: Fri, 17 Feb 2023 12:12:18 GMT
server: nginx
etag: W/"4f74ca09fab48e2522cd121a81ba79d5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: apYmPZEeAoNsj_aUCTezUMItcJcYDfmt-U7r45_gxNzEaFLimn38qQ==
expires: Sun, 19 Feb 2023 15:15:19 GMT

GET
H2 200 Cigarette._4da3a4d61eed4b06501a.prod.js Show response
cdn.yc.level.travel/assets/ 212 B
407 B 146ms
145ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yc.level.travel/assets/Cigarette._4da3a4d61eed4b06501a.prod.js
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/assets/runtime._910ac3b7fd1f704f3d85.prod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 65d25333b7fa6b72b95d34d74b16cf13c3802993689c4b756287c419230aa5ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc43
date: Sun, 19 Feb 2023 11:15:19 GMT
via: 1.1 e3d7e26a5df51c85de01773b18b95a58.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-cached-since: 2023-02-18T08:53:24+00:00
last-modified: Fri, 10 Feb 2023 08:48:46 GMT
server: nginx
etag: W/"32ecfeb6f9b9c7065a913d929b2f337a"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
x-amz-cf-id: uDk5UYTQwbY_hHz-SWep2nFkq442CUgGyAvW-Anm2igZc5cYSOejnw==
expires: Sun, 19 Feb 2023 15:15:19 GMT

GET
H2 200 x1_LT_x_mkb_web_big.png
s3.yc.level.travel/partner_logos/partner/1085/ 5 KB
5 KB 238ms
70ms Image
image/png 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.yc.level.travel/partner_logos/partner/1085/x1_LT_x_mkb_web_big.png
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 252828a795ed462f139a74671d5b455ff287c7170393bddd8394e89a911dd58c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-id: m9-up-gc99
date: Sun, 19 Feb 2023 11:15:19 GMT
x-amz-version-id: null
via: 1.1 732d3ca1627bbec3dcfe750ff23e18bc.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
age: 3359879
x-cache: Hit from cloudfront
x-cached-since: 2023-02-07T21:26:36+00:00
content-length: 5097
last-modified: Thu, 25 Aug 2022 11:56:35 GMT
server: nginx
etag: "03184753d88a599cdc28718d35bf510a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
x-amz-cf-id: QRssjmYr8jeUKYas689TVoW1MOtRA2Tr4xe9L9jOO5YqG6BwAZ0IIg==
expires: Thu, 23 Feb 2023 11:15:19 GMT

GET
H2 200 client_city Show response
api.level.travel/references/ 302 B
1 KB 480ms
480ms XHR
text/aes 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.level.travel/references/client_city?key=ef5451f89bd1658c767e43c1ef2ed8c1&api_version=3&js=true&sign=dc81b4d609c6278c49b2b25fd62e869f

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

9f502727eab324bb8a04d3fdc7477f49d926d88b283ec2d14faac18545714d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://mkb.level.travel/
accept-language: de-DE,de;q=0.9
X-Lang: ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-Cur: RUB
X-Cnt: ru

Response headers

date: Sun, 19 Feb 2023 11:15:19 GMT
access-control-request-method: GET, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-envoy-upstream-service-time: 409
x-xss-protection: 1; mode=block
x-request-id: 1192571ff25c81e3e4566635644fe008
pragma: no-cache
x-runtime: 0.401840
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 01 00 2000 00:01:00 GMT
server: nginx/1.23.2
x-download-options: noopen
access-control-max-age: 1000
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type: text/aes; charset=utf-8
access-control-allow-origin: https://mkb.level.travel
access-control-expose-headers: WWW-Authenticate
cache-control: no-cache, post-check=0, pre-check=0, no-store
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-requested-with,x-requested-by,authorization
x-frame-options: SAMEORIGIN
expires: Tue, 03 Jul 2001 06:00:00 GMT

OPTIONS
H2 200 client_city
api.level.travel/references/ Frame 0
0 227ms
105ms Preflight
text/aes 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.level.travel/references/client_city?key=ef5451f89bd1658c767e43c1ef2ed8c1&api_version=3&js=true&sign=dc81b4d609c6278c49b2b25fd62e869f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-cnt,x-cur,x-lang
Access-Control-Request-Method: GET
Origin: https://mkb.level.travel
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, X-Requested-With, X-Cnt, X-Lang, X-Cur
access-control-allow-methods: GET, POST, PATCH, OPTIONS
access-control-allow-origin: https://mkb.level.travel
access-control-expose-headers: WWW-Authenticate
access-control-max-age: 1000
access-control-request-method: GET, POST, PUT, PATCH, DELETE, OPTIONS
cache-control: no-cache, post-check=0, pre-check=0, no-store
content-type: text/aes; charset=utf-8
date: Sun, 19 Feb 2023 11:15:19 GMT
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Sat, 01 00 2000 00:01:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.23.2
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-envoy-upstream-service-time: 45
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: cd3fba5e05cd6164d76537accbea8137
x-runtime: 0.032577
x-xss-protection: 1; mode=block

OPTIONS
H2 200 client_departures
api.level.travel/references/ Frame 0
0 92ms
92ms Preflight
text/aes 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.level.travel/references/client_departures?automatically_detect_city=true&key=ef5451f89bd1658c767e43c1ef2ed8c1&api_version=3&js=true&sign=56488ebab59f3fc297c4c53fafee4d39

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-cnt,x-cur,x-lang
Access-Control-Request-Method: GET
Origin: https://mkb.level.travel
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, X-Requested-With, X-Cnt, X-Lang, X-Cur
access-control-allow-methods: GET, POST, PATCH, OPTIONS
access-control-allow-origin: https://mkb.level.travel
access-control-expose-headers: WWW-Authenticate
access-control-max-age: 1000
access-control-request-method: GET, POST, PUT, PATCH, DELETE, OPTIONS
cache-control: no-cache, post-check=0, pre-check=0, no-store
content-type: text/aes; charset=utf-8
date: Sun, 19 Feb 2023 11:15:19 GMT
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Sat, 01 00 2000 00:01:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.23.2
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-envoy-upstream-service-time: 35
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: d7c310ae3a2f429b8f8315c5539e97b1
x-runtime: 0.030176
x-xss-protection: 1; mode=block

