urlscan.io logo urlscan.io
SecurityTrails logo

newyeartrips.ru Open in urlscan Pro
91.236.136.41  Public Scan

Go To Rescan Add Verdict Report
URL: https://newyeartrips.ru/
Submission Tags: phishingrod
Submission: On June 20 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 7 domains to perform 28 HTTP transactions. The main IP is 91.236.136.41, located in Moscow, Russian Federation and belongs to WEBHOST1-AS, RU. The main domain is newyeartrips.ru.
TLS certificate: Issued by R3 on April 13th 2024. Valid for: 3 months.
This is the only time newyeartrips.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 91.236.136.41 44094 (WEBHOST1-AS)
3 104.18.10.207 13335 (CLOUDFLAR...)
2 188.42.198.252 7979 (SERVERS-COM)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:210... 16509 (AMAZON-02)
1 65.9.86.98 16509 (AMAZON-02)
4 2a11:27c0::93 210756 (EDGECENTE...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
28 10
9    91.236.136.41 (Moscow, Russian Federation)

ASN44094 (WEBHOST1-AS, RU)
PTR: s110.webhost1.ru
newyeartrips.ru
3    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
maxcdn.bootstrapcdn.com
2    188.42.198.252 (Luxembourg)

ASN7979 (SERVERS-COM, US)
c26.travelpayouts.com
www.travelpayouts.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    2606:4700:10::6816:989 (United States)

ASN13335 (CLOUDFLARENET, US)
api.level.travel
1    2600:9000:2104:0:1f:1dd0:f700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.level.travel
1    65.9.86.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-98.ams1.r.cloudfront.net
static.aviasales.com
4    2a11:27c0::93 (Russian Federation)

ASN210756 (EDGECENTERLLC, RU)
cdn.yc.level.travel
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
conversion.lvtv.me
Apex Domain
Subdomains		 Transfer
12 level.travel
api.level.travel
cdn.level.travel
cdn.yc.level.travel
579 KB
9 newyeartrips.ru
newyeartrips.ru
700 KB
3 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3406
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286
48 KB
2 travelpayouts.com
c26.travelpayouts.com
www.travelpayouts.com — Cisco Umbrella Rank: 183331
19 KB
1 lvtv.me
conversion.lvtv.me
707 B
1 aviasales.com
static.aviasales.com — Cisco Umbrella Rank: 219517
14 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
7 KB
28 7
Domain Requested by
9 newyeartrips.ru newyeartrips.ru
7 api.level.travel 1 redirects newyeartrips.ru
4 cdn.yc.level.travel api.level.travel
cdn.yc.level.travel
2 stackpath.bootstrapcdn.com newyeartrips.ru
1 conversion.lvtv.me cdn.yc.level.travel
1 www.travelpayouts.com newyeartrips.ru
1 static.aviasales.com c26.travelpayouts.com
1 cdn.level.travel newyeartrips.ru
1 cdnjs.cloudflare.com newyeartrips.ru
1 c26.travelpayouts.com newyeartrips.ru
1 maxcdn.bootstrapcdn.com newyeartrips.ru
28 11

This site contains links to these domains. Also see Links.

Domain
www.travelpayouts.com
Subject Issuer Validity Valid
newyeartrips.ru
R3		 2024-04-13 -
2024-07-12		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh
travelpayouts.com
R3		 2024-04-21 -
2024-07-20		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
aviasales.com
Amazon RSA 2048 M03		 2023-12-24 -
2025-01-22		 a year crt.sh
level.travel
R3		 2024-05-26 -
2024-08-24		 3 months crt.sh
cdn.yc.level.travel
E1		 2024-05-03 -
2024-08-01		 3 months crt.sh
lvtv.me
E1		 2024-05-05 -
2024-08-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://newyeartrips.ru/
Frame ID: B70658F77FE8FF161858846B90BBEA8C
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Туры на Новый год 2019

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

96 %
HTTPS

44 %
IPv6

7
Domains

11
Subdomains

10
IPs

4
Countries

1380 kB
Transfer

3106 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://api.level.travel/js/5.0/open_api.js HTTP 301
  • https://cdn.level.travel/5.0/open_api.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newyeartrips.ru/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx / MODX Revolution
Resource Hash
571a68696bd0f1155a3f6f8f3f9ca2a1ac2dbe864b4a1cacab504d7eef89ba29

