promo.level.travel
185.215.4.24 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
https://mkb.level.travel/ 6yr old
Effective URL:
https://promo.level.travel/wlalert 7yr old
Submission: On May 07 via api (May 7th 2026, 7:45:07 pm UTC) from RU — Scanned from CA

Summary HTTP 57 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 57 HTTP transactions. The main IP is 185.215.4.24, located in Moscow, Russian Federation and belongs to DDOS-GUARD DDOS-GUARD LTD, RU. The main domain is promo.level.travel. 7yr old
TLS certificate: Issued by R12 on March 23rd 2026. Valid for: 3mo.

This is the only time promo.level.travel was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	51.250.120.164 51.250.120.164	200350 (YandexClo...) (YandexCloud Yandex.Cloud LLC)
1	185.215.4.24 185.215.4.24	57724 (DDOS-GUAR...) (DDOS-GUARD DDOS-GUARD LTD)
1	194.48.203.181 194.48.203.181	205282 (ie-tildap...) (ie-tildapublishing-1 TILDA PLATFORM CLOUD SERVICES CO. L.L.C)
33	5.101.37.37 5.101.37.37	201589 (EdgeAmLLC...) (EdgeAmLLC "EDGEAM" LLC)
1	178.248.236.28 178.248.236.28	51115 (HLL-AS HL...) (HLL-AS HLL LLC)
1	142.251.16.97 142.251.16.97	15169 (GOOGLE) (GOOGLE - Google LLC)
4	158.160.126.5 158.160.126.5	200350 (YandexClo...) (YandexCloud Yandex.Cloud LLC)
3	84.252.130.113 84.252.130.113	200350 (YandexClo...) (YandexCloud Yandex.Cloud LLC)
1 1	84.201.180.164 84.201.180.164	200350 (YandexClo...) (YandexCloud Yandex.Cloud LLC)
1 5	188.72.103.3 188.72.103.3	215013 (YACLOUDCD...) (YACLOUDCDN Yandex.Cloud LLC)
6 12	77.88.21.119 77.88.21.119	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
1	158.160.187.127 158.160.187.127	200350 (YandexClo...) (YandexCloud Yandex.Cloud LLC)
1	185.129.100.115 185.129.100.115	57724 (DDOS-GUAR...) (DDOS-GUARD DDOS-GUARD LTD)
1	158.160.114.16 158.160.114.16	200350 (YandexClo...) (YandexCloud Yandex.Cloud LLC)
57	12

1 51.250.120.164 (Russian Federation) 1 redirects

ASN200350 (YandexCloud Yandex.Cloud LLC, RU)

mkb.level.travel 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 185.215.4.24 (Moscow, Russian Federation)

ASN57724 (DDOS-GUARD DDOS-GUARD LTD, RU)

promo.level.travel 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 194.48.203.181 (United Arab Emirates)

ASN205282 (ie-tildapublishing-1 TILDA PLATFORM CLOUD SERVICES CO. L.L.C, AE)

neo.tildacdn.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

33 5.101.37.37 (Yerevan, Armenia)

ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM)

static.tildacdn.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 178.248.236.28 (Russian Federation)

ASN51115 (HLL-AS HLL LLC, RU)

ws.tildacdn.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.16.97 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: bl-in-f97.1e100.net

www.googletagmanager.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 158.160.126.5 (Moscow, Russian Federation)

ASN200350 (YandexCloud Yandex.Cloud LLC, RU)

api.flocktory.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 84.252.130.113 (Russian Federation)

ASN200350 (YandexCloud Yandex.Cloud LLC, RU)

api.mindbox.ru 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 84.201.180.164 (Russian Federation) 1 redirects

ASN200350 (YandexCloud Yandex.Cloud LLC, RU)

cdn.yc.level.travel 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 188.72.103.3 (Dubai, United Arab Emirates) 1 redirects

ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU)

jsapi.cdn.level.travel 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
web-static.mindbox.ru 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

12 77.88.21.119 (Russian Federation) 6 redirects

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: mc.yandex.ru

mc.yandex.ru 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
mc.yandex.com 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 158.160.187.127 (Moscow, Russian Federation)

ASN200350 (YandexCloud Yandex.Cloud LLC, RU)

web-static-no-content.g.mindbox.ru 7mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 185.129.100.115 (Russian Federation)

ASN57724 (DDOS-GUARD DDOS-GUARD LTD, RU)
PTR: ddos-guard.net

stat.tildaapi.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 158.160.114.16 (Moscow, Russian Federation)

ASN200350 (YandexCloud Yandex.Cloud LLC, RU)

conversion.lvtv.me 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
35	tildacdn.com neo.tildacdn.com — Cisco Umbrella Rank: 55013 4yr old static.tildacdn.com — Cisco Umbrella Rank: 60011 10yr old ws.tildacdn.com — Cisco Umbrella Rank: 62302 5yr old	227 KB
8	yandex.com 4 redirects mc.yandex.com — Cisco Umbrella Rank: 10093 12yr old	18 KB
8	mindbox.ru 1 redirects api.mindbox.ru — Cisco Umbrella Rank: 42524 9yr old web-static.mindbox.ru — Cisco Umbrella Rank: 67945 2yr old web-static-no-content.g.mindbox.ru — Cisco Umbrella Rank: 193602 7mo old	39 KB
4	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3404 13yr old	87 KB
4	flocktory.com api.flocktory.com — Cisco Umbrella Rank: 111239 9yr old	86 KB
4	level.travel 2 redirects mkb.level.travel 6yr old promo.level.travel 7yr old cdn.yc.level.travel 4yr old jsapi.cdn.level.travel 2yr old	25 KB
1	lvtv.me conversion.lvtv.me 3yr old	344 B
1	tildaapi.com stat.tildaapi.com — Cisco Umbrella Rank: 91868 1yr old	414 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42 13yr old	155 KB
57	9

	Domain	Requested by
33	static.tildacdn.com	promo.level.travel static.tildacdn.com
8	mc.yandex.com	4 redirects mc.yandex.ru
4	web-static.mindbox.ru	1 redirects api.mindbox.ru promo.level.travel
4	mc.yandex.ru	2 redirects promo.level.travel
4	api.flocktory.com	www.googletagmanager.com api.flocktory.com
3	api.mindbox.ru	www.googletagmanager.com api.mindbox.ru
1
1	conversion.lvtv.me	cdn.yc.level.travel
1	stat.tildaapi.com	static.tildacdn.com
1	web-static-no-content.g.mindbox.ru
1	jsapi.cdn.level.travel
1	cdn.yc.level.travel	1 redirects
1	www.googletagmanager.com	promo.level.travel
1	ws.tildacdn.com	promo.level.travel
1	neo.tildacdn.com	promo.level.travel
1	promo.level.travel
1	mkb.level.travel	1 redirects
57	17

This site contains links to these domains. Also see Links.

Domain
level.travel
customer.level.travel
apps.apple.com
play.google.com
appgallery.huawei.com
apps.rustore.ru
help.level.travel
vk.com
t.me
www.youtube.com

Subject Issuer	Validity	Valid
press.level.travel R12	`2026-03-23` - `2026-06-21`	3mo	crt.sh
*.tildacdn.com GlobeSSL DV CA	`2026-02-03` - `2027-02-20`	1yr	crt.sh
*.google-analytics.com WR2	`2026-04-20` - `2026-07-13`	3mo	crt.sh
*.flocktory.com R13	`2026-04-10` - `2026-07-09`	3mo	crt.sh
*.mindbox.ru Go Daddy Secure Certificate Authority - G2	`2025-09-23` - `2026-10-25`	1yr	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2026-01-13` - `2026-06-25`	5mo	crt.sh
*.tildaapi.com GlobalSign GCC R3 DV TLS CA 2020	`2025-10-14` - `2026-11-15`	1yr	crt.sh
conversion.lvtv.me R13	`2026-04-14` - `2026-07-13`	3mo	crt.sh

This page contains 2 frames:

Primary Page: https://promo.level.travel/wlalert
Frame ID: 3815D95A66409E3D2F413B3BC8D2B5B4
Requests: 56 HTTP requests in this frame

Frame: https://api.flocktory.com/v2/provider/provider.html
Frame ID: 60614100EE24BB5B8940985D25BA258B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Страница этого партнера Level.Travel временно отключена

Page URL History Show full URLs

https://mkb.level.travel/ HTTP 302
https://promo.level.travel/wlalert Page URL

Detected technologies

Tilda (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+tilda(?:cdn|\.ws|-blocks)
tilda(?:cdn|\.ws|-blocks)

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
\.googletagmanager\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery
/jquery(?:-(\d+\.\d+\.\d+))[/.-]

Flocktory (Referral marketing) Expand

Overall confidence: 100%
Detected patterns

\.flocktory\.com/

Page Statistics

57
Requests

91 %
HTTPS

0 %
IPv6

9
Domains

17
Subdomains

12
IPs

4
Countries

632 kB
Transfer

1809 kB
Size

33
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://level.travel/?ref_source=internal&ref_medium=promo&ref_campaign=promo&ref_content=landings&ref_term=header

Search URL Search Domain Scan URL

URL: https://customer.level.travel/about?ref_source=internal&ref_medium=specs&ref_campaign=promo&ref_content=landings&ref_term=header
Title: О нас

Search URL Search Domain Scan URL

URL: https://level.travel/?ref_source=internal&ref_medium=specs&ref_campaign=paylate&ref_content=landings&ref_term=header

Search URL Search Domain Scan URL

URL: https://level.travel/?ref_source=internal&ref_medium=promo&ref_campaign=redirect&ref_content=landings&ref_term=site
Title: Level.Travel

Search URL Search Domain Scan URL

URL: https://level.travel/articles/recommendation_technologies_consent
Title: согласны

Search URL Search Domain Scan URL

URL: https://level.travel/articles/Privacy_Policy
Title: политикой

Search URL Search Domain Scan URL

URL: https://level.travel/articles/recommendation_technologies_agreement
Title: правилами

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ru/app/level-travel-%D0%BF%D0%BE%D0%B8%D1%81%D0%BA-%D1%82%D1%83%D1%80%D0%BE%D0%B2/id1343228721

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=level.travel&hl=ru&gl=US

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/app/C102984487

Search URL Search Domain Scan URL

URL: https://apps.rustore.ru/app/level.travel

Search URL Search Domain Scan URL

URL: https://level.travel/
Title: Найти тур или отель

Search URL Search Domain Scan URL

URL: https://help.level.travel/
Title: Помощь

Search URL Search Domain Scan URL

URL: https://level.travel/agreements
Title: правовая информация

Search URL Search Domain Scan URL

URL: https://vk.com/level.travel?ref_source=internal&ref_medium=specs&ref_campaign=tilda&ref_content=landings&ref_term=footer