GET
H2 200 client_departures Show response
api.level.travel/references/ 3 KB
4 KB 447ms
447ms XHR
text/aes 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.level.travel/references/client_departures?automatically_detect_city=true&key=ef5451f89bd1658c767e43c1ef2ed8c1&api_version=3&js=true&sign=56488ebab59f3fc297c4c53fafee4d39

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

e0d5de4060923e3344eb5e7b0d9ab004f3cb5249395e79a11efe3f14eaa29732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://mkb.level.travel/
accept-language: de-DE,de;q=0.9
X-Lang: ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-Cur: RUB
X-Cnt: ru

Response headers

date: Sun, 19 Feb 2023 11:15:19 GMT
access-control-request-method: GET, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-envoy-upstream-service-time: 390
x-xss-protection: 1; mode=block
x-request-id: df5a5f6decad2c7e7ed6feaeba481334
pragma: no-cache
x-runtime: 0.369631
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 01 00 2000 00:01:00 GMT
server: nginx/1.23.2
x-download-options: noopen
access-control-max-age: 1000
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type: text/aes; charset=utf-8
access-control-allow-origin: https://mkb.level.travel
access-control-expose-headers: WWW-Authenticate
cache-control: no-cache, post-check=0, pre-check=0, no-store
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-requested-with,x-requested-by,authorization
x-frame-options: SAMEORIGIN
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 places Show response
api.level.travel/references/ 4 KB
5 KB 111ms
110ms XHR
text/aes 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.level.travel/references/places?search_type=package&key=ef5451f89bd1658c767e43c1ef2ed8c1&api_version=3&js=true&sign=853bb781a562b27d776377b5caae8837

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

28bc8eb014a86c7be3e37179f65e6ad121b2c67856032660ecef1a51fcb349a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://mkb.level.travel/
accept-language: de-DE,de;q=0.9
X-Lang: ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-Cur: RUB
X-Cnt: ru

Response headers

date: Sun, 19 Feb 2023 11:15:19 GMT
access-control-request-method: GET, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-envoy-upstream-service-time: 54
x-xss-protection: 1; mode=block
x-request-id: e421bcd04029ffb91c7eae440dd31e8d
pragma: no-cache
x-runtime: 0.038202
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 01 00 2000 00:01:00 GMT
server: nginx/1.23.2
x-download-options: noopen
access-control-max-age: 1000
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type: text/aes; charset=utf-8
access-control-allow-origin: https://mkb.level.travel
access-control-expose-headers: WWW-Authenticate
cache-control: no-cache, post-check=0, pre-check=0, no-store
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-requested-with,x-requested-by,authorization
x-frame-options: SAMEORIGIN
expires: Tue, 03 Jul 2001 06:00:00 GMT

OPTIONS
H2 200 places
api.level.travel/references/ Frame 0
0 100ms
100ms Preflight
text/aes 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.level.travel/references/places?search_type=package&key=ef5451f89bd1658c767e43c1ef2ed8c1&api_version=3&js=true&sign=853bb781a562b27d776377b5caae8837

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-cnt,x-cur,x-lang
Access-Control-Request-Method: GET
Origin: https://mkb.level.travel
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, X-Requested-With, X-Cnt, X-Lang, X-Cur
access-control-allow-methods: GET, POST, PATCH, OPTIONS
access-control-allow-origin: https://mkb.level.travel
access-control-expose-headers: WWW-Authenticate
access-control-max-age: 1000
access-control-request-method: GET, POST, PUT, PATCH, DELETE, OPTIONS
cache-control: no-cache, post-check=0, pre-check=0, no-store
content-type: text/aes; charset=utf-8
date: Sun, 19 Feb 2023 11:15:19 GMT
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Sat, 01 00 2000 00:01:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.23.2
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-envoy-upstream-service-time: 44
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: e07b1e898fcc4a199bfe933b0492ef30
x-runtime: 0.040194
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK flags-min.png
lt-assets.s3-eu-west-1.amazonaws.com/lt-modules-assets/seo/ 36 KB
37 KB 177ms
66ms Image
image/png 52.218.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lt-assets.s3-eu-west-1.amazonaws.com/lt-modules-assets/seo/flags-min.png
Requested by: Host: mkb.level.travel
URL: https://mkb.level.travel/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.121.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 071ab8d029f82cc5f0a03a9fbaca1cf7070070d8953af7c49438bf17b3677424

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mkb.level.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 11:15:20 GMT
Last-Modified: Sun, 23 May 2021 05:38:30 GMT
Server: AmazonS3
x-amz-request-id: 81Y9XBQFPJSMM3PJ
ETag: "f9a29c119684e19c32a481dd8026b49f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 37040
x-amz-id-2: gbERfuLOpgvv0sa6XWKg3r6VD8XLzo0mwJryFzvIzCeH0nosdMYYfno3S2yHb+izqDQTWkYI+1s=

GET
H2 200 places Show response
api.level.travel/references/ 4 KB
5 KB 108ms
108ms XHR
text/aes 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.level.travel/references/places?search_type=package&from_city=&key=ef5451f89bd1658c767e43c1ef2ed8c1&api_version=3&js=true&sign=853bb781a562b27d776377b5caae8837

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

2a89cbb5b24312be516ddf89a4951e88cfea7389d49c15f45bf2a5d4ed17f8e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://mkb.level.travel/
accept-language: de-DE,de;q=0.9
X-Lang: ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-Cur: RUB
X-Cnt: ru

Response headers

date: Sun, 19 Feb 2023 11:15:19 GMT
access-control-request-method: GET, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-envoy-upstream-service-time: 51
x-xss-protection: 1; mode=block
x-request-id: 4897f66b28a6b256b84981e7d34a98cb
pragma: no-cache
x-runtime: 0.042105
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 01 00 2000 00:01:00 GMT
server: nginx/1.23.2
x-download-options: noopen
access-control-max-age: 1000
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type: text/aes; charset=utf-8
access-control-allow-origin: https://mkb.level.travel
access-control-expose-headers: WWW-Authenticate
cache-control: no-cache, post-check=0, pre-check=0, no-store
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-requested-with,x-requested-by,authorization
x-frame-options: SAMEORIGIN
expires: Tue, 03 Jul 2001 06:00:00 GMT