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 20 Jun 2024 10:04:41 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
MODX Revolution
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 		138 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Origin
https://newyeartrips.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
752
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
03/18/2024 12:28:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9b28efb047454cc3f93ff8232c0e41ed
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
896aefa90fde3656-FRA
cdn-requestpullsuccess
True
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1078
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1093700
cdn-cachedat
03/18/2024 12:28:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
bb792bb28d99edb841becb492f8c9e34
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
896aefa90f208ec5-FRA
cdn-requestpullsuccess
True
style.css
newyeartrips.ru/assets/css/ 		108 B
275 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newyeartrips.ru/assets/css/style.css?v=0.001
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx /
Resource Hash
b425aaa5d2a34c7160d4a4747f0584aca7b64150d4037bf329cad149b1560f14

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:41 GMT
content-encoding
gzip
last-modified
Sat, 24 Mar 2018 19:26:39 GMT
server
nginx
etag
W/"5ab6a66f-6c"
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
1-qsrocb.jpg
newyeartrips.ru/assets/images/assets/images/fast_img/1/ 		10 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyeartrips.ru/assets/images/assets/images/fast_img/1/1-qsrocb.jpg
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx / MODX Revolution
Resource Hash
28877032b98dc9ec74467f05fc5cb4a72a3273f76fbf30ddb47cbe9ebd64ad69

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 10:04:43 GMT
content-encoding
gzip
server
nginx
x-powered-by
MODX Revolution
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
nwtour1_1.jpg
newyeartrips.ru/assets/images/assets/uploads/ 		219 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyeartrips.ru/assets/images/assets/uploads/nwtour1_1.jpg
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx /
Resource Hash
d9f27ecb2df892c8389631b5a6493dc3129f11fbc8454e4fe17ff37590a12240

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:41 GMT
last-modified
Tue, 23 Oct 2018 06:13:19 GMT
server
nginx
etag
"5bcebbff-36d0e"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
224526
expires
Thu, 31 Dec 2037 23:55:55 GMT
content
c26.travelpayouts.com/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c26.travelpayouts.com/content?promo_id=1150&shmarker=26226
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
301c31d730d021a73ab72033f202ad8e320520bef35fd540404a2ee9df9bc91f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:41 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=0
timing-allow-origin
*
x-promo-id
1150
x-robots-tag
noindex
x-request-id
316e6ce5c612dac0065b95b81ca73f80
nwtour2.jpg
newyeartrips.ru/assets/images/assets/uploads/ 		171 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyeartrips.ru/assets/images/assets/uploads/nwtour2.jpg
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx /
Resource Hash
d312ac44899a5b5f3d087e0fad467b60989076539be4740afb6375efa1ba85d0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:41 GMT
last-modified
Tue, 16 Oct 2018 17:09:04 GMT
server
nginx
etag
"5bc61b30-2ade7"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
175591
expires
Thu, 31 Dec 2037 23:55:55 GMT
734-u6v2ib.jpg
newyeartrips.ru/assets/images/fast_img/734/ 		207 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyeartrips.ru/assets/images/fast_img/734/734-u6v2ib.jpg
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx /
Resource Hash
a6920cfbb6fa93a641b4821cd8dd2f0165a1e65fdcfc8c13822c73a447a44b87

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:41 GMT
last-modified
Mon, 05 Nov 2018 06:49:11 GMT
server
nginx
etag
"5bdfe7e7-33d2e"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
212270
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.3.1.min.js
newyeartrips.ru/assets/js/ 		85 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newyeartrips.ru/assets/js/jquery-3.3.1.min.js
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:41 GMT
content-encoding
gzip
last-modified
Wed, 07 Mar 2018 20:06:16 GMT
server
nginx
etag
W/"5aa04638-1538f"
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Origin
https://newyeartrips.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1094478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6451
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4f71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B3trrgX49gDUCMSsZJooY3XWke25kmE4L6YiIhav96PJYCdBmUQ%2BoUFYBbtv6ZtxBIKmv%2FzoebRPdufzzFirTfdStzfZE54kUcjJ1xPJngjqQIJT9BFCXf8AHiperOjhPs3K7W3U"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
896aefa96924976a-FRA
expires
Tue, 10 Jun 2025 10:04:41 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Origin
https://newyeartrips.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
1078
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
03/18/2024 12:13:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"67176c242e1bdc20603c878dee836df3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a24f9f35006796fedfcb2c4afe1e07c8
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
896aefa90fd73656-FRA
cdn-requestpullsuccess
True
script.js
newyeartrips.ru/assets/js/ 		146 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newyeartrips.ru/assets/js/script.js
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx /
Resource Hash
a56e0040c040bb2ce5b1d64d14ba1873104ad3eebd5e09d3e6954cfcb514d26d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:41 GMT
content-encoding
gzip
last-modified
Wed, 07 Mar 2018 20:59:50 GMT
server
nginx
etag
W/"5aa052c6-92"
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
open_api.js
cdn.level.travel/5.0/
Redirect Chain
  • https://api.level.travel/js/5.0/open_api.js
  • https://cdn.level.travel/5.0/open_api.js
2 MB
459 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.level.travel/5.0/open_api.js
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Server
2600:9000:2104:0:1f:1dd0:f700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b5d42a173daf57cdd8f1be562ea25b4ebb42753a2d755dc5f0d70ea04249487