Search URL Search Domain Scan URL

URL: https://t.me/leveltravel?ref_source=internal&ref_medium=specs&ref_campaign=tilda&ref_content=landings&ref_term=footer

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC2zY7LXiFHeiMfEnNU0wY1w

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mkb.level.travel/ HTTP 302
https://promo.level.travel/wlalert Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://cdn.yc.level.travel/tracker/tracker.js?1778183113014 HTTP 301
https://jsapi.cdn.level.travel/tracker/tracker.js?1778183113014

Request Chain 40

https://mc.yandex.com/sync_cookie_image_check?scid=4874b531-46f8-8074-9860-eb1307f13099&cid=18706828 HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?cid=18706828&redirect_domain=mc.yandex.com&scid=4874b531-46f8-8074-9860-eb1307f13099&token=11024.V2DgwKB5EGlk4GHnt6zv2qk-LTG0Faror4F0A5u1Ih1XZs13MQhqitMpW4OYgfAg.6gbtgWu7hNjxnuAGVhzeMxzuXtA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?cid=18706828&scid=4874b531-46f8-8074-9860-eb1307f13099&token=11024.BS7_1EcqxvU5db27cGOv2gs8JK7HvyT4ct_JcPjdht-b-oIh0XpW0m41gJTtfIt3DtH_GgJeveWBWnCKXg44Ak_KGVhrYTB5Icq233H8wPY%2C.qV7JLV5YqL64qkC0xiH2_SuU4YU%2C

Request Chain 44

https://web-static.mindbox.ru/js/bydomain/promo.level.travel.js?_=5927277 HTTP 302
https://web-static-no-content.g.mindbox.ru/no-content?_=5927277

Request Chain 50

https://mc.yandex.com/watch/18706828?wmode=7&page-url=https%3A%2F%2Fpromo.level.travel%2Fwlalert&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22148%22%2C%22Google%20Chrome%22%3Bv%3D%22148%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A148.0.7778.96%0Achl%0A%22Chromium%22%3Bv%3D%22148.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22148.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3Apudvqnsfv62y3npq3237otj0noa8r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A2500%3Acn%3A1%3Adp%3A0%3Als%3A258479105649%3Ahid%3A477005060%3Az%3A-420%3Ai%3A20260507124514%3Aet%3A1778183114%3Ac%3A1%3Arn%3A486649196%3Arqn%3A1%3Au%3A1778183114202816919%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3936%3Awv%3A2%3Ads%3A26%2C499%2C432%2C52%2C912%2C0%2C%2C1174%2C4%2C3977%2C3977%2C7%2C3282%3Aco%3A0%3Acpf%3A1%3Ans%3A1778183108919%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1778183115%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D1%8D%D1%82%D0%BE%D0%B3%D0%BE%20%D0%BF%D0%B0%D1%80%D1%82%D0%BD%D0%B5%D1%80%D0%B0%20Level.Travel%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%20%D0%BE%D1%82%D0%BA%D0%BB%D1%8E%D1%87%D0%B5%D0%BD%D0%B0&t=clt(1362)gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42271232)ti(1) HTTP 302
https://mc.yandex.com/watch/18706828/1?wmode=7&page-url=https%3A%2F%2Fpromo.level.travel%2Fwlalert&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22148%22%2C%22Google%20Chrome%22%3Bv%3D%22148%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A148.0.7778.96%0Achl%0A%22Chromium%22%3Bv%3D%22148.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22148.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3Apudvqnsfv62y3npq3237otj0noa8r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A2500%3Acn%3A1%3Adp%3A0%3Als%3A258479105649%3Ahid%3A477005060%3Az%3A-420%3Ai%3A20260507124514%3Aet%3A1778183114%3Ac%3A1%3Arn%3A486649196%3Arqn%3A1%3Au%3A1778183114202816919%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3936%3Awv%3A2%3Ads%3A26%2C499%2C432%2C52%2C912%2C0%2C%2C1174%2C4%2C3977%2C3977%2C7%2C3282%3Aco%3A0%3Acpf%3A1%3Ans%3A1778183108919%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1778183115%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D1%8D%D1%82%D0%BE%D0%B3%D0%BE%20%D0%BF%D0%B0%D1%80%D1%82%D0%BD%D0%B5%D1%80%D0%B0%20Level.Travel%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%20%D0%BE%D1%82%D0%BA%D0%BB%D1%8E%D1%87%D0%B5%D0%BD%D0%B0&t=clt%281362%29gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842271232%29ti%281%29&redirnss=1

Request Chain 52

https://mc.yandex.com/sync_cookie_image_check_secondary?scid=ebd87ab0-1694-4a7e-8ec3-d6097dd737b9&cid=18706828 HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?cid=18706828&redirect_domain=mc.yandex.com&scid=ebd87ab0-1694-4a7e-8ec3-d6097dd737b9&token=11024.g2w9rFt3NN6j1aiI1a4oMGFMkXEj9ijHYg9CMSDH3qP8kobuMOKznecO_qIaYe6A.1YOzhlcO3MvmcBC1IbxGDTr-koE%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?cid=18706828&scid=ebd87ab0-1694-4a7e-8ec3-d6097dd737b9&token=11024.kS9gxB6ucVhdKcwsiyl4MHOEgUjtr90cMI5YzSJ-4xdaxKVirQvEXXHqzFkQzUYonkUpgToEENVhDaw21k9Ad2bgiFpdQel-FQ7-b52S2eM%2C.YQ9G7s6Bf3cMQ9Ut6o6TOJ7wmHg%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=18706828&redirect_domain=mc.yandex.com&scid=ebd87ab0-1694-4a7e-8ec3-d6097dd737b9&token=11024.i1nwOTNKEOCx3HJlZeBaIzDPzcrnCPsM5f3tlPQwHBc_NrxQ72yOGx5jzCKyuq_HWewIhK66G8lZkahGalleyYN3q5YCNr5Hc9HdqF2JV0XrJOXldQYp-ZOVmmfiKCexMUpzwoL7Iimlue-PVtFFhTumpkT_PcUWpbkMZNR13qGiKEwN4jjNCfllUTPSPkJBbvCIHbJDmpJsu_A2FmlkZA%2C%2C.FAMShT5BtH2QvhCUhTH9ag6Ro1s%2C

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request wlalert Show response
promo.level.travel/
Redirect Chain

https://mkb.level.travel/
https://promo.level.travel/wlalert

95 KB
13 KB

973ms
437ms

Document
text/html

185.215.4.24
DDOS-GUARD DDOS-G...

General

Check archive.org

Download Go to

Full URL: https://promo.level.travel/wlalert
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.215.4.24 Moscow, Russian Federation, ASN57724 (DDOS-GUARD DDOS-GUARD LTD, RU),
Reverse DNS
Software: ddos-guard /
Resource Hash: 31feca7086e21e1d797501b72e8657f33cc3a7ea95f6b424e339a1f7279dbe4c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 12983
content-type: text/html; charset=UTF-8
date: Thu, 07 May 2026 19:45:10 GMT
etag: "17a1b-63720ec11e4f5-gzip"
last-modified: Mon, 09 Jun 2025 10:19:59 GMT
server: ddos-guard
x-host: promo.level.travel
x-tilda-imprint: 0059fbbc-6374-4a09-b0ed-9a4401f65c78
x-tilda-server: 31
x-ws-id: 3

Redirect headers

cache-control: no-cache
content-length: 100
content-type: text/html; charset=utf-8
date: Thu, 07 May 2026 19:45:09 GMT
location: https://promo.level.travel/wlalert
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.22.1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 43ac4d40-4c12-4d35-99c1-2d612b22122f
x-runtime: 0.020993
x-xss-protection: 1; mode=block

GET
H2 200 tilda-fallback-1.0.min.js Show response
neo.tildacdn.com/js/ 2 KB
1 KB 338ms
79ms Script
application/javascript 194.48.203.181
ie-tildapublishin...

General

Check archive.org

Download Go to

Full URL: https://neo.tildacdn.com/js/tilda-fallback-1.0.min.js
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.48.203.181 , United Arab Emirates, ASN205282 (ie-tildapublishing-1 TILDA PLATFORM CLOUD SERVICES CO. L.L.C, AE),
Reverse DNS
Software: /
Resource Hash: cdf65e26b905a653bce60df182886b032b606940391badb1e3a655f434ca446c

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-tilda-server: 24
cache-control: max-age=604800
content-encoding: gzip
etag: W/"69dcad5c-77e"
access-control-allow-methods: GET
expires: Thu, 14 May 2026 19:45:11 GMT
access-control-allow-origin: *
x-tilda-imprint: 9855e9ce-7185-4618-ab4c-b2201d53ca4d
date: Thu, 07 May 2026 19:45:11 GMT
content-type: application/javascript
last-modified: Mon, 13 Apr 2026 08:46:20 GMT

GET
H2 200 tilda-grid-3.0.min.css
static.tildacdn.com/css/ 4 KB
1 KB 809ms
319ms Stylesheet
text/css 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/css/tilda-grid-3.0.min.css
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 0b5f664c528f466606c93195975f671fc46c3a9c10fee54426c2cd1cf89b1fec

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
x-tilda-front: fr-2
content-encoding: gzip
etag: W/"63f4be99-11a2"
access-control-allow-methods: GET, HEAD, OPTIONS
expires: Mon, 06 Jul 2026 19:45:11 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:11 GMT
content-type: text/css
x-node: m9-up-gc47, fr5-up-gc15
last-modified: Tue, 21 Feb 2023 12:52:41 GMT
access-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin
cache-control: max-age=5184000
x-tilda-origin: or-24
access-control-allow-origin: *
x-cached-since: 2026-04-20T12:17:22+00:00, 2026-04-20T12:29:21+00:00
server: nginx

GET
H2 200 tilda-blocks-page12329529.min.css
static.tildacdn.com/ws/project1296230/ 29 KB
6 KB 841ms
350ms Stylesheet
text/css 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/ws/project1296230/tilda-blocks-page12329529.min.css?t=1749464399
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: a6b226baa951e3448609325e2bae6822e25bbf95645cbf2b2e7dffb462c9b2a1

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-cached-since: 2026-04-24T18:08:00+00:00
cache: HIT, MISS
cache-control: max-age=5184000
x-host: ws.tildacdn.com
content-encoding: br
expires: Mon, 06 Jul 2026 19:45:11 GMT
x-tilda-origin: or-22
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
date: Thu, 07 May 2026 19:45:11 GMT
content-type: text/css
vary: Accept-Encoding
server: nginx
last-modified: Mon, 09 Jun 2025 10:19:59 GMT
x-node: m9-up-gc34, fr5-up-gc15

GET
H2 200 tilda-animation-2.0.min.css
static.tildacdn.com/css/ 3 KB
607 B 841ms
351ms Stylesheet
text/css 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/css/tilda-animation-2.0.min.css
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 4367cfe21925829103cb1d8a3e599fde37dcf00e90c8303c904e5db1f5816292