OPTIONS
H2 200 places
api.level.travel/references/ Frame 0
0 102ms
101ms Preflight
text/aes 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.level.travel/references/places?search_type=package&from_city=&key=ef5451f89bd1658c767e43c1ef2ed8c1&api_version=3&js=true&sign=853bb781a562b27d776377b5caae8837

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-cnt,x-cur,x-lang
Access-Control-Request-Method: GET
Origin: https://mkb.level.travel
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, X-Requested-With, X-Cnt, X-Lang, X-Cur
access-control-allow-methods: GET, POST, PATCH, OPTIONS
access-control-allow-origin: https://mkb.level.travel
access-control-expose-headers: WWW-Authenticate
access-control-max-age: 1000
access-control-request-method: GET, POST, PUT, PATCH, DELETE, OPTIONS
cache-control: no-cache, post-check=0, pre-check=0, no-store
content-type: text/aes; charset=utf-8
date: Sun, 19 Feb 2023 11:15:19 GMT
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Sat, 01 00 2000 00:01:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.23.2
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-envoy-upstream-service-time: 45
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: a73ff50cc545af1d711629f0d6d19af0
x-runtime: 0.034455
x-xss-protection: 1; mode=block

GET
H2 200 v2 Show response
an.yandex.ru/adfox/262376/getBulk/ Frame 5FA2 211 B
789 B 256ms
79ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/262376/getBulk/v2?dl=https%3A%2F%2Fmkb.level.travel%2F&date=2023-02-19T11%3A15%3A19.687%2B00%3A00&pd=19&pdh=1200&pdw=1600&pr1=1318328337&pr=3095909412&prr=&pv=11&pw=0&extid_loader=MTY3NjgwNTMxMzg0MDM3NTc3Mw%3D%3D&extid_tag_loader=mkb.level.travel&ylv=0.724193&ybv=0.724193&ytt=123696669917189&is-turbo=0&skip-token=&ad-session-id=2303271676805319690&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=724193&p1=cqjqx&p2=hhzi&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&duid=MTY3NjgwNTMxMzg0MDM3NTc3Mw%3D%3D&pcode-test-ids=657519%2C0%2C46%3B711825%2C0%2C43%3B706837%2C0%2C97%3B719186%2C0%2C10%3B719404%2C0%2C36%3B720454%2C0%2C98%3B720948%2C0%2C49%3B720934%2C0%2C56%3B716708%2C0%2C76%3B717057%2C0%2C54%3B717741%2C0%2C34%3B672078%2C0%2C33%3B720773%2C0%2C19%3B724193%2C0%2C52%3B681848%2C0%2C74&pcode-flags-map=eJytWG1v2zYQ%2FiuDPw%2BZ3l%2F6jZIom7AkaiTl1C0Kwk3dxENehtTpuhb97zuKsi3JDp1sAwokcX0Pj3fP3T3HHxMyrSjDsiSc40xmSCBZI4ZKLnPK5IJkmEpSyZSWCZ28ef9j8nV1%2B7SevJmsv%2F05%2BXWyXX%2FZkk%2Fwpx9bnu9Pfn74dbJAXDL8e4O5kIsS1TJntJQo4wN7wRrcBwjs0ImsFgBXKCnw6HD4JScVERj8S%2Bd8RoW8JGJGGyER%2BC64ybvA94PIfTX4%2F4GMikLWjGZNKvjxMa%2BDxgD5yrz0QFRe4MxLSIUsUIKLFgpAElRVmJmzE7iuF%2FZ9qfCl5HOwhn8KkKIMM1kXaDmCGjsU%2BU4c7x0iVY2mWHJB0vlSZoQr8KyNWqJSm%2BX0LXzMcCokx0UxgMZv6yF0aDsH6IYPvaxQVTfmW8Z2aHl7AJSpQC0VxVIKmZtKQTWjO3obwUIr9KLwAFYUEHpaFUtZN0lBUolq0mYAoscFFKEZzbYt3%2B7VV0kXWNICbMk7vK9ZVWkv99B2I88acmNPVVoBKITwDELsueERRfcgBYEeAKEf1wQrTRQBVN%2FVvaQjBNg1lYBLdUwgFaprs2eO5XnO4W5C1yZmnNBqYBk6nh05Q1svDDWPmop0zG4zVQ4O3T4%2BrXtmnhO5sQ6noh7nbXGNbMZ37RkpHmBcSZpwzBbjKrpffbxdDyzdwIl17HPyFjp4JWeYTGdCVsJ8pOe7sabSElUZfitZIzNaIlIZO7wVOm6wPy9hdA7OwllyykhmtLRDPwpOHqgqXjCSGM0d2wp0Vb7DlSPzBprDJcmgP5MSmofR1rO9bqq0tjs%2BJZSppDKUkYb%2F8kKEJVJ%2