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://newyeartrips.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 20 Jun 2024 10:00:56 GMT
content-encoding
gzip
via
1.1 cc03ea6a31b592e93e84115778cdc494.cloudfront.net (CloudFront)
last-modified
Tue, 07 Feb 2023 12:51:28 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
367
x-amz-server-side-encryption
AES256
etag
W/"b954be18d8b90cf6a545d73fbc5fb951"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
x-amz-cf-id
W_w8qm2CQraSeHEMPXfMRqzTA87lgngz6oLFO65sNkwrIoqCFSjwVQ==

Redirect headers

location
https://cdn.level.travel/5.0/open_api.js
date
Thu, 20 Jun 2024 10:04:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
896aefaa895592b3-FRA
content-type
text/html
sp.js
static.aviasales.com/snowplow/19.20.1/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.aviasales.com/snowplow/19.20.1/sp.js
Requested by
Host: c26.travelpayouts.com
URL: https://c26.travelpayouts.com/content?promo_id=1150&shmarker=26226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-98.ams1.r.cloudfront.net
Software
/
Resource Hash
5b7961e43ba73a1ec7a400060934040077aef584ce1a6ab0185d9c41ce029d32

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jul 2023 23:36:42 GMT
content-encoding
gzip
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
last-modified
Wed, 03 May 2023 09:21:11 GMT
x-amz-cf-pop
AMS1-C1
age
28463280
etag
W/"56c168eae5c685d285eeaf940c1f21d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
RDVjt14h-LkJsXmA7UKe0QJqQYaFAI6B8MK7LXKh-LA4XLTwmCUe-w==
tp.png
www.travelpayouts.com/powered_by/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelpayouts.com/powered_by/img/tp.png
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:41 GMT
last-modified
Mon, 13 Nov 2023 11:56:56 GMT
server
nginx
content-type
image/png
cache-control
no-store, no-cache
accept-ranges
bytes
x-robots-tag
noindex
content-length
3584
x-request-id
1a7916c4db71bf532326f044f0ee7bf7
info
api.level.travel/partner/ 		250 B
923 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.level.travel/partner/info?api_version=3&key=7ed89029e820078cdfe4c5d704cca698&js=true&ltev=0.1.4&sign=9986d70e26a7d89a197e8f3944c2f91b
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/assets/js/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:989 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dad1d7ee0051f6eb5992785940968d7d612eef19cb802d8805ad0509edd34adc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
text/plain, */*; q=0.01
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:42 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-length
250
x-xss-protection
1; mode=block
x-request-id
98416c233e382bde2e9f7d10cafabced
x-runtime
0.097670
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"dad1d7ee0051f6eb5992785940968d7d"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
1000
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
text/aes; charset=utf-8
access-control-allow-origin
https://newyeartrips.ru
access-control-expose-headers
WWW-Authenticate
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
vary
Origin
cf-ray
896aefafaea692b3-FRA
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Requested-With, sentry-trace, baggage
leveltravel.css
cdn.yc.level.travel/5.0/stylesheets/widgets/search_widget/ 		57 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.yc.level.travel/5.0/stylesheets/widgets/search_widget/leveltravel.css?v=1718877882819
Requested by
Host: api.level.travel
URL: https://api.level.travel/js/5.0/open_api.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
943193352490b5303717c9ccc956fff2c1d9773dac3e0b73be9a90b09653dd60