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
x-tilda-front: fr-2
content-encoding: br
etag: W/"687f7d3b-a77"
access-control-allow-methods: GET, HEAD, OPTIONS
expires: Mon, 06 Jul 2026 19:45:11 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:11 GMT
content-type: text/css
x-node: m9-up-gc37, fr5-up-gc15
vary: Accept-Encoding
last-modified: Tue, 22 Jul 2025 11:59:55 GMT
access-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin
cache-control: max-age=5184000
x-tilda-origin: or-23
access-control-allow-origin: *
x-cached-since: 2025-11-19T12:09:06+00:00, 2026-03-17T00:01:14+00:00
server: nginx

GET
H/1.1 200
OK custom.css
ws.tildacdn.com/project1296230/ 1 B
306 B 960ms
548ms Stylesheet
text/css 178.248.236.28
HLL-AS HLL LLC

General

Check archive.org

Download Go to

Full URL: https://ws.tildacdn.com/project1296230/custom.css?t=1749464399
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.28 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=0, public
X-Host: ws.tildacdn.com
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Keep-Alive: timeout=15
Date: Thu, 07 May 2026 19:45:11 GMT
Content-Type: text/css
Last-Modified: Mon, 09 Jun 2025 10:23:28 GMT
Server: QRATOR

GET
H2 200 jquery-1.10.2.min.js Show response
static.tildacdn.com/js/ 91 KB
31 KB 809ms
319ms Script
application/javascript 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/js/jquery-1.10.2.min.js
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
x-tilda-front: fr-2
content-encoding: br
etag: W/"605342c5-16b88"
access-control-allow-methods: GET, HEAD, OPTIONS
expires: Mon, 06 Jul 2026 19:45:11 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:11 GMT
content-type: application/javascript
x-node: m9p-up-gc10, fr5-up-gc15
vary: Accept-Encoding
last-modified: Thu, 18 Mar 2021 12:08:37 GMT
access-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin
cache-control: max-age=5184000
x-tilda-origin: or-27
access-control-allow-origin: *
x-cached-since: 2026-04-20T13:02:17+00:00, 2026-05-06T09:27:31+00:00
server: nginx

GET
H3 200 tilda-scripts-3.0.min.js Show response
static.tildacdn.com/js/ 22 KB
7 KB 167ms
156ms Script
application/javascript 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/js/tilda-scripts-3.0.min.js
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: ff9cb81dd5a11745597220a3cd7f37dfda02c4ec1961213f268b5ff215287b25

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
x-tilda-front: fr-1
content-encoding: br
etag: W/"69e74ff6-59fc"
access-control-allow-methods: GET, HEAD, OPTIONS
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: application/javascript; charset=utf8
x-node: m9-up-gc66, fr5-up-gc15
vary: Accept-Encoding
last-modified: Tue, 21 Apr 2026 10:22:46 GMT
access-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin
cache-control: max-age=5184000
x-tilda-origin: or-21
access-control-allow-origin: *
x-cached-since: 2026-04-22T21:55:10+00:00, 2026-04-22T21:56:14+00:00
server: nginx

GET
H3 200 tilda-blocks-page12329529.min.js Show response
static.tildacdn.com/ws/project1296230/ 6 KB
2 KB 453ms
443ms Script
application/javascript 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/ws/project1296230/tilda-blocks-page12329529.min.js?t=1749464399
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: b44afa8642bb347c5bf0f865d9f37775ad15ccded5562601720d62ca01ea8e2d

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-cached-since: 2026-05-06T13:58:45+00:00
cache: HIT, MISS
cache-control: max-age=5184000
x-host: ws.tildacdn.com
content-encoding: br
expires: Mon, 06 Jul 2026 19:45:12 GMT
x-tilda-origin: or-22
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
date: Thu, 07 May 2026 19:45:12 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Mon, 09 Jun 2025 10:19:59 GMT
x-node: m9p-up-gc152, fr5-up-gc15

GET
H3 200 tilda-animation-2.0.min.js Show response
static.tildacdn.com/js/ 35 KB
9 KB 166ms
155ms Script
application/javascript 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/js/tilda-animation-2.0.min.js
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: c764f6558612179a585b3b4e0f4e952a12142d0b158c5b570160cdf3db82b524

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: MISS, HIT
x-tilda-front: fr-2
content-encoding: gzip
etag: W/"6925c41d-8a79"
access-control-allow-methods: GET, HEAD, OPTIONS
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: application/javascript
x-node: m9-up-gc35, fr5-up-gc15
last-modified: Tue, 25 Nov 2025 14:58:37 GMT
access-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin
cache-control: max-age=5184000
x-tilda-origin: or-22
access-control-allow-origin: *
x-cached-since: 2026-04-24T12:47:07+00:00
server: nginx

GET
H3 200 tilda-menu-1.0.min.js Show response
static.tildacdn.com/js/ 11 KB
4 KB 456ms
446ms Script
application/javascript 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/js/tilda-menu-1.0.min.js
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: ec950b2112e31f39f0be799da2b0ed68dc816fa78c24bbeccc3b858111743fb3

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
x-tilda-front: fr-1
content-encoding: gzip
etag: W/"693160d0-2c96"
access-control-allow-methods: GET, HEAD, OPTIONS
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: application/javascript; charset=utf8
x-node: m9-up-gc66, fr5-up-gc15
last-modified: Thu, 04 Dec 2025 10:22:08 GMT
access-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin
cache-control: max-age=5184000
x-tilda-origin: or-22
access-control-allow-origin: *
x-cached-since: 2026-04-03T11:16:05+00:00, 2026-04-03T11:16:08+00:00
server: nginx

GET
H3 200 tilda-zero-1.1.min.js Show response
static.tildacdn.com/js/ 43 KB
14 KB 453ms
443ms Script
application/javascript 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/js/tilda-zero-1.1.min.js
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 34e1ed9fbfddc4e0d218fe8d2e445c1511b3078e3e15a27aa5e1c6916555cbd4

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
x-tilda-front: fr-1
content-encoding: gzip
etag: W/"69eb20fe-ad34"
access-control-allow-methods: GET, HEAD, OPTIONS
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: application/javascript; charset=utf8
x-node: m9-up-gc35, fr5-up-gc15
last-modified: Fri, 24 Apr 2026 07:51:26 GMT
access-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin
cache-control: max-age=5184000
x-tilda-origin: or-27
access-control-allow-origin: *
x-cached-since: 2026-05-06T13:00:56+00:00, 2026-05-06T14:25:25+00:00
server: nginx

GET
H3 200 tilda-zero-scale-1.0.min.js Show response
static.tildacdn.com/js/ 8 KB
3 KB 453ms
442ms Script
application/javascript 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/js/tilda-zero-scale-1.0.min.js
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 75ec414715a44a973f8ee234d3b2d664786f2fdef1fb1a80ac13fe7e4a770e01

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
x-tilda-front: fr-2
content-encoding: br
etag: W/"69f1ec0a-1f0d"
access-control-allow-methods: GET, HEAD, OPTIONS
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: application/javascript
x-node: m9-up-gc66, fr5-up-gc15
vary: Accept-Encoding
last-modified: Wed, 29 Apr 2026 11:31:22 GMT
access-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin
cache-control: max-age=5184000
x-tilda-origin: or-23
access-control-allow-origin: *
x-cached-since: 2026-04-29T11:40:13+00:00, 2026-04-29T11:41:17+00:00
server: nginx

GET
H3 200 tilda-skiplink-1.0.min.js Show response
static.tildacdn.com/js/ 2 KB
1 KB 458ms
448ms Script
application/javascript 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/js/tilda-skiplink-1.0.min.js
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: e30be28d85f8db5566078029d843d227687fd73ccfd6757d37b69b2fc06bf48d

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-cached-since: 2026-03-20T08:32:03+00:00, 2026-04-20T10:14:49+00:00
cache: HIT, HIT
tserver: 11
cache-control: max-age=5184000
content-encoding: br
etag: W/"6530dc3b-757"
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
date: Thu, 07 May 2026 19:45:12 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx
last-modified: Thu, 19 Oct 2023 07:35:23 GMT
x-node: m9p-up-gc23, fr5-up-gc15

GET
H3 200 tilda-events-1.0.min.js Show response
static.tildacdn.com/js/ 13 KB
4 KB 448ms
438ms Script
application/javascript 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/js/tilda-events-1.0.min.js
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 5ef75137fa784d916c1731eb5c3700fdadaf7babc8c55a933cb52910249ce576

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: MISS, HIT
x-tilda-front: fr-1
content-encoding: gzip
etag: W/"686fb375-347f"
access-control-allow-methods: GET, HEAD, OPTIONS
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: application/javascript; charset=utf8
x-node: m9p-up-gc23, fr5-up-gc15
last-modified: Thu, 10 Jul 2025 12:35:01 GMT
access-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin
cache-control: max-age=5184000
x-tilda-origin: or-21
access-control-allow-origin: *
x-cached-since: 2026-04-22T16:15:46+00:00
server: nginx

GET
H2 200 -05_1.svg
static.tildacdn.com/tild3562-3261-4963-a335-313465613737/ 3 KB
1 KB 834ms
351ms Image
image/svg+xml 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild3562-3261-4963-a335-313465613737/-05_1.svg
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: a7eee7c7f15e6f487546deefc71d6707d69226727358d3a9c0faf40fb16392c4

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
content-encoding: br
etag: W/"0d10bf9783576a2faadc0b4713f278a9"
age: 0
expires: Mon, 06 Jul 2026 19:45:11 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:11 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-node: m9p-up-gc25, fr5-up-gc15
last-modified: Mon, 16 Dec 2024 13:30:00 GMT
cache-control: max-age=5184000
t-server: or-11
access-control-allow-origin: *
x-cached-since: 2026-04-29T15:26:00+00:00, 2026-05-06T11:25:45+00:00
server: nginx

GET
H2 200 -05_3.png
static.tildacdn.com/tild3136-3333-4164-b735-326232646439/ 10 KB
10 KB 783ms
301ms Image
image/png 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild3136-3333-4164-b735-326232646439/-05_3.png
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 4bed6635c13bc8a37e223083590a0516dfa98a308250e00ccec4f9f3ad64c9df

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
etag: "237a73e78c4d607bec5e283051af77d4"
age: 0
expires: Mon, 06 Jul 2026 19:45:11 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:11 GMT
content-type: image/png
last-modified: Sun, 23 Feb 2025 20:12:02 GMT
x-node: m9-up-gc45, fr5-up-gc15
cache-control: max-age=5184000
t-server: or-11
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10224
x-cached-since: 2025-08-14T22:38:33+00:00, 2026-04-12T14:46:22+00:00
server: nginx