Ba4ehni%2FR0jgafCiNLs5ZriqS17QCYghSYugpA1PHsqyhrWe5%2Bs51SjNVAGBaGeeF7%2FkA01FJtU2GFXd350nVLY3mwHrn2JzkqkNdqiICdv4bhJ0DC1Q0g2y51mnrAiNWyVIJkwViBI3uPShW37esLso1I5QRsZTJEjoOvqwpMwcsCIOu9na86PpLyo0zzIc5EfUYSbhMEWOgGlCaQpa4oUv4sevb9sC2ZTHfy5ka5g6ppmYQz%2B86d9sZgcpiWWPpmr2GeeT30lOyFOLESUIKiJr5uDgMnrVUsyKFiTY%2Fc%2FoOo2wKQbTokNBgcwIDn6hL5Cg1V3McOWHY86MD0eMFhjOQTSmQBNSVqhjBaFGckSOW47madVOGEsf8XaCodfhuO3r7Br7tWKbvn6h823%2FGYkeOGW7HD4w%2BzEGsG%2F2zfSfQ1kr3MJxDz5mBNJuS1GwXuV2DbXUOK1UFMVzt5l7NcGJu8QH0aMcelBLMQAa8hrGdzjDkQ7VtnjI14Tg3dqLAjm3PG4DNiGg96YFAPOaCmoHc0HEGCjqtS1mCikASQJAgi3ZOmzFid7iXpHX6nzFGgijDOYKieOV%2B4PlWEAzCxEvEhATl12AFfi7OfhAEh51NzBgIwJFnGNoaUwVOKmjfBCRKccar0A67gkqViqdVRySUqzZFchCqWK8LZkaFURzEezWVMwIwIJ61vRJWtflyQ%2FtkflStRxZB7Ha061m8dhEOwtizwj0KjLJMIRgFbxBEXmCPT9YkM5%2FlOJaOda8wlBx7UXVEgWe7u7IHVQOSHa4KpJGuY2mZ1bZ1rZiOl8QjvDByj28hpuY7QJqig9Wha3NZw0SA4QjbxAKX47E6%2BfxFbh%2Berm5GC5wVOeM1VXfOE3nslvwzyYmdoCteXV6wT9ZSsHbGnJt6QQwLUrdiDY%2FOC6p3P%2B3oGZCoK6nnQFqmDsOz%2BSbvVt%2FkzXpzfbN9Bq7do%2BQcJyiRIOqNS5kF6mFQ17o1XM6Acj32VXS3LTcws9olHiQVhi5pLPfQtrxOnDAm9fgSDahA3TbaQLcdqpnOzi7Knq77Ar1btp1Gthq6b%2FZj8nm9vbopV4%2FXm%2FtuCt89fNzcrvnV6nZzfz154%2FwcoPogPXok0D0WJLVMCsUEten2D3g%2FuVttbi8en8C3v1f3n9bf4PffNner6%2FWXwUfXq7v2k0%2Ff1%2Ff666uvm%2B2D%2FvXuovfHp%2FtN96lC3iPAB4%2Br77cP32%2B6%2F%2F7%2BqH8%2BPa4u7td%2FfTn6wh%2Brh7tNa%2Frh9BX75XtIrTl9wY7nA2PFT3Qm8WCp638G5B5uZoe3A1CaRUIRG2CNZCp0Q9%2F2x%2B0QNSAM04KOnjJono92frc3C9uRQxgX3bzp3ml2A3%2BAlKOCjykYOXsug3haKBWkVf1OVhWkAj4jUijlS2HNGb3VdH1wWIFB1D229Pu1Gton1eHHp%2B324X70sGJ3i7iYUrWzULhooV5%2BmBIfGUkRQBq3WvXk072R7XMiIQRFK7pbDY7qVhRZnh0ZkRwLtpij%2B6SUKw0PvbnIEugxBJv9cSzYa16CIhNRndwnM6wSwV%2BBukQSusAcG5WQwnCfv98e47V%2BuUNpnPMTY%2BhqezsqstDS1%2BFw4E5utk%2BvVVMmo8F%2BZB1a%2FjHx2rW1e37sNm8zccLQs00o6glL7eyjFzrrIjoNM9gBu4dkIOBrN0CIaRg9Czh67jbFqYekRJR%2BxZMCl%2BCRwMYIg2HoHp57xq9%2F6o0ydkf9Sn3y88PPfwAlIZIt&use-server-side-rendering=1&pcode-icookie=fJgbwzsJs91HlB4XuLEvLtoDm91ILvs3cw%2F%2F804Egnaq97o9Lh1PXRaWXmOdWluTjoEtKhLBInSPS5mtQ6EiPu%2BSK9g%3D&top-ancestor=https%3A%2F%2Fmkb.level.travel&top-ancestor-undetermined=0&grab-orig-len=2944&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo3OH0KEqWkjCQ56oEQUCcerAT_7B-6W5inmR0r5tiOwzGnktmBPn8bdXv7_ef_6zbIoB3b4lhS7EjQMVqWWSwWtK2laTlPm7aAng5whTHRv_3b365v04btwLfbiTAmwgcJxOjjL0SxyFaOliouH3z78PcEaeL7iCbRxJ-kAyyY0PeE7SOexJNkBj7CSeDDO15QJ3sSTKLd7gmw7wmuZ89gT1jfhP-swQAjHZ3BJN4-Qh9B592DgfCZoU8CIMuFoSCXyYWrFMvkYRHmS4Yeucp1PW-5rmcqTcWcLcnLKAKCnpe3AnKpXiYXF2Qup6AsskpY8J5L9zx2xohM1EZhGi9LtqNhxa20zLIHL8WUKZfV2RltbdurX9ykzMRLvPXWNFa8uEySFVsxSkVtIShFy4otiVNB-syJbAL_t8PwEUxo3kn_Gt7AevwJa0-8fxLhJPZBf0BED5K0X_WPgSbXJYP-w3_C7wTj3rqe_fh45bB8QD9IvH8iuC_w7ovB4MBzoudE_Fzszz-g2z_-hDnxGdfv8nnbn-yRdj_N_IdKkmbhysJWKvJu8wDyf255weR2K1GOSvBWxoe4DJcojTlV5YJEXgpWG0namjIXSlWteosgRokUKaVeNkH8dPE-N9BHXv87wSGoPUvdEYmJxP2hLmYGAzOJoBqRhyvQHnsBc1gAFUkGxYf_5JLQka47HLVz0cfeKmOJ0AvhqqPawl9v3eDG7c4Wb_NyW3cethcJraQQlfEKw9XeZp_bjUPG1Ur5YZhmbgnqgVpVqMtoIYvTJEIacvKBINpco-YVbbPd7sEshoifScIizcq8czi7_l1wAYtKiGJL-UkKIST7mUUR4MGHBNwtokjALrJ_EbgLUx-eXNdTd-IyemUKwkX8B0Dg-AnpOIGKkyyqUuoSjHzxIJR0GniNRhpStvVGjQQcESq9DDkqcFycsCPimDplGgscWE4H0Ilh4hWFRVYeArdJISH_VVdJXkqWMM2H14mitlavXMvltk6OR27Y79ZIJnvfvB5hvch4f_buEH53dJBaz8tqTLjmRpXy4yIKI2QjxU-IPEwT91wUpXTlI4qLKCJTUDyeijJyZOTg62Xa_R4Gxvmod_mEPjwfvsHE6e5Myjjkxwt7h8L5vM8tkHyib6EJ_1mE509outdySlSR5ZCUXBGloGQNye1lYKidDP0yZPEbtpjDXIrXptkUfCQZqmxToIYg4aLcRRxmKQS7T4kV43ypoAiZRbVGHVNolU-ypMyRQAQ4z9afoQucS-pI1seE0_XmVjMlW3FecvRWRb1JJo_WCCU7xR79jK6xIFttkVGm5jytNE8l5Dt_HxI9Ib-2OGpdzd2qvniCt_AdFacN-2QGr6WKy6x1kdFKTabvNGXJL76fLXodVna27rTr1-YV-1TrYdhIu42B8YA_MmDOyfqAlOtG-attEwZT6f4dbVyT-RCTxEVyx-i_iOi9-5ucSQikEoieVjwI3T5Y7_xIP-LZH2agdc4JoNNw2wlyV5p9BPuy3T2NWqPYaBr11n0q78LQehmaDhwrD9cq04MB-oGE-FVR4gkd_c89XwSL8eW63rW2wcCX3ZvZ9qMBeOhAsbs1pqMG6dSFR2yMuPkzh_M6MILPO_AB5ThZpdoqNBj4Mu6RSzrsH-EICQx4GOAfPcG3fPKOh5XqrWyUGPmw1vRhuI-O7k_DHjBa7Gt3BuwHrVJNjQ5bvqsvwesMGBwQbK-R4OFhoPrFeAdfAvzh_qcZHOyF895fsoYaCl8yyZDvQ9E2tlFsZd1A-YYE7qkjj7yIMODjzxu4BxF4PpHE8a9Cs5u3qLgejNOpXeESpuGrXoVk0axzRfys5ZVk34Qxete5AfaE9vC_D09H0iWWA4bXFXpiG_M9HOiwBWCeJrUPpmtrtVutpXMdvYUVPW6L4hs05j12y3496mYrtGrzFhB-msB6jZ89Gq15I-Pkr0Gp2WpVbd5gU3MuKq-aWrE1GiWmr3igdAEw7SNmonnVGLHeAeN2Ez7xl114dXH6WHRiJSIaDP_DNMZDwtOV_61UqLZCocLxLno6BOMxvTVnNWQU24HeJqVYXGQiqw7Ttxz0Vw7fx9g_WKuDC7pDQT5hy0mdLjTBvCc_NLtXZQYjc49WlI5Hj04AewXvAolca3Q0ku5zh_8BGENPJPZsPf5jLEuw4pQ3e7w423v38YxBOkezTDmJmDLlyL10guLKoIcLcIino5UvSSiTp2PrMqahP73T4_uEvFbzdJLzQCtc3F9O1x4Z8xuJe6vU2APDFgv_5b8WsP71CnUW1CpxopZpCXGktK4xjU61ATpxFDE6CWaKi_lZGHOqrBR8vDgcCI0JmVPstM5Ypdhpg7FK8TDLWERch_HFJrWCNF5VES4BK1gBMeDJYHb_jOh9NeLu6rGDU33pcIbbButpJPIcavfZttliYwhdF9Ttbs4GBETiDinTXkJraiwo2WEZtlFenMDNfXy4KVPCrWliOvFKuqKwGpoji0rXhbBfn-6XM0py6KBDe8JM7VY0jdW_LIjeXfei3lpc-waUeptzjMKTgYgrwVsT4ecGELs2pG1eXZ0w0dIioJDJS9OTBvGt-CRE2obxupK2wtpYodZYocZYodpYocpYIbWxQqWxQgVdodm8nbE-aK-8NbqaXxdRnkpgtkmak22MjbwxNvLG2MgbYyNvjI28MTbyxtjIG4WxQjQGC2tjTrs2Nuja2KBrY4OujQ26Njbo2tiga2ODro0NujY2aMhGGGhohGktNDZojbFBa2pMM25wB3AxiXHWNSEbNsiGDbJhw4JhoxlIw5gPwBJo0wk3txTolVmZc97ZRzbRXFJwVx7pzWSn_KwgW3FU5lWSJvxEj_1u3QGP54CJfMCOAcA%3D&tga-with-creatives=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0c28e29bd3070aaec2a31cc196fa537b404848152def53b8469b63a9c6353c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:15:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 19 Feb 2023 11:15:19 GMT
x-yandex-req-id: 1676805319919435-306918636107654678400109-production-app-host-vla-pcode-219
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://mkb.level.travel
content-type: application/json
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 19 Feb 2023 11:15:19 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/18706828/ 43 B
146 B 54ms
54ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/18706828/1?page-url=https%3A%2F%2Fmkb.level.travel%2F&charset=utf-8&hittoken=1676805313_cb6b773fb210fcd164c23cbee11e6f5e56e137b4389f596348875911a26cd6c4&browser-info=pa%3A1%3Aar%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A1%3Als%3A699289518221%3Ahid%3A446119328%3Az%3A0%3Ai%3A20230219111519%3Aet%3A1676805320%3Ac%3A1%3Arn%3A761721550%3Arqn%3A2%3Au%3A1676805313840375773%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C0%2C8331%2C8331%2C%2C7633%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1676805311349%3Aadb%3A2%3Ast%3A1676805320&t=gdpr(14)clc(0-0-0)rqnt(2)lt(36200)aw(1)ti(2)