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:43 GMT
via
1.1 4ded1750dc7e0bef188a5520fb9fef28.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
ARN56-P1
age
67
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-node
rst-up-gc4
last-modified
Tue, 07 Feb 2023 12:51:28 GMT
server
nginx
etag
W/"38f8614e575ae5c35c07f4d38b96c04e"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cache
MISS
x-amz-cf-id
vn5tCsu7g3qGuwc2mTUKIQihYfIiVUtD-iOKaTTYyQONJecHBEkC0Q==
expires
Thu, 20 Jun 2024 14:04:43 GMT
widget_base.css
cdn.yc.level.travel/5.0/stylesheets/ 		40 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.yc.level.travel/5.0/stylesheets/widget_base.css?v=1718877882821
Requested by
Host: api.level.travel
URL: https://api.level.travel/js/5.0/open_api.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
ff4e3cc74a0796cd0b5679fe7de5507703cd4793c9f657328f36a6b0b970dd30

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:43 GMT
via
1.1 abe7c423e3f506d9a86c5f57fbc5a762.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
ARN56-P1
age
226
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-node
rst-up-gc12
last-modified
Tue, 07 Feb 2023 12:51:28 GMT
server
nginx
etag
W/"2d4136f7a37e3b5715315ac93a3bcfea"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cache
MISS
x-amz-cf-id
Yw6ahgqlH63hTaSoZDbvdswMgalG6tv7e128ZNHMUo-wReaBKavUww==
expires
Thu, 20 Jun 2024 14:04:43 GMT
tracker.js
cdn.yc.level.travel/tracker/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yc.level.travel/tracker/tracker.js
Requested by
Host: api.level.travel
URL: https://api.level.travel/js/5.0/open_api.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
bc020cfeec69d6106de73c718c4532be7bbc963a2dc8b6d5fe91b470f95fb7dc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:43 GMT
via
1.1 09dea2dd1c87c8c74fd1d2996f20ec2c.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
OTP50-C1
age
105
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-cached-since
2024-06-20T05:55:31+00:00
x-node
rst-up-gc4
last-modified
Thu, 18 May 2023 13:48:11 GMT
server
nginx
etag
W/"01781ecf4eba9787149f9efe31e28450"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cache
HIT
x-amz-cf-id
Us2XbiKwHKvYqW2LrSMV6QKHccrbYrIrli-hXAkULAg-CqjqXSMWzA==
expires
Thu, 20 Jun 2024 14:04:43 GMT
track
conversion.lvtv.me/ 		48 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://conversion.lvtv.me/track
Requested by
Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/tracker/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba714b2635f0849ff937188882682ee56e072f8f7ab6e235ec1dba3556cd0f80
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 20 Jun 2024 10:04:43 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
73
x-request-id
6986ef8b15ed5c37244a1cb12719f7ea
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a153a53KYgOSSdAq4y3IwmcHb%2FwlCNn6cc8lQWq93%2BK%2FDfzMcD2INPLW2fXvIgwnpso%2FcW8Wtsv8lWd9sya1kGney81mbR7Ifil5lYRGRAI%2BRE06MF1J1%2Ba02X3KGtlSXVxZ5u9lmPYvxk2S1Aob6J4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newyeartrips.ru
access-control-expose-headers
*, Authorization, X-Authorization
access-control-allow-credentials
true
cf-ray
896aefb42a2139d3-FRA
countries
api.level.travel/references/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.level.travel/references/countries?api_version=3&key=7ed89029e820078cdfe4c5d704cca698&js=true&ltev=0.1.4&sign=c49b4ae93b28033cb35c29e292ad315b
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/assets/js/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:989 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee88fe39c861671e9dc7cd06d47ad4293bcba9f3839e5b5e0dd41b5f734d893
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
text/plain, */*; q=0.01
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-length
4038
x-xss-protection
1; mode=block
x-request-id
80ba236fe79035dc3fbb2c1cf3cc1c28
x-runtime
0.075947
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"aee88fe39c861671e9dc7cd06d47ad42"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
1000
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
text/aes; charset=utf-8
access-control-allow-origin
https://newyeartrips.ru
access-control-expose-headers
WWW-Authenticate
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
vary
Origin
cf-ray
896aefb3db6692b3-FRA
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Requested-With, sentry-trace, baggage
autocomplete
api.level.travel/references/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.level.travel/references/autocomplete?destinations=true&api_version=3&key=7ed89029e820078cdfe4c5d704cca698&js=true&ltev=0.1.4&sign=14f3bb93a406fd569ded812dc9d54a08
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/assets/js/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:989 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ede1898d7b0b2cf5311243e82673202f161414c318db9c0ad9bc8ba23d65a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
text/plain, */*; q=0.01
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-length
2386
x-xss-protection
1; mode=block
x-request-id
977e357bd54aedb7a56a1e4d22d3266d
x-runtime
0.045314
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"9ede1898d7b0b2cf5311243e82673202"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
1000
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
text/aes; charset=utf-8
access-control-allow-origin
https://newyeartrips.ru
access-control-expose-headers
WWW-Authenticate
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
vary
Origin
cf-ray
896aefb3db6d92b3-FRA
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Requested-With, sentry-trace, baggage
departures
api.level.travel/references/ 		10 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.level.travel/references/departures?api_version=3&key=7ed89029e820078cdfe4c5d704cca698&js=true&ltev=0.1.4&sign=d110a9b51b7d3f7729c5976e9359fbae
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/assets/js/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:989 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cc423ba8ec5fcd28f033aed4637c05d11ff11213970a56de5f2a1bb3bca738f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
text/plain, */*; q=0.01
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-length
9826
x-xss-protection
1; mode=block
x-request-id
b5d8260778dd85985771bafdf785d36c
x-runtime
0.019029
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"9cc423ba8ec5fcd28f033aed4637c05d"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
1000
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
text/aes; charset=utf-8
access-control-allow-origin
https://newyeartrips.ru
access-control-expose-headers
WWW-Authenticate
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
vary
Origin
cf-ray
896aefb41baf92b3-FRA
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Requested-With, sentry-trace, baggage
Backpack-Regular.woff2
cdn.yc.level.travel/fonts/backpack/2.004/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.yc.level.travel/fonts/backpack/2.004/Backpack-Regular.woff2
Requested by
Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/5.0/stylesheets/widget_base.css?v=1718877882821
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
fa83df65c1d49b28fe45cbb89379d9bf9ecc9a99457b7ddba7f4ff6b66c0371e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.yc.level.travel/5.0/stylesheets/widget_base.css?v=1718877882821
Origin
https://newyeartrips.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:43 GMT
via
1.1 a8de383ae0e22ed372880220fd20b198.cloudfront.net (CloudFront)
x-amz-cf-pop
ARN56-P1
age
42158
x-cache
Hit from cloudfront
x-cached-since
2024-06-20T03:39:16+00:00
content-length
61100
x-node
rst-up-gc8
last-modified
Mon, 05 Sep 2022 10:52:09 GMT
server
nginx
etag
"2615800d72f959f185ef4cff9e106c5c"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
cache
HIT
accept-ranges
bytes
x-amz-cf-id
uDeVpdmZUT65d-WCNLtGa16YzgUzuCTrbfiXnFrfq54ncSkJ90eE5Q==
expires
Thu, 20 Jun 2024 14:04:43 GMT
truncated
/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d5bb1884c84599d6210dde09b4a37a2abe9e48ea922481f5c2f6f1c3e281418