GET
H2 200 but_app.svg
static.tildacdn.com/tild3734-3863-4265-b861-393232303733/ 3 KB
2 KB 174ms
160ms Image
image/svg+xml 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild3734-3863-4265-b861-393232303733/but_app.svg
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: f09eebf0283e9793d692c7c12c4ab88073774468310eae55d8ee941103e09b4b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
content-encoding: br
etag: W/"195cea59bf374416c24f8436ae425c39"
age: 0
expires: Mon, 06 Jul 2026 19:45:11 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:11 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-node: m9-up-gc37, fr5-up-gc15
last-modified: Wed, 25 Dec 2024 14:31:31 GMT
cache-control: max-age=5184000
x-tilda-origin: or-27
access-control-allow-origin: *
x-cached-since: 2026-01-24T15:54:53+00:00, 2026-03-11T10:47:30+00:00
server: nginx

GET
H2 200 but_google.svg
static.tildacdn.com/tild3264-6338-4434-a136-333032646266/ 3 KB
1 KB 256ms
229ms Image
image/svg+xml 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild3264-6338-4434-a136-333032646266/but_google.svg
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 32a9efda06a88736da615c6df2ee007d71188e524910d8947f185ebe2ccf5277

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
content-encoding: br
etag: W/"dba660e3adf7118fe1e220713c8df23f"
age: 0
expires: Mon, 06 Jul 2026 19:45:11 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:11 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-node: m9p-up-gc25, fr5-up-gc15
last-modified: Wed, 25 Dec 2024 14:31:31 GMT
cache-control: max-age=5184000
x-tilda-origin: or-28
access-control-allow-origin: *
x-cached-since: 2026-04-19T22:13:15+00:00, 2026-05-06T09:32:13+00:00
server: nginx

GET
H3 200 but_huawei.svg
static.tildacdn.com/tild3131-3265-4436-b530-363765636136/ 4 KB
2 KB 451ms
440ms Image
image/svg+xml 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild3131-3265-4436-b530-363765636136/but_huawei.svg
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: a9d053df135040772d17b87e3677dddb10f0946b9090a15c070e41ac52a535a3

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
content-encoding: br
etag: W/"4becb059e496daa596d957076301f3b0"
age: 0
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-node: m9p-up-gc10, fr5-up-gc15
last-modified: Wed, 25 Dec 2024 14:31:31 GMT
cache-control: max-age=5184000
x-tilda-origin: or-28
access-control-allow-origin: *
x-cached-since: 2025-11-21T12:50:00+00:00, 2026-03-17T08:31:05+00:00
server: nginx

GET
H3 200 but_rustore.svg
static.tildacdn.com/tild6338-3265-4534-a363-333232663233/ 4 KB
2 KB 453ms
443ms Image
image/svg+xml 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild6338-3265-4534-a363-333232663233/but_rustore.svg
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: c298362a06e9fd860b2499cb642aa7f9f430529f8f7d48e04c492b3840281636

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
content-encoding: br
etag: W/"ed7c9a2b6bebefa2ab28c7157a89d59b"
age: 0
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-node: m9-up-gc46, fr5-up-gc15
last-modified: Wed, 25 Dec 2024 14:31:31 GMT
cache-control: max-age=5184000
x-tilda-origin: or-24
access-control-allow-origin: *
x-cached-since: 2025-10-01T05:24:10+00:00, 2026-03-14T09:41:07+00:00
server: nginx

GET
H3 200 Frame_2131327070.svg
static.tildacdn.com/tild3238-3965-4633-a339-613061336231/ 4 KB
2 KB 453ms
444ms Image
image/svg+xml 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild3238-3965-4633-a339-613061336231/Frame_2131327070.svg
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: d19aa4c6788315732c25df46594b18ebe0dacc8c65fa618e6c32c8936643f584

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
content-encoding: br
etag: W/"9eec821d43f46738dc46f5570ad2b479"
age: 0
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-node: m9-up-gc66, fr5-up-gc15
last-modified: Wed, 25 Dec 2024 14:33:42 GMT
cache-control: max-age=5184000
x-tilda-origin: or-25
access-control-allow-origin: *
x-cached-since: 2026-04-06T19:53:27+00:00, 2026-05-06T09:33:51+00:00
server: nginx

GET
H3 200 Frame_2131327071.svg
static.tildacdn.com/tild6163-3761-4535-a665-653165363466/ 4 KB
2 KB 458ms
448ms Image
image/svg+xml 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild6163-3761-4535-a665-653165363466/Frame_2131327071.svg
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 68fa6fccd621753e3a2428c6e59e55228a5bd5b764161e6ed246e9e304b369cf

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
content-encoding: br
etag: W/"2d4f8596f94d1d2bc93bea69acbfbba9"
age: 0
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-node: m9p-up-gc25, fr5-up-gc15
last-modified: Wed, 25 Dec 2024 14:33:42 GMT
cache-control: max-age=5184000
x-tilda-origin: or-22
access-control-allow-origin: *
x-cached-since: 2026-03-26T20:15:13+00:00, 2026-05-06T09:33:51+00:00
server: nginx

GET
H3 200 Frame_2131327072.svg
static.tildacdn.com/tild3730-3265-4165-b664-623634386361/ 3 KB
2 KB 443ms
433ms Image
image/svg+xml 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild3730-3265-4165-b664-623634386361/Frame_2131327072.svg
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 1037a7139f587c92ff1692bfa4d610e3eea764bc08f1f2459a777fd298bfa203

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
content-encoding: br
etag: W/"e902f954eb110ca8d2ab9a3e059e975a"
age: 0
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-node: m9-up-gc47, fr5-up-gc15
last-modified: Wed, 25 Dec 2024 14:33:42 GMT
cache-control: max-age=5184000
x-tilda-origin: or-24
access-control-allow-origin: *
x-cached-since: 2026-05-01T06:38:22+00:00, 2026-05-06T09:33:51+00:00
server: nginx

GET
H3 200 but_app.svg
static.tildacdn.com/tild3730-3761-4930-a132-363235363438/ 1 KB
1 KB 445ms
435ms Image
image/svg+xml 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild3730-3761-4930-a132-363235363438/but_app.svg
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 250674d5cb56f209babf83af77d06d15a5126f0a5648296624a500b9a45732ae

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
content-encoding: br
etag: W/"f6b3c5c4caa9bbabbbbe01d203d146d3"
age: 0
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-node: m9-up-gc66, fr5-up-gc15
last-modified: Wed, 25 Dec 2024 15:03:28 GMT
cache-control: max-age=5184000
x-tilda-origin: or-21
access-control-allow-origin: *
x-cached-since: 2026-03-11T16:41:29+00:00, 2026-05-06T09:33:51+00:00
server: nginx

GET
H3 200 but_google.svg
static.tildacdn.com/tild3266-3763-4337-a565-326434633562/ 788 B
820 B 444ms
435ms Image
image/svg+xml 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild3266-3763-4337-a565-326434633562/but_google.svg
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: e24977ccffe4ad30fedd4fad3d4c9afff7c12ac41ff32b1799c889a475f905f3

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
content-encoding: br
etag: W/"4488831d69468ad1362b57aaa2abd5ae"
age: 0
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-node: m9-up-gc34, fr5-up-gc15
last-modified: Wed, 25 Dec 2024 15:03:28 GMT
cache-control: max-age=5184000
x-tilda-origin: or-23
access-control-allow-origin: *
x-cached-since: 2026-04-20T13:57:59+00:00, 2026-05-06T09:33:52+00:00
server: nginx

GET
H3 200 but_huawei.svg
static.tildacdn.com/tild3631-3635-4134-b166-366462326563/ 2 KB
1 KB 442ms
432ms Image
image/svg+xml 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild3631-3635-4134-b166-366462326563/but_huawei.svg
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 9893b6b8d8cfbfae8dd580f74ec9536dfd2e1b676173aa4140a21cbb20cab21f

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
content-encoding: br
etag: W/"d1fe94dc7a637b671476d1d34bc2530a"
age: 0
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-node: m9-up-gc66, fr5-up-gc15
last-modified: Wed, 25 Dec 2024 15:03:28 GMT
cache-control: max-age=5184000
x-tilda-origin: or-25
access-control-allow-origin: *
x-cached-since: 2026-04-20T12:35:02+00:00, 2026-05-06T09:33:52+00:00
server: nginx

GET
H3 200 but_rustore.svg
static.tildacdn.com/tild6461-6338-4236-b131-666261663230/ 2 KB
1 KB 443ms
434ms Image
image/svg+xml 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild6461-6338-4236-b131-666261663230/but_rustore.svg
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: bc3c5a403c07feb0ea77666ddd4e9fb6a941c2cc1659549c17e58d6a278ac14e

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
content-encoding: br
etag: W/"cf32c8012f54a6ab735c6e8ef86435fc"
age: 0
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-node: m9p-up-gc152, fr5-up-gc15
last-modified: Wed, 25 Dec 2024 15:03:28 GMT
cache-control: max-age=5184000
x-tilda-origin: or-21
access-control-allow-origin: *
x-cached-since: 2026-04-20T14:15:41+00:00, 2026-05-06T09:33:52+00:00
server: nginx

GET
H3 200 Frame_2131327070.svg
static.tildacdn.com/tild6232-3463-4339-b633-366164653866/ 2 KB
1 KB 445ms
436ms Image
image/svg+xml 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild6232-3463-4339-b633-366164653866/Frame_2131327070.svg
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 59b6729767e80fd8b9e9941a0c9d9681e154d011779e96a821b1846395821f35

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
content-encoding: br
etag: W/"b8839d306f7b2dc5a0214a10f51f317f"
age: 0
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-node: m9-up-gc45, fr5-up-gc15
last-modified: Wed, 25 Dec 2024 15:04:39 GMT
cache-control: max-age=5184000
x-tilda-origin: or-23
access-control-allow-origin: *
x-cached-since: 2026-04-20T13:57:59+00:00, 2026-05-06T11:25:46+00:00
server: nginx

GET
H3 200 Frame_2131327071.svg
static.tildacdn.com/tild6232-6566-4230-a661-343661653864/ 1 KB
930 B 448ms
438ms Image
image/svg+xml 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild6232-6566-4230-a661-343661653864/Frame_2131327071.svg
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 03da2860a3317cd603b0b4fd30faeb15d047e9eaa7ade74348a42794bc70c7c6

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
content-encoding: br
etag: W/"a300afdc3822b793edb54a44340d181d"
age: 0
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-node: m9-up-gc37, fr5-up-gc15
last-modified: Wed, 25 Dec 2024 15:04:39 GMT
cache-control: max-age=5184000
x-tilda-origin: or-21
access-control-allow-origin: *
x-cached-since: 2026-03-11T13:28:10+00:00, 2026-05-06T09:33:52+00:00
server: nginx

GET
H3 200 Frame_2131327072.svg
static.tildacdn.com/tild3330-6332-4266-a238-666532323630/ 1 KB
1016 B 445ms
436ms Image
image/svg+xml 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to Show image