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mkb.level.travel/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:15:19 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 19-Feb-2023 11:15:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://mkb.level.travel
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 19-Feb-2023 11:15:19 GMT

POST
H2 200 track Show response
conversion.cx/ 47 B
329 B 210ms
63ms Fetch
application/json 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://conversion.cx/track
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/assets/vendors~about~client~confirm_email~faq~gift_certificate~header_app~home~hotel_reviews_page~hotels~or~b1b67422._8042bc32f22e6777b050.prod.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 966b324e61a838a085db52d91594067d20f94e505b30fd33c27a9d478488e854

Request headers

Referer: https://mkb.level.travel/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 11:15:19 GMT
content-encoding: gzip
server: nginx/1.23.2
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://mkb.level.travel
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
access-control-allow-headers: Set-Cookie, *

GET
H2 200 show_callback Show response
mkb.level.travel/ 23 B
437 B 130ms
130ms XHR
application/json 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://mkb.level.travel/show_callback

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx/1.23.2 /

Resource Hash

52ff57882ad2e0d15a2929f18a0bf94395576a4184f1df49e80d77e792e79d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://mkb.level.travel/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-runtime: 0.068554
date: Sun, 19 Feb 2023 11:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.23.2
x-permitted-cross-domain-policies: none
etag: W/"52ff57882ad2e0d15a2929f18a0bf943"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 73
x-xss-protection: 1; mode=block
x-request-id: e9fa065c-7b8d-4091-8332-3615453bdeea

POST
H2 200 track Show response
conversion.cx/ 47 B
330 B 194ms
61ms Fetch
application/json 178.154.205.88
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://conversion.cx/track
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/assets/vendors~about~client~confirm_email~faq~gift_certificate~header_app~home~hotel_reviews_page~hotels~or~b1b67422._8042bc32f22e6777b050.prod.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.154.205.88 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 966b324e61a838a085db52d91594067d20f94e505b30fd33c27a9d478488e854

Request headers

Referer: https://mkb.level.travel/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 11:15:19 GMT
content-encoding: gzip
server: nginx/1.23.2
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://mkb.level.travel
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: Set-Cookie, *

GET
H2 200 b887192c4a62fd372984.js Show response
yastatic.net/partner-code-bundles/724193/ 9 KB
4 KB 32ms
32ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/724193/b887192c4a62fd372984.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

30934347b743a0d2247972669e2f2c9fd4cd22b0d2601f550f2617a45d5d79ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://mkb.level.travel/
Origin: https://mkb.level.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:15:19 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 3550
last-modified: Thu, 16 Feb 2023 15:45:51 GMT
server: nginx/1.17.9
etag: "afbe65f78c5d184534776e9565367b75"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 18 Feb 2053 17:50:15 GMT

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mkb.level.travel/	1969-12-31 23:59:59	Name: cversion Value: 40
.level.travel/	1970-01-20 19:22:45	Name: uuid Value: d9086e49-2a02-4cda-99f8-bcaff990e039
.level.travel/	1969-12-31 23:59:59	Name: mobile_wl Value: no
mkb.level.travel/	1969-12-31 23:59:59	Name: cnt Value: ru
mkb.level.travel/	1969-12-31 23:59:59	Name: lang Value: ru
mkb.level.travel/	1969-12-31 23:59:59	Name: cur Value: RUB
.level.travel/	1969-12-31 23:59:59	Name: _leveltravel_session Value: 4f944c336cd89d4a440b9d43979cf5db
.mkb.level.travel/	1970-01-20 19:22:45	Name: __utma Value: 224965766.1687838476.1676805312.1676805312.1676805312.1
.mkb.level.travel/	1969-12-31 23:59:59	Name: __utmc Value: 224965766
.mkb.level.travel/	1970-01-20 14:09:33	Name: __utmz Value: 224965766.1676805312.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.mkb.level.travel/	1970-01-20 09:46:45	Name: __utmt_UA-27369706-1 Value: 1
.mkb.level.travel/	1970-01-20 09:46:47	Name: __utmb Value: 224965766.1.10.1676805312
.level.travel/	1970-01-20 19:22:45	Name: _ga Value: GA1.2.1687838476.1676805312
.level.travel/	1970-01-20 09:48:11	Name: _gid Value: GA1.2.39970895.1676805313
.level.travel/	1970-01-20 09:46:45	Name: _dc_gtm_UA-27369706-7 Value: 1
.flocktory.com/	1970-01-20 19:22:45	Name: __flocktory-web_session2 Value: bdc24c89-8faa-45fc-9590ddf3aa794110
mkb.level.travel/	1970-01-20 17:46:16	Name: flocktory-uuid Value: 210cf21f-56f5-4697-9b58-df0a69f1dee0-4
api.mindbox.ru/	1970-01-20 19:22:45	Name: deviceUUID Value: 2ba1226b-9a35-400a-8f68-c01d629203d6
.level.travel/	1970-01-20 19:22:45	Name: mindboxDeviceUUID Value: 2ba1226b-9a35-400a-8f68-c01d629203d6
.level.travel/	1970-01-20 19:22:45	Name: directCrm-session Value: %7B%22deviceGuid%22%3A%222ba1226b-9a35-400a-8f68-c01d629203d6%22%7D
.level.travel/	1970-01-20 18:32:21	Name: _ym_uid Value: 1676805313840375773
.level.travel/	1970-01-20 18:32:21	Name: _ym_d Value: 1676805313
.mc.yandex.com/	1970-01-20 09:46:45	Name: sync_cookie_csrf Value: 3639582558fake
.level.travel/	1970-01-20 09:47:57	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 09:46:45	Name: sync_cookie_csrf Value: 3645847911fake
.weborama.fr/	1970-01-20 19:12:40	Name: AFFICHE_W Value: Klz9I-pe-M4q56
.rutarget.ru/	1970-01-20 14:05:57	Name: userId Value: -DnfoWdXqNLL
.rutarget.ru/	1970-01-20 10:06:54	Name: sync_71c015090a068e09460994346a52bdbb Value: -DnfoWdXqNLL\|1676805313278
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1140780721676805313
.yandex.com/	1970-01-20 19:22:45	Name: i Value: 3q8xF06vQZAlXcdqdNiHhMkh8HIICC8NhZkAjIRskl9My0ZXThKXpn8cd9Kq/dC2HyK5tb8xmPakyMHRix5hghyl1sc=
.yandex.com/	1970-01-20 18:32:21	Name: yandexuid Value: 6858302481676805313
.yandex.com/	1970-01-20 18:32:21	Name: yuidss Value: 6858302481676805313
.yandex.com/	1970-01-20 18:32:21	Name: ymex Value: 1708341313.yc.1676805313#1708341313.yrts.1676805313#1708341313.yrtsi.1676805313
.mail.ru/	1970-01-20 18:33:47	Name: VID Value: 30bSgZ1BhA2F0025Yb1EmKYF:::0-0-0-90c5d81:CAASEOxi8dn6j1DNCj8_Olv_g9AaYHkt8_UBcmcnnqDI1_G2r-lEpQv0w75ZaCLrYw2pJ0LuE3NBNqk0SzwspNwctLlpiuoQoInLYH0RSoxvaDaw5R5QbIFWtIGKh_45UWeqZVPdfvi1bOKcZLFeWt0i6jlZlw
mkb.level.travel/	1970-01-20 19:22:45	Name: firstinteraction Value: Y2023%20Q1%20M2%20WK8%20D19%20H14%20M15%20S11%20WD0
.yandex.ru/	1970-01-20 19:22:45	Name: yandexuid Value: 6794025461676805319