Request headers

Referer
Origin
https://newyeartrips.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/truetype
available_countries
api.level.travel/references/ 		70 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.level.travel/references/available_countries?city_from=&api_version=3&key=7ed89029e820078cdfe4c5d704cca698&js=true&ltev=0.1.4&sign=9f5661a7f22f5649934f16fe00ec6d9f
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/assets/js/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:989 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c02232f61e12639a03337399fde7b91a6330d106d3309724c1332e1bdbfb83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
text/plain, */*; q=0.01
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-length
70
x-xss-protection
1; mode=block
x-request-id
07f4fe11724954e24a5ba81e64bc7b4c
x-runtime
0.022783
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"1c02232f61e12639a03337399fde7b91"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
1000
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
text/aes; charset=utf-8
access-control-allow-origin
https://newyeartrips.ru
access-control-expose-headers
WWW-Authenticate
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
vary
Origin
cf-ray
896aefb49c7592b3-FRA
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Requested-With, sentry-trace, baggage
available_countries
api.level.travel/references/ 		250 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.level.travel/references/available_countries?city_from=Moscow&api_version=3&key=7ed89029e820078cdfe4c5d704cca698&js=true&ltev=0.1.4&sign=2ef3692282297422097b0bcdc55c3ce1
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/assets/js/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:989 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
370c8d11ffd5164e49776cfed364f8ef6c04fd15e9ee223042d07ee5dc8ca187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
text/plain, */*; q=0.01
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-length
250
x-xss-protection
1; mode=block
x-request-id
54f19b03903a199048ceb564e74ff073
x-runtime
0.026545
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"370c8d11ffd5164e49776cfed364f8ef"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
1000
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
text/aes; charset=utf-8
access-control-allow-origin
https://newyeartrips.ru
access-control-expose-headers
WWW-Authenticate
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
vary
Origin
cf-ray
896aefb5fde192b3-FRA
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Requested-With, sentry-trace, baggage
1-jd9ime.png
newyeartrips.ru/assets/images/fast_img/1/ 		63 KB
63 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://newyeartrips.ru/assets/images/fast_img/1/1-jd9ime.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx /
Resource Hash
addbab7fb38b3b50c2acbb6270f0f570cbc1bb5cee82e4831efe2e1e307b9a99