Full URL: https://static.tildacdn.com/tild3330-6332-4266-a238-666532323630/Frame_2131327072.svg
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 974ea9f9e9ebb9c6eb73658d2bb73efdfcebea8950558a1a8c106a27b462a815

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
content-encoding: br
etag: W/"7531a31c3ecc64dce54d9915ea3de198"
age: 0
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-node: m9-up-gc37, fr5-up-gc15
last-modified: Wed, 25 Dec 2024 15:04:39 GMT
cache-control: max-age=5184000
x-tilda-origin: or-25
access-control-allow-origin: *
x-cached-since: 2026-03-19T15:14:45+00:00, 2026-05-06T09:33:52+00:00
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 597 KB
155 KB 654ms
190ms Script
application/javascript 142.251.16.97
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6VN73

Requested by

Host: promo.level.travel
URL: https://promo.level.travel/wlalert

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bl-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

f35e0f24bde9d46f192ff50a00395a10e2f65dac331e9d6a05ee67e8758bf6f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: zstd
expires: Thu, 07 May 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 May 2026 19:45:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 07 May 2026 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 158695
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 ONYOneBeta-Regular_1.woff
static.tildacdn.com/tild6130-6336-4130-b538-323430613930/ 35 KB
35 KB 652ms
487ms Font
application/octet-stream 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/tild6130-6336-4130-b538-323430613930/ONYOneBeta-Regular_1.woff
Requested by: Host: static.tildacdn.com
URL: https://static.tildacdn.com/ws/project1296230/tilda-blocks-page12329529.min.css?t=1749464399
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 27239a1c04bfbb1d1b80d31ab0398912765a13f2f9582acfedf5655f1ad1b00e

Request headers

Origin: https://promo.level.travel
sec-ch-ua-platform: "Linux"
Referer: https://static.tildacdn.com/ws/project1296230/tilda-blocks-page12329529.min.css?t=1749464399
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
etag: "fb250cc49058574657d438ef27d653c2"
age: 0
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: application/octet-stream
last-modified: Thu, 06 Mar 2025 15:55:01 GMT
x-node: m9-up-gc45, fr5-up-gc15
cache-control: max-age=5184000
accept-ranges: bytes
x-tilda-origin: or-22
access-control-allow-origin: *
content-length: 35352
x-cached-since: 2026-04-18T12:03:19+00:00, 2026-04-20T12:36:30+00:00
server: nginx

GET
H3 200 ONYOneBeta-Medium_1.woff
static.tildacdn.com/tild3664-3233-4862-b961-613537386337/ 35 KB
35 KB 646ms
482ms Font
application/octet-stream 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/tild3664-3233-4862-b961-613537386337/ONYOneBeta-Medium_1.woff
Requested by: Host: static.tildacdn.com
URL: https://static.tildacdn.com/ws/project1296230/tilda-blocks-page12329529.min.css?t=1749464399
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 3a1b6fc44b9908c28d6d95ffba2710d1490d222194b86b802ddc901527993763

Request headers

Origin: https://promo.level.travel
sec-ch-ua-platform: "Linux"
Referer: https://static.tildacdn.com/ws/project1296230/tilda-blocks-page12329529.min.css?t=1749464399
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
etag: "27033e978c60e22063e5b3864f23d2c5"
age: 0
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: application/octet-stream
last-modified: Thu, 06 Mar 2025 15:46:21 GMT
x-node: m9-up-gc66, fr5-up-gc15
cache-control: max-age=5184000
t-server: or-7
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35556
x-cached-since: 2025-07-03T15:36:02+00:00, 2026-04-30T08:55:36+00:00
server: nginx

GET
H3 200 ONYOneBeta-Light.woff
static.tildacdn.com/tild6465-3632-4437-a330-363834393436/ 34 KB
34 KB 405ms
242ms Font
application/octet-stream 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/tild6465-3632-4437-a330-363834393436/ONYOneBeta-Light.woff
Requested by: Host: static.tildacdn.com
URL: https://static.tildacdn.com/ws/project1296230/tilda-blocks-page12329529.min.css?t=1749464399
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: aed4008539ed038a01be3f4ce27ee2727f1839e25e9e33426a37f60a89886c19

Request headers

Origin: https://promo.level.travel
sec-ch-ua-platform: "Linux"
Referer: https://static.tildacdn.com/ws/project1296230/tilda-blocks-page12329529.min.css?t=1749464399
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
etag: "980c7dc0cc8ac622468317c09f063f37"
age: 0
expires: Mon, 06 Jul 2026 19:45:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:12 GMT
content-type: application/octet-stream
last-modified: Thu, 30 Jan 2025 15:18:45 GMT
x-node: m9-up-gc45, fr5-up-gc15
cache-control: max-age=5184000
t-server: or-8
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34776
x-cached-since: 2025-07-03T15:36:02+00:00, 2026-04-30T08:55:36+00:00
server: nginx

GET
H2 200 loader.js Show response
api.flocktory.com/v2/ 163 KB
59 KB 1451ms
489ms Script
text/javascript 158.160.126.5
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL: https://api.flocktory.com/v2/loader.js?site_id=2113
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VN73
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.160.126.5 Moscow, Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),
Reverse DNS
Software: ycalb /
Resource Hash: c50b81825ff486e26df30002309b5a4a768ecfaf0d23cc01a71c2b4d74bcfe7f

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=1209600
content-encoding: gzip
x-amz-meta-s3cmd-attrs: atime:1774349823/ctime:1774349823/gid:0/gname:root/md5:73953a450368bcd46ef166105553cce1/mode:33188/mtime:1774349823/uid:0/uname:root
etag: W/"73953a450368bcd46ef166105553cce1"
access-control-allow-credentials: true
x-amz-request-id: e630c96e23d14419b0d26d642e1f3e45
x-proxy-cache: HIT
access-control-allow-origin: *
date: Thu, 07 May 2026 19:45:14 GMT
content-type: text/javascript
last-modified: Tue, 24 Mar 2026 11:01:58 GMT
server: ycalb

GET
H2 200 tracker.js Show response
api.mindbox.ru/scripts/v1/ 92 KB
29 KB 907ms
337ms Script
text/javascript 84.252.130.113
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://api.mindbox.ru/scripts/v1/tracker.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VN73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

84.252.130.113 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

a586dc962ee59b8a44d3497a35a4f886adc73c5f177dd61cc8c7cf2abc428858

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=315360000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
etag: W/"40848179a50c53ddbab24d886570099c"
x-content-type-options: nosniff
date: Thu, 07 May 2026 19:45:13 GMT
content-type: text/javascript
last-modified: Wed, 06 May 2026 09:14:55 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-frame-options: DENY
strict-transport-security: max-age=315360000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline'
cache-control: public,max-age=86400
timing-allow-origin: *
referrer-policy: same-origin
x-amz-request-id: 4fdbb7ca7172daa7
x-xss-protection: 1; mode=block
server: nginx

GET
H2

200

tracker.js Show response
jsapi.cdn.level.travel/tracker/
Redirect Chain

https://cdn.yc.level.travel/tracker/tracker.js?1778183113014
https://jsapi.cdn.level.travel/tracker/tracker.js?1778183113014

26 KB
11 KB

1769ms
318ms

Script
text/javascript

188.72.103.3
YACLOUDCDN Yandex...

General

Check archive.org

Download Go to

Full URL: https://jsapi.cdn.level.travel/tracker/tracker.js?1778183113014
Protocol: H2
Server: 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: bc020cfeec69d6106de73c718c4532be7bbc963a2dc8b6d5fe91b470f95fb7dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
Referer: https://promo.level.travel/

Response headers

x-request-id: 6cb65282edfd2a80
cache-control: max-age=345600
content-encoding: gzip
etag: W/"01781ecf4eba9787149f9efe31e28450"
x-amz-request-id: 8915ee6b6cbddae4
access-control-allow-origin: *
date: Thu, 07 May 2026 19:45:15 GMT
cache-status: HIT
content-type: text/javascript
vary: Accept-Encoding
server: nginx
last-modified: Fri, 12 Apr 2024 13:18:42 GMT
cache-host: yccdn-rndttk-1.yccdn.cloud.yandex.net

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
location: https://jsapi.cdn.level.travel/tracker/tracker.js?1778183113014
content-length: 162
date: Thu, 07 May 2026 19:45:13 GMT
content-type: text/html

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 258 KB
86 KB 959ms
414ms Script
application/javascript 77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: promo.level.travel
URL: https://promo.level.travel/wlalert

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

8e6566670997fe002df8efbf993e28d77d2e0109e5f2296a0cee9c3644e08974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "69fcb6bc-154dd"
expires: Thu, 07 May 2026 20:45:13 GMT
access-control-allow-origin: *
content-length: 87261
date: Thu, 07 May 2026 19:45:13 GMT
content-type: application/javascript
last-modified: Thu, 07 May 2026 15:58:52 GMT

GET
H3 200 Frame_2131327545.png
static.tildacdn.com/tild6261-3637-4337-b866-613431343436/ 2 KB
2 KB 151ms
149ms Other
image/png 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/tild6261-3637-4337-b866-613431343436/Frame_2131327545.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: bdd032ac5ec125be1cb6294c6d1593b8d3ae5709da59e816bcedad3c069c8ab3

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
etag: "0ea94bd808f6b3c3f5e5a7412e2d8762"
age: 0
expires: Mon, 06 Jul 2026 19:45:13 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:13 GMT
content-type: image/png
last-modified: Mon, 28 Apr 2025 14:57:14 GMT
x-node: m9-up-gc34, fr5-up-gc15
cache-control: max-age=5184000
t-server: or-13
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2159
x-cached-since: 2025-08-21T20:02:27+00:00, 2026-04-20T09:40:59+00:00
server: nginx

GET
H3 200 tilda-stat-1.0.min.js Show response
static.tildacdn.com/js/ 9 KB
4 KB 153ms
152ms Script
application/javascript 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Download Go to

Full URL: https://static.tildacdn.com/js/tilda-stat-1.0.min.js
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 30299b6ef1aff24831fb728ee4edaf4fc02c8c7dd0806bfa90f3e3ea7fe2bb80

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT, HIT
x-tilda-front: fr-2
content-encoding: gzip
etag: W/"68189486-25da"
access-control-allow-methods: GET, HEAD, OPTIONS
expires: Mon, 06 Jul 2026 19:45:14 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 07 May 2026 19:45:14 GMT
content-type: application/javascript
x-node: m9-up-gc47, fr5-up-gc15
last-modified: Mon, 05 May 2025 10:35:50 GMT
access-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin
cache-control: max-age=5184000
x-tilda-origin: or-26
access-control-allow-origin: *
x-cached-since: 2026-04-30T10:44:09+00:00, 2026-04-30T10:48:17+00:00
server: nginx

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?scid=4874b531-46f8-8074-9860-eb1307f13099&cid=18706828
https://mc.yandex.ru/sync_cookie_image_start?cid=18706828&redirect_domain=mc.yandex.com&scid=4874b531-46f8-8074-9860-eb1307f13099&token=11024.V2DgwKB5EGlk4GHnt6zv2qk-LTG0Faror4F0A5u1Ih1XZs13MQhqitM...
https://mc.yandex.com/sync_cookie_image_decide?cid=18706828&scid=4874b531-46f8-8074-9860-eb1307f13099&token=11024.BS7_1EcqxvU5db27cGOv2gs8JK7HvyT4ct_JcPjdht-b-oIh0XpW0m41gJTtfIt3DtH_GgJeveWBWnCKXg4...