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://google-analytics.bi.owox.com/UA-27369706-7?v=1&_v=j99&a=332545083&t=pageview&_s=1&dl=https%3A%2F%2Fmkb.level.travel%2F&ul=en-us&de=UTF-8&dt=Level.Travel%20%D1%85%20%D0%9C%D0%BE%D1%81%D0%BA%D0%BE%D0%B2%D1%81%D0%BA%D0%B8%D0%B9%20%D0%9A%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%91%D0%B0%D0%BD%D0%BA%20-%20%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B8%20%D0%B1%D1%80%D0%BE%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%83%D1%80%D0%BE%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&xid=gUwg0vEXS8y1Gepk1in1lA&xvar=1&_utma=224965766.1687838476.1676805312.1676805312.1676805312.1&_utmz=224965766.1676805312.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1676805312558&_u=aSBCiEABRAAAAAAEK~&jid=240606478&gjid=11091736&cid=1687838476.1676805312&tid=UA-27369706-7&_gid=39970895.1676805313&gtm=45He32f0n71P6VN73&cd3=none&cd5=1687838476.1676805312_1676805312558&cd4=1687838476.1676805312&cd6=none&z=1026783873 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mail.ru
an.yandex.ru
api.flocktory.com
api.level.travel
api.mindbox.ru
cdn.yc.level.travel
conversion.cx
google-analytics.bi.owox.com
lt-assets.s3-eu-west-1.amazonaws.com
mc.yandex.com
mc.yandex.ru
mkb.level.travel
o180558.ingest.sentry.io
s3.yc.level.travel
ssl.google-analytics.com
stats.g.doubleclick.net
tag.rutarget.ru
top-fwz1.mail.ru
wf.frontend.weborama.fr
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
yandex.ru
yastatic.net
178.154.205.88
188.72.109.103
2a00:1148:db00::17
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:400c:c0b::9c
2a00:1450:400d:808::2008
2a00:1450:400d:80e::2008
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a02:6b8:a::a
2a13:1ec0:1000::1073
34.117.176.229
34.120.195.249
35.186.228.179
52.17.120.67
52.218.121.66
84.252.130.113
95.163.52.67
00a34b6d9b188b60177248efe34734eb3889ad8a54a2fe4a1706c631d3f5ee0b
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
043cefda94117c97515858fff9cd8ab21690431bb45c4a66e7b081e766ad8f54
071ab8d029f82cc5f0a03a9fbaca1cf7070070d8953af7c49438bf17b3677424
0891e821245dbc4c12acbae740c2ec4792b8a8d4ffbc3fba9570dee51501486c
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0a4bf4f2e95f3b68a71a3c4680339d948b488cbc2164a1f231954fce21220b5f
0c28e29bd3070aaec2a31cc196fa537b404848152def53b8469b63a9c6353c21
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
128fb5eb23af464f38696c9ff9f065d13a0e3628254a100d1c8ec3d1f79c09de
151872b838ed37b03ddf157ad220581adae772c278a911a74b0232e917a50fa5
221c04df196a8f87a4b9b2ca9acb18e3c512510c5745e7b56a52d1019ad3064b
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
252828a795ed462f139a74671d5b455ff287c7170393bddd8394e89a911dd58c
28bc8eb014a86c7be3e37179f65e6ad121b2c67856032660ecef1a51fcb349a3
2a89cbb5b24312be516ddf89a4951e88cfea7389d49c15f45bf2a5d4ed17f8e0
2b5d42a173daf57cdd8f1be562ea25b4ebb42753a2d755dc5f0d70ea04249487
2cf1611b158aeef1c393e22b03262b4ec857aae9a4b037b1b003611842208b85
30934347b743a0d2247972669e2f2c9fd4cd22b0d2601f550f2617a45d5d79ef
30c0a81bb7b8f7295d8369bfd50edf23edcf96735048714a8e57138c45aa45f8
32e11ea44f4e016aeac986c0c12e7b23591c3920973d6712c0c20c94510e4979
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3d5bb1884c84599d6210dde09b4a37a2abe9e48ea922481f5c2f6f1c3e281418
3d967c577738715c8018063868b249f9548ab7bc8621dab56522acbc1a77edff
3f05b0e5451aae16a1a8ffe0ad14b522475d45eec5d69dbcdf8142a2858b4d54
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4519a36d095c6dfc4bae166c286d646705640c4fde4a751ab604eb3f24599286
4663ef8d83e43b296729ac8ac6fc18977c3f082a91a4d7475b14b147eaeb95bc
52ff57882ad2e0d15a2929f18a0bf94395576a4184f1df49e80d77e792e79d29
5384a770bd7a904a9d83df30726d08b7ef77b7486ddaafaafd652d957ef682d5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57911eb2d491143e1ffcc35ce768e588b14e6eca21844b96f1f3d015985e61d2
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5984ae19b88a1704b132a34f647985d4062f492faec97c645d5c4ea66a240145
59a3b44a649f9c614746281ecffa320a0373ec1b97eb588e20d6b5744f5cbe01
5b20a9c3edcca52de72bed13f0005092bab954ab594dddb022de097a228593c6
5ff8e17ec3f755a7844908ba233a30eee9e82ccca0d543f72adf688c4d660643
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6188448749f38159f7cbdcd476a9ac250716b3de489d320f9ce0bf8493cfef91