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 10:04:44 GMT
last-modified
Mon, 05 Nov 2018 06:26:35 GMT
server
nginx
etag
"5bdfe29b-fbcd"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
64461
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| ref number| len object| script string| src object| matches object| TP_POWERED_BY_SETTINGS object| match object| powered_by_wrapper string| promo_id number| prevIdIndex object| widget_wrapper object| LTApiInit object| TP_POWERED_BY object| GSN function| mamka object| TP_POWERED_BY_DATA function| $ function| jQuery function| Popper object| bootstrap object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| nacl object| pako function| md5 object| LTApi function| HitStorageTracker object| trackerWidget

3 Cookies

Domain/Path Name / Value
.newyeartrips.ru/ Name: PHPSESSID
Value: 2d8a96d6fef374ea19b2f1b51593eaa1
.newyeartrips.ru/ Name: _sp_ses.edc0
Value: *
.newyeartrips.ru/ Name: _sp_id.edc0
Value: 42db514d-0aef-46a3-b51d-3c27ce9f14c0.1718877882.1.1718877882.1718877882.ce77f857-8a72-44d1-ba95-ff969bbdc6fc

1 Console Messages

Source Level URL
Text
network error URL: https://newyeartrips.ru/assets/images/assets/images/fast_img/1/1-qsrocb.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.level.travel
c26.travelpayouts.com
cdn.level.travel
cdn.yc.level.travel
cdnjs.cloudflare.com
conversion.lvtv.me
maxcdn.bootstrapcdn.com
newyeartrips.ru
stackpath.bootstrapcdn.com
static.aviasales.com
www.travelpayouts.com
104.17.24.14
104.18.10.207
188.42.198.252
2600:9000:2104:0:1f:1dd0:f700:93a1
2606:4700:10::6816:989
2a06:98c1:3120::3
2a11:27c0::93
65.9.86.98
91.236.136.41
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c02232f61e12639a03337399fde7b91a6330d106d3309724c1332e1bdbfb83c
2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905
28877032b98dc9ec74467f05fc5cb4a72a3273f76fbf30ddb47cbe9ebd64ad69
2b5d42a173daf57cdd8f1be562ea25b4ebb42753a2d755dc5f0d70ea04249487
301c31d730d021a73ab72033f202ad8e320520bef35fd540404a2ee9df9bc91f
370c8d11ffd5164e49776cfed364f8ef6c04fd15e9ee223042d07ee5dc8ca187
3d5bb1884c84599d6210dde09b4a37a2abe9e48ea922481f5c2f6f1c3e281418
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
571a68696bd0f1155a3f6f8f3f9ca2a1ac2dbe864b4a1cacab504d7eef89ba29
5b7961e43ba73a1ec7a400060934040077aef584ce1a6ab0185d9c41ce029d32
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
943193352490b5303717c9ccc956fff2c1d9773dac3e0b73be9a90b09653dd60
9cc423ba8ec5fcd28f033aed4637c05d11ff11213970a56de5f2a1bb3bca738f
9ede1898d7b0b2cf5311243e82673202f161414c318db9c0ad9bc8ba23d65a4b
a56e0040c040bb2ce5b1d64d14ba1873104ad3eebd5e09d3e6954cfcb514d26d
a6920cfbb6fa93a641b4821cd8dd2f0165a1e65fdcfc8c13822c73a447a44b87
addbab7fb38b3b50c2acbb6270f0f570cbc1bb5cee82e4831efe2e1e307b9a99
aee88fe39c861671e9dc7cd06d47ad4293bcba9f3839e5b5e0dd41b5f734d893
b425aaa5d2a34c7160d4a4747f0584aca7b64150d4037bf329cad149b1560f14
ba714b2635f0849ff937188882682ee56e072f8f7ab6e235ec1dba3556cd0f80
bc020cfeec69d6106de73c718c4532be7bbc963a2dc8b6d5fe91b470f95fb7dc
d312ac44899a5b5f3d087e0fad467b60989076539be4740afb6375efa1ba85d0
d9f27ecb2df892c8389631b5a6493dc3129