43 B
66 B

193ms
192ms

Image
image/gif

77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?cid=18706828&scid=4874b531-46f8-8074-9860-eb1307f13099&token=11024.BS7_1EcqxvU5db27cGOv2gs8JK7HvyT4ct_JcPjdht-b-oIh0XpW0m41gJTtfIt3DtH_GgJeveWBWnCKXg44Ak_KGVhrYTB5Icq233H8wPY%2C.qV7JLV5YqL64qkC0xiH2_SuU4YU%2C

Protocol

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
Referer: https://promo.level.travel/

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
location: https://mc.yandex.com/sync_cookie_image_decide?cid=18706828&scid=4874b531-46f8-8074-9860-eb1307f13099&token=11024.BS7_1EcqxvU5db27cGOv2gs8JK7HvyT4ct_JcPjdht-b-oIh0XpW0m41gJTtfIt3DtH_GgJeveWBWnCKXg44Ak_KGVhrYTB5Icq233H8wPY%2C.qV7JLV5YqL64qkC0xiH2_SuU4YU%2C

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
382 B 192ms
191ms Image
image/gif 77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif?t=gdpr(14)ti(4)

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "69f20d52-2b"
expires: Thu, 07 May 2026 20:45:14 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Thu, 07 May 2026 19:45:14 GMT
last-modified: Wed, 29 Apr 2026 13:53:22 GMT
content-type: image/gif

GET
H2 200 provider.html Show response
api.flocktory.com/v2/provider/ Frame 6061 38 KB
15 KB 799ms
472ms Document
text/html 158.160.126.5
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL: https://api.flocktory.com/v2/provider/provider.html
Requested by: Host: api.flocktory.com
URL: https://api.flocktory.com/v2/loader.js?site_id=2113
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.160.126.5 Moscow, Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),
Reverse DNS
Software: ycalb /
Resource Hash: dde19c00156fa9aaf2943c7e85e6f09640a2d546ecacc60435bdb630e4d56837

Request headers

Referer: https://promo.level.travel/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
content-encoding: gzip
content-type: text/html
date: Thu, 07 May 2026 19:45:15 GMT
etag: W/"58501bae4cfa7ab42c180d63859c1088"
last-modified: Tue, 12 Dec 2023 08:59:25 GMT
referrer-policy: no-referrer-when-downgrade
server: ycalb
x-amz-request-id: b2cf5a48bafd4fce923958a64a19a0e8

GET
H2 200 setup-api Show response
api.flocktory.com/u_shaman/ 53 KB
11 KB 255ms
254ms Fetch
application/json 158.160.126.5
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://api.flocktory.com/u_shaman/setup-api?body=%7B%22siteId%22%3A%222113%22%2C%22utm%22%3A%7B%22source%22%3A%22%22%2C%22medium%22%3A%22%22%2C%22campaign%22%3A%22%22%2C%22term%22%3A%22%22%2C%22content%22%3A%22%22%7D%2C%22site-session-id%22%3A%2266543763-70b1-4a92-a103-87a59ea1a238-5%22%7D

Requested by

Host: api.flocktory.com
URL: https://api.flocktory.com/v2/loader.js?site_id=2113

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.160.126.5 Moscow, Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

ycalb /

Resource Hash

99f4c0703c387fa2acff2231c6cebe700abff6d029d48c0be8bfa73df6513883

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-expose-headers
content-encoding: gzip
x-decorator-operation: 0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
date: Thu, 07 May 2026 19:45:14 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
x-runtime: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;
cache-control: max-age=1800, private
access-control-allow-credentials: true
x-download-options: noopen
access-control-allow-origin: https://promo.level.travel
x-xss-protection: 1; mode=block
server: ycalb

GET
H2

204

no-content
web-static-no-content.g.mindbox.ru/
Redirect Chain

https://web-static.mindbox.ru/js/bydomain/promo.level.travel.js?_=5927277
https://web-static-no-content.g.mindbox.ru/no-content?_=5927277

0
0

1715ms
735ms

Fetch

158.160.187.127
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://web-static-no-content.g.mindbox.ru/no-content?_=5927277

Protocol

Server

158.160.187.127 Moscow, Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=315360000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
Referer: https://promo.level.travel/

Response headers

x-frame-options: DENY
strict-transport-security: max-age=315360000; includeSubDomains; preload
access-control-max-age: 200
content-security-policy: default-src 'self' 'unsafe-inline'
timing-allow-origin: *
referrer-policy: same-origin
access-control-allow-methods: HEAD, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: *
date: Thu, 07 May 2026 19:45:17 GMT
x-xss-protection: 1; mode=block
server: Kestrel
access-control-allow-headers: *

Redirect headers

x-request-id: f5f872e841c46032
location: https://web-static-no-content.g.mindbox.ru/no-content?_=5927277
timing-allow-origin: *
x-amz-request-id: f5f872e841c46032
x-amz-error-message: Resource Found
access-control-allow-origin: *
content-length: 194
x-amz-error-code: Found
date: Thu, 07 May 2026 19:45:16 GMT
cache-status: MISS
content-type: text/html; charset=utf-8
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: nginx
cache-host: yccdn-rndttk-1.yccdn.cloud.yandex.net

GET
H2 200 *.level.travel.js Show response
web-static.mindbox.ru/js/bydomain/ 0
7 KB 1756ms
482ms Fetch
application/javascript 188.72.103.3
YACLOUDCDN Yandex...

General

Check archive.org

Download Go to

Full URL: https://web-static.mindbox.ru/js/bydomain/*.level.travel.js?_=5927277
Requested by: Host: api.mindbox.ru
URL: https://api.mindbox.ru/scripts/v1/tracker.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-request-id: 05f38091caf5a1bb
cache-control: public,max-age=600
timing-allow-origin: *
content-encoding: gzip
etag: W/"af7969755572e631a0da29150387f455"
x-amz-request-id: 05f38091caf5a1bb
access-control-allow-origin: *
date: Thu, 07 May 2026 19:45:16 GMT
cache-status: MISS
content-type: application/javascript
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: nginx
last-modified: Thu, 07 May 2026 14:53:33 GMT
cache-host: yccdn-rndttk-1.yccdn.cloud.yandex.net

POST
H2 200 track-visit Show response
api.mindbox.ru/v1.1/customer/ 134 B
716 B 390ms
387ms XHR
application/json 84.252.130.113
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://api.mindbox.ru/v1.1/customer/track-visit?version=1.0.791&transport=XmlHttpRequest

Requested by

Host: api.mindbox.ru
URL: https://api.mindbox.ru/scripts/v1/tracker.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

84.252.130.113 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

Kestrel /

Resource Hash

b6ea83e9d1864030c4daabf10a290c82827e562b52f3b3bc5f8bedc861d46165

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=315360000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
Accept: application/json
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
Content-Type: application/x-www-form-urlencoded
sec-ch-ua-mobile: ?0

Response headers

x-content-type-options: nosniff
expires: -1
date: Thu, 07 May 2026 19:45:14 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-frame-options: DENY
strict-transport-security: max-age=315360000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline'
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
access-control-allow-origin: https://promo.level.travel
content-length: 134
x-xss-protection: 1; mode=block
server: Kestrel

POST
H2 200 / Show response
stat.tildaapi.com/event/ 16 B
414 B 513ms
292ms XHR
application/json 185.129.100.115
DDOS-GUARD DDOS-G...

General

Check archive.org

Download Go to

Full URL: https://stat.tildaapi.com/event/
Requested by: Host: static.tildacdn.com
URL: https://static.tildacdn.com/js/tilda-stat-1.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.129.100.115 , Russian Federation, ASN57724 (DDOS-GUARD DDOS-GUARD LTD, RU),
Reverse DNS: ddos-guard.net
Software: ddos-guard /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-origin: https://promo.level.travel
date: Thu, 07 May 2026 19:45:15 GMT
content-type: application/json;charset=utf-8
server: ddos-guard

GET
H2 200 ultimate.js
api.flocktory.com/underworld/tracks/ 33 B
33 B 176ms
176ms Image
application/javascript 158.160.126.5
YandexCloud Yande...

General

Check archive.org

Download Go to Show image

Full URL: https://api.flocktory.com/underworld/tracks/ultimate.js?body=%7B%22data%22%3A%7B%22action%22%3A%22session.page_visit%22%2C%22payload%22%3A%7B%22resolution%22%3A%221600x1200%22%2C%22ga%22%3A%7B%22utmcsr%22%3A%22%22%2C%22utmccn%22%3A%22%22%2C%22utmcmd%22%3A%22%22%2C%22h_utmcsr%22%3A%22%22%2C%22h_utmccn%22%3A%22%22%2C%22h_utmcmd%22%3A%22%22%7D%2C%22url%22%3A%22https%3A%2F%2Fpromo.level.travel%2Fwlalert%22%7D%2C%22links%22%3A%7B%22site%22%3A2113%7D%7D%2C%22site-session-id%22%3A%2266543763-70b1-4a92-a103-87a59ea1a238-5%22%7D&callback=flock_jsonp_9999
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.160.126.5 Moscow, Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),
Reverse DNS
Software: ycalb /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
date: Thu, 07 May 2026 19:45:15 GMT
x-decorator-operation: 0
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: ycalb
x-runtime: 0

POST
H2 200 async
api.mindbox.ru/v3/js/operations/ 0
539 B 437ms
436ms Ping
text/plain 84.252.130.113
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://api.mindbox.ru/v3/js/operations/async?version=1.0.791&transport=beacon&operation=Online.VisitPromoLevelTravel&originDomain=promo.level.travel&trackerName=mindbox

Requested by

Host: api.mindbox.ru
URL: https://api.mindbox.ru/scripts/v1/tracker.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

84.252.130.113 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=315360000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=315360000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline'
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
x-content-type-options: nosniff
expires: -1
access-control-allow-origin: https://promo.level.travel
content-length: 0
date: Thu, 07 May 2026 19:45:14 GMT
x-xss-protection: 1; mode=block
vary: Origin
server: Kestrel
x-frame-options: DENY

GET
H2

200

1 Show response
mc.yandex.com/watch/18706828/
Redirect Chain

https://mc.yandex.com/watch/18706828?wmode=7&page-url=https%3A%2F%2Fpromo.level.travel%2Fwlalert&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22148%22%2C%22Google%20Chrome%22%3Bv%3D%22148%22%2C%22...
https://mc.yandex.com/watch/18706828/1?wmode=7&page-url=https%3A%2F%2Fpromo.level.travel%2Fwlalert&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22148%22%2C%22Google%20Chrome%22%3Bv%3D%22148%22%2C%...