65d25333b7fa6b72b95d34d74b16cf13c3802993689c4b756287c419230aa5ff
6bba741c50ad1356cad804f44ef95d9dadd883fe7a9e9bffa95cc0a67c51fbfa
6e3147a1afe472902a2191e21db89a01b78710d634f8aa691044d33af67761c0
6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a
6f69c838d0cd2ae7579e75bed6f26e14f0ce1ff3e4d9dc0fb6f782090c0bd37c
74c4d53543308577c8d4ff8bcdaa4929f1b20174f8434abc6b9d2d6135245c88
76deaffe901c37bbc52a16686f01068ea3698272e3e9b8731743f39b02e631c5
7a42c7ef169a03d3c3db6f4371b67fc0e4ed9bb238a9009bcc3472d00e6e6e05
7afb7a03822e3d9c8991321e680581cca1ece4f520ba13bbc13b598ca601feed
7d01f3eee46cd583abc3f0b0b30ec7e8b29029563be741cb7e8231720433a8b3
7d5d9614f2ec7f119a6b3dbff0a7b9099ab8f2e179eb87cdc518c5c2e831cabf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
883aa99a1a0e874e1ede1eca7a5db6c04ff9b11d793c9295f6031f1cea91f1eb
893b65220aa42e31dad92a0db810f67f090a1fecacf8cd1e7b573aaddb6cacd4
8a4df19b0bf3a3bd51dae4e0750181c7b35046cb1c3d32d8ca80b926cbb8fc1d
8b37b52878bf5447239b52059970bb005702a1e903463e8cf8b11c1e88dbbc6c
8f7ea8576ab051ca7f8e4dfd20abcd7ada3994ace4a7b4eb1fbd6f56d7557041
90e6c55ba14e7ee634603e185b74abab10eea3279519a373a2c64e187950dcc9
929c7d2e514eacb5130d859126928912cb0eae882794634fc31d60abf32619d5
92a38f46aeb188dfcb4bd32edd7a74b4e698c5a18934684a3665c0acffdfd90d
9365987da6a5639d7fc14276583f9910dd2b229872cfa17aeea7720b8721b80f
966b324e61a838a085db52d91594067d20f94e505b30fd33c27a9d478488e854
96aea82cf4b88974a3aba08a2f7076254867d8691882d4ae1b4a278f3e9ff717
9ad6dda2045d852a9cbc1be3790511cb31d9e9e0c8d51bd4f56439345ee2b335
9f502727eab324bb8a04d3fdc7477f49d926d88b283ec2d14faac18545714d09
a829f0bfc7b7f14d0c5b4c0e8ba24e9e694ba071783271230de6ae7357956cac
aa1f145001d24d5637a5009672ea8ba9900d69b0e9d914229cbcb8c79460308c
adb951d47a01feb07cbcda6c9fa6d2d64ded5e85c00d25407aa7ff26a6dbbaec
b8c8cc2743ea43adc8dbe938b8800eeba4c001ba9bd483edaac941139d3ceb64
bc430539591468bf57af8595dfbbdda52aaf207186f9e9cd88a00768466be38e
bd3c25473f8f9055d553a479d27d8f4e9b189b0139dee0db3652b730b3e54c65
c0e257515bce60ae11d51ae5c16cb07d6fccd866fb96e28fefb5894e3f0ce1d6
c14049ed9ea27318bc5784b140a91c8ba59bbee385ab34ed27d2406358b060e8
c617fbc50e70b12d23139a3729c3edbf5c7b10a6373764fd1339bb4c009b3b1f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cd406d92383c115e6275d817e219d3d891b1c2dcd6ed8484d013cd35982bdc64
cdf2708e75cf50e9a997d8193138a9693643401aaf4f0d03b79da90f14e461a5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d78e9fe6ff5155c0a981e5216f354d7475b9e5977d65dadac07b6ae77472bf9d
d7fd6d08e99b5b1dc01412bab90c7ac860c6826d3cdd0300707457880815dd4e
d9891ba809608e1fc1f97bce33cdd24422cd6a3aca8286f71d32ac516a72ed14
dde19c00156fa9aaf2943c7e85e6f09640a2d546ecacc60435bdb630e4d56837
e0897b7176ddb11f350484098188fa45604c020bb112cb5bb1e94502338ff6d8
e0d5de4060923e3344eb5e7b0d9ab004f3cb5249395e79a11efe3f14eaa29732
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e675f710b72f4b19eef4e073c6c9138c3869fc135a582e0c242be4d7f96e2a2d
e6a6ebb1db649d83a213df6daacf0accd2a529d938003754765344b7386c6cad
e6abdfd0d571c6e988e55de003348bf09570be6bb9063bdd949ca4661cf74b70
eb1d7d9d94b112bf1e967e71764c990b3ac18fdc8ef7ac0afc7f96914b64a952
ede48821d435896eefb67ca8bee8ce07e8853384fe0fa3a905b24459f805eca8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe62cf122a23e6b2c0096ccdbdc76f62b6287da1e9f49daf73d4a1578a07762
effc08e377417759ae108cd32fcd1351d7a21018d2619b61f0c36a3189c3ee6f
f431b4387f334072e66aa90f429c13d30559ce0b035845258cccdc9f1ac1f12a
fa83df65c1d49b28fe45cbb89379d9bf9ecc9a99457b7ddba7f4ff6b66c0371e
fc36c4479e7fc1e376a57235910b110db6a3247a02b400c0e6dd6a4909453205
fc9bd73a42e44d620b7c1e1f7357d7138bd3e215e47f7a3efb8b025b48d1365d
ff4e3cc74a0796cd0b5679fe7de5507703cd4793c9f657328f36a6b0b970dd30

mkb.level.travel Open in urlscan Pro 178.154.205.88 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

113 Requests

96 %HTTPS

57 %IPv6

18 Domains

25 Subdomains

21 IPs

7 Countries

4411 kBTransfer

12066 kBSize

36 Cookies

3 Outgoing links

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mkb.level.travel Open in urlscan Pro
178.154.205.88 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

96 %
HTTPS

57 %
IPv6

18
Domains

25
Subdomains

21
IPs

7
Countries

4411 kB
Transfer

12066 kB
Size

36
Cookies

113 HTTP transactions
2 data transactions