733 B
1 KB

341ms
341ms

Fetch
application/json

77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/watch/18706828/1?wmode=7&page-url=https%3A%2F%2Fpromo.level.travel%2Fwlalert&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22148%22%2C%22Google%20Chrome%22%3Bv%3D%22148%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A148.0.7778.96%0Achl%0A%22Chromium%22%3Bv%3D%22148.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22148.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3Apudvqnsfv62y3npq3237otj0noa8r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A2500%3Acn%3A1%3Adp%3A0%3Als%3A258479105649%3Ahid%3A477005060%3Az%3A-420%3Ai%3A20260507124514%3Aet%3A1778183114%3Ac%3A1%3Arn%3A486649196%3Arqn%3A1%3Au%3A1778183114202816919%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3936%3Awv%3A2%3Ads%3A26%2C499%2C432%2C52%2C912%2C0%2C%2C1174%2C4%2C3977%2C3977%2C7%2C3282%3Aco%3A0%3Acpf%3A1%3Ans%3A1778183108919%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1778183115%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D1%8D%D1%82%D0%BE%D0%B3%D0%BE%20%D0%BF%D0%B0%D1%80%D1%82%D0%BD%D0%B5%D1%80%D0%B0%20Level.Travel%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%20%D0%BE%D1%82%D0%BA%D0%BB%D1%8E%D1%87%D0%B5%D0%BD%D0%B0&t=clt%281362%29gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842271232%29ti%281%29&redirnss=1

Protocol

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

3450f0fcac3abac44a3fd4040a4705f49d846e7f304dda34adc4aea2299a2646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
Referer: https://promo.level.travel/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Thu, 07-May-2026 19:45:15 GMT
access-control-allow-origin: https://promo.level.travel
content-length: 733
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
last-modified: Thu, 07-May-2026 19:45:15 GMT

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/18706828/1?wmode=7&page-url=https%3A%2F%2Fpromo.level.travel%2Fwlalert&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22148%22%2C%22Google%20Chrome%22%3Bv%3D%22148%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A148.0.7778.96%0Achl%0A%22Chromium%22%3Bv%3D%22148.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22148.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3Apudvqnsfv62y3npq3237otj0noa8r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A2500%3Acn%3A1%3Adp%3A0%3Als%3A258479105649%3Ahid%3A477005060%3Az%3A-420%3Ai%3A20260507124514%3Aet%3A1778183114%3Ac%3A1%3Arn%3A486649196%3Arqn%3A1%3Au%3A1778183114202816919%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3936%3Awv%3A2%3Ads%3A26%2C499%2C432%2C52%2C912%2C0%2C%2C1174%2C4%2C3977%2C3977%2C7%2C3282%3Aco%3A0%3Acpf%3A1%3Ans%3A1778183108919%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1778183115%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D1%8D%D1%82%D0%BE%D0%B3%D0%BE%20%D0%BF%D0%B0%D1%80%D1%82%D0%BD%D0%B5%D1%80%D0%B0%20Level.Travel%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%20%D0%BE%D1%82%D0%BA%D0%BB%D1%8E%D1%87%D0%B5%D0%BD%D0%B0&t=clt%281362%29gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842271232%29ti%281%29&redirnss=1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 07-May-2026 19:45:15 GMT
access-control-allow-origin: https://promo.level.travel
x-xss-protection: 1; mode=block
last-modified: Thu, 07-May-2026 19:45:15 GMT

POST
H2 200 track Show response
conversion.lvtv.me/ 48 B
344 B 794ms
367ms Fetch
application/json 158.160.114.16
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL: https://conversion.lvtv.me/track
Requested by: Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/tracker/tracker.js?1778183113014
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.160.114.16 Moscow, Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),
Reverse DNS
Software: /
Resource Hash: 7d2c6e0bf6f41fe4020c4b1253be3ce9f3a1ae7bc67a41cdcbbb48f956cf3bed

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

x-request-id: b9afb547-7d0c-49dd-9676-b57b98509d44
access-control-expose-headers: *, Authorization, X-Authorization
content-encoding: gzip
access-control-allow-credentials: true
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: https://promo.level.travel
content-length: 73
date: Thu, 07 May 2026 19:45:16 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding

GET
H2

200

sync_cookie_image_finish_secondary
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary?scid=ebd87ab0-1694-4a7e-8ec3-d6097dd737b9&cid=18706828
https://mc.yandex.ru/sync_cookie_image_start_secondary?cid=18706828&redirect_domain=mc.yandex.com&scid=ebd87ab0-1694-4a7e-8ec3-d6097dd737b9&token=11024.g2w9rFt3NN6j1aiI1a4oMGFMkXEj9ijHYg9CMSDH3qP8k...
https://mc.yandex.com/sync_cookie_image_decide_secondary?cid=18706828&scid=ebd87ab0-1694-4a7e-8ec3-d6097dd737b9&token=11024.kS9gxB6ucVhdKcwsiyl4MHOEgUjtr90cMI5YzSJ-4xdaxKVirQvEXXHqzFkQzUYonkUpgToEE...
https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=18706828&redirect_domain=mc.yandex.com&scid=ebd87ab0-1694-4a7e-8ec3-d6097dd737b9&token=11024.i1nwOTNKEOCx3HJlZeBaIzDPzcrnCPsM5f3tlPQwHBc_...

43 B
404 B

191ms
190ms

Image
image/gif

77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=18706828&redirect_domain=mc.yandex.com&scid=ebd87ab0-1694-4a7e-8ec3-d6097dd737b9&token=11024.i1nwOTNKEOCx3HJlZeBaIzDPzcrnCPsM5f3tlPQwHBc_NrxQ72yOGx5jzCKyuq_HWewIhK66G8lZkahGalleyYN3q5YCNr5Hc9HdqF2JV0XrJOXldQYp-ZOVmmfiKCexMUpzwoL7Iimlue-PVtFFhTumpkT_PcUWpbkMZNR13qGiKEwN4jjNCfllUTPSPkJBbvCIHbJDmpJsu_A2FmlkZA%2C%2C.FAMShT5BtH2QvhCUhTH9ag6Ro1s%2C

Protocol

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
Referer: https://promo.level.travel/

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
location: https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=18706828&redirect_domain=mc.yandex.com&scid=ebd87ab0-1694-4a7e-8ec3-d6097dd737b9&token=11024.i1nwOTNKEOCx3HJlZeBaIzDPzcrnCPsM5f3tlPQwHBc_NrxQ72yOGx5jzCKyuq_HWewIhK66G8lZkahGalleyYN3q5YCNr5Hc9HdqF2JV0XrJOXldQYp-ZOVmmfiKCexMUpzwoL7Iimlue-PVtFFhTumpkT_PcUWpbkMZNR13qGiKEwN4jjNCfllUTPSPkJBbvCIHbJDmpJsu_A2FmlkZA%2C%2C.FAMShT5BtH2QvhCUhTH9ag6Ro1s%2C

GET
H2 200 tag_phono.js Show response
mc.yandex.com/metrika/ 55 KB
13 KB 224ms
223ms Script
application/javascript 77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/metrika/tag_phono.js

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

6445ef7be8df3ee9e4c463b9f6df9f54b4433bb9e9b6fdc773f76f22e9e9553f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "69fb5b46-343c"
expires: Thu, 07 May 2026 20:45:16 GMT
access-control-allow-origin: *
content-length: 13372
date: Thu, 07 May 2026 19:45:16 GMT
last-modified: Wed, 06 May 2026 15:16:22 GMT
content-type: application/javascript

GET
H2 404 leveltravelwebsite.json Show response
web-static.mindbox.ru/personalization/byendpoint/ 225 B
501 B 316ms
304ms XHR
text/html 188.72.103.3
YACLOUDCDN Yandex...

General

Check archive.org

Download Go to

Full URL: https://web-static.mindbox.ru/personalization/byendpoint/leveltravelwebsite.json?_=5927277
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: e455fc01bf8f4df8540513fa00357c4f7fe3e87b1d7a1d9aa05384069ee9e566

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-request-id: 8051d4cd4933ec81
timing-allow-origin: *
x-amz-request-id: 8051d4cd4933ec81
access-control-allow-origin: *
content-length: 225
date: Thu, 07 May 2026 19:45:18 GMT
cache-status: MISS
content-type: text/html; charset=utf-8
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: nginx
cache-host: yccdn-rndttk-1.yccdn.cloud.yandex.net

GET
H2 200 leveltravelwebsite.json Show response
web-static.mindbox.ru/quizzes/byendpoint/ 15 B
404 B 321ms
319ms XHR
application/javascript 188.72.103.3
YACLOUDCDN Yandex...

General

Check archive.org

Download Go to

Full URL: https://web-static.mindbox.ru/quizzes/byendpoint/leveltravelwebsite.json?_=5927277
Requested by: Host: promo.level.travel
URL: https://promo.level.travel/wlalert
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: e94ff7a7cb320a790942e171d846b5ddc4961c0dd0d4483fde35c70fabd88dd8

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://promo.level.travel/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-host: yccdn-rndttk-1.yccdn.cloud.yandex.net
x-request-id: 91be5282f95bb389
cache-control: public,max-age=600
timing-allow-origin: *
etag: "05a148f2c0f535dbec6e121d2aaaed73"
x-amz-request-id: 91be5282f95bb389
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15
date: Thu, 07 May 2026 19:45:18 GMT
cache-status: MISS
content-type: application/javascript
last-modified: Thu, 07 May 2026 12:47:37 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

Verdicts & Comments Add Verdict or Comment

262 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mkb.level.travel/	1969-12-31 23:59:59	Name: cversion Value: 40
.level.travel/	1970-01-21 23:32:23	Name: uuid Value: 7db63fbd-24cc-4c97-8250-a6a9d2f49878
.level.travel/	1970-01-21 13:56:24	Name: __ddg9_ Value: 139.28.218.137
.level.travel/	1970-01-21 22:41:59	Name: __ddg1_ Value: VFMmror8Atq46nPe9EzL
.yandex.ru/	1970-01-21 23:32:23	Name: bh Value: EkEiQ2hyb21pdW0iO3Y9IjE0OCIsICJHb29nbGUgQ2hyb21lIjt2PSIxNDgiLCAiTm90LUEuQnJhbmQiO3Y9IjI0IioCPzA6ByJMaW51eCJgydfzzwZqGdzK6YgO8qy3pQv7+vDnDev//fYP06DOhwg=
promo.level.travel/	1970-01-21 16:05:59	Name: tildauid Value: 1778183114186.188204
promo.level.travel/	1970-01-21 13:56:24	Name: tildasid Value: 1778183114186.901941
.level.travel/	1970-01-21 22:41:59	Name: _ym_uid Value: 1778183114202816919
.level.travel/	1970-01-21 22:41:59	Name: _ym_d Value: 1778183114
.level.travel/	1970-01-21 13:57:35	Name: _ym_isad Value: 2
promo.level.travel/	1970-01-21 21:55:54	Name: flocktory-uuid Value: 66543763-70b1-4a92-a103-87a59ea1a238-5
promo.level.travel/	1970-01-21 13:56:24	Name: previousUrl Value: promo.level.travel%2Fwlalert
.mc.yandex.com/	1970-01-21 13:56:23	Name: sync_cookie_csrf Value: 273962476fake
.flocktory.com/	1970-01-21 23:32:23	Name: __flocktory-web_session2 Value: 163f26b4-eed3-4f2d-840efe868d0a3f70
.mc.yandex.ru/	1970-01-21 13:56:23	Name: sync_cookie_csrf Value: 2311190421fake
api.mindbox.ru/	1970-01-21 23:32:23	Name: deviceUUID Value: 84cd3aa2-94ec-4965-b8ea-5cf75e344e54
.level.travel/	1970-01-21 23:32:23	Name: mindboxDeviceUUID Value: 84cd3aa2-94ec-4965-b8ea-5cf75e344e54
.level.travel/	1970-01-21 23:32:23	Name: directCrm-session Value: %7B%22deviceGuid%22%3A%2284cd3aa2-94ec-4965-b8ea-5cf75e344e54%22%7D
.level.travel/	1970-01-21 13:56:24	Name: __ddg8_ Value: o0nTKYAV5d4Mt5jM
.level.travel/	1970-01-21 13:56:24	Name: __ddg10_ Value: 1778183114
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 94420791778183115
.yandex.com/	1970-01-21 23:32:23	Name: i Value: Gz3J1dcm2oN4UqhlOuUY9D+QXb8QnL0RbOEa5JePbaZuMAQC73ukV1m2UXXIjluSTnbmX5qzRNbsYfJqtruwCyrEbHk=
.yandex.com/	1970-01-21 23:32:23	Name: yandexuid Value: 959166681778183115
.yandex.com/	1970-01-21 23:32:23	Name: yuidss Value: 959166681778183115
.yandex.com/	1970-01-21 22:41:59	Name: ymex Value: 2093543115.yrts.1778183115#2093543115.yrtsi.1778183115
.yandex.com/	1970-01-21 22:41:59	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 23:32:23	Name: bh Value: EkEiQ2hyb21pdW0iO3Y9IjE0OCIsICJHb29nbGUgQ2hyb21lIjt2PSIxNDgiLCAiTm90LUEuQnJhbmQiO3Y9IjI0IhoDeDg2Ig0xNDguMC43Nzc4Ljk2KgI/MDoHIkxpbnV4IkoCNjRSUSJDaHJvbWl1bSI7dj0iMTQ4LjAuMC4wIiwiR29vZ2xlIENocm9tZSI7dj0iMTQ4LjAuMC4wIiwiTm90LUEuQnJhbmQiO3Y9IjI0LjAuMC4wImDL1/PPBmoZ3MrpiA7yrLelC/v68OcN6//99g/ToM6HCA==
.mc.yandex.com/	1970-01-21 13:56:23	Name: sync_cookie_csrf_secondary Value: 3478901617fake
.mc.yandex.ru/	1970-01-21 13:56:23	Name: sync_cookie_csrf_secondary Value: 3484424962fake
.mc.yandex.com/	1970-01-21 13:57:49	Name: sync_cookie_ok_secondary Value: synced
.yandex.ru/	1970-01-21 23:32:23	Name: yandexuid Value: 959166681778183115
.yandex.ru/	1970-01-21 23:32:23	Name: yuidss Value: 959166681778183115
.yandex.ru/	1970-01-21 23:32:23	Name: i Value: Gz3J1dcm2oN4UqhlOuUY9D+QXb8QnL0RbOEa5JePbaZuMAQC73ukV1m2UXXIjluSTnbmX5qzRNbsYfJqtruwCyrEbHk=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://web-static.mindbox.ru/personalization/byendpoint/leveltravelwebsite.json?_=5927277 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.


api.flocktory.com
api.mindbox.ru
cdn.yc.level.travel
conversion.lvtv.me
jsapi.cdn.level.travel
mc.yandex.com
mc.yandex.ru
mkb.level.travel
neo.tildacdn.com
promo.level.travel
stat.tildaapi.com
static.tildacdn.com
web-static-no-content.g.mindbox.ru
web-static.mindbox.ru
ws.tildacdn.com
www.googletagmanager.com
142.251.16.97
158.160.114.16
158.160.126.5
158.160.187.127
178.248.236.28
185.129.100.115
185.215.4.24
188.72.103.3
194.48.203.181
5.101.37.37
51.250.120.164
77.88.21.119
84.201.180.164
84.252.130.113
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03da2860a3317cd603b0b4fd30faeb15d047e9eaa7ade74348a42794bc70c7c6
0b5f664c528f466606c93195975f671fc46c3a9c10fee54426c2cd1cf89b1fec
1037a7139f587c92ff1692bfa4d610e3eea764bc08f1f2459a777fd298bfa203
250674d5cb56f209babf83af77d06d15a5126f0a5648296624a500b9a45732ae
27239a1c04bfbb1d1b80d31ab0398912765a13f2f9582acfedf5655f1ad1b00e
30299b6ef1aff24831fb728ee4edaf4fc02c8c7dd0806bfa90f3e3ea7fe2bb80
31feca7086e21e1d797501b72e8657f33cc3a7ea95f6b424e339a1f7279dbe4c
32a9efda06a88736da615c6df2ee007d71188e524910d8947f185ebe2ccf5277
3450f0fcac3abac44a3fd4040a4705f49d846e7f304dda34adc4aea2299a2646
34e1ed9fbfddc4e0d218fe8d2e445c1511b3078e3e15a27aa5e1c6916555cbd4
3a1b6fc44b9908c28d6d95ffba2710d1490d222194b86b802ddc901527993763
4367cfe21925829103cb1d8a3e599fde37dcf00e90c8303c904e5db1f5816292
4bed6635c13bc8a37e223083590a0516dfa98a308250e00ccec4f9f3ad64c9df
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59b6729767e80fd8b9e9941a0c9d9681e154d011779e96a821b1846395821f35
5ef75137fa784d916c1731eb5c3700fdadaf7babc8c55a933cb52910249ce576
6445ef7be8df3ee9e4c463b9f6df9f54b4433bb9e9b6fdc773f76f22e9e9553f
68fa6fccd621753e3a2428c6e59e55228a5bd5b764161e6ed246e9e304b369cf
75ec414715a44a973f8ee234d3b2d664786f2fdef1fb1a80ac13fe7e4a770e01
7d2c6e0bf6f41fe4020c4b1253be3ce9f3a1ae7bc67a41cdcbbb48f956cf3bed
8e6566670997fe002df8efbf993e28d77d2e0109e5f2296a0cee9c3644e08974
974ea9f9e9ebb9c6eb73658d2bb73efdfcebea8950558a1a8c106a27b462a815
9893b6b8d8cfbfae8dd580f74ec9536dfd2e1b676173aa4140a21cbb20cab21f
99f4c0703c387fa2acff2231c6cebe700abff6d029d48c0be8bfa73df6513883
a586dc962ee59b8a44d3497a35a4f886adc73c5f177dd61cc8c7cf2abc428858
a6b226baa951e3448609325e2bae6822e25bbf95645cbf2b2e7dffb462c9b2a1
a7eee7c7f15e6f487546deefc71d6707d69226727358d3a9c0faf40fb16392c4
a9d053df135040772d17b87e3677dddb10f0946b9090a15c070e41ac52a535a3
aed4008539ed038a01be3f4ce27ee2727f1839e25e9e33426a37f60a89886c19
b44afa8642bb347c5bf0f865d9f37775ad15ccded5562601720d62ca01ea8e2d
b6ea83e9d1864030c4daabf10a290c82827e562b52f3b3bc5f8bedc861d46165
bc020cfeec69d6106de73c718c4532be7bbc963a2dc8b6d5fe91b470f95fb7dc
bc3c5a403c07feb0ea77666ddd4e9fb6a941c2cc1659549c17e58d6a278ac14e
bdd032ac5ec125be1cb6294c6d1593b8d3ae5709da59e816bcedad3c069c8ab3
c298362a06e9fd860b2499cb642aa7f9f430529f8f7d48e04c492b3840281636
c50b81825ff486e26df30002309b5a4a768ecfaf0d23cc01a71c2b4d74bcfe7f
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
c764f6558612179a585b3b4e0f4e952a12142d0b158c5b570160cdf3db82b524
cdf65e26b905a653bce60df182886b032b606940391badb1e3a655f434ca446c
d19aa4c6788315732c25df46594b18ebe0dacc8c65fa618e6c32c8936643f584
dde19c00156fa9aaf2943c7e85e6f09640a2d546ecacc60435bdb630e4d56837
e24977ccffe4ad30fedd4fad3d4c9afff7c12ac41ff32b1799c889a475f905f3
e30be28d85f8db5566078029d843d227687fd73ccfd6757d37b69b2fc06bf48d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e455fc01bf8f4df8540513fa00357c4f7fe3e87b1d7a1d9aa05384069ee9e566
e94ff7a7cb320a790942e171d846b5ddc4961c0dd0d4483fde35c70fabd88dd8
ec950b2112e31f39f0be799da2b0ed68dc816fa78c24bbeccc3b858111743fb3
f09eebf0283e9793d692c7c12c4ab88073774468310eae55d8ee941103e09b4b
f35e0f24bde9d46f192ff50a00395a10e2f65dac331e9d6a05ee67e8758bf6f3
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
ff9cb81dd5a11745597220a3cd7f37dfda02c4ec1961213f268b5ff215287b25

promo.level.travel 185.215.4.24 Public Scan Open in urlscan Pro

Internal

Effective Hostname

Submitted URL

Effective URL Pivot

Effective IP

Summary

urlscan.io Verdict: No classification

Domain & IP information

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

91 %HTTPS

0 %IPv6

9 Domains

17 Subdomains

12 IPs

4 Countries

632 kBTransfer

1809 kBSize

33 Cookies

17 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

promo.level.travel
185.215.4.24 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

57
Requests

91 %
HTTPS

0 %
IPv6

9
Domains

17
Subdomains

12
IPs

4
Countries

632 kB
Transfer

1809 kB
Size

33
Cookies

57 HTTP transactions
0 data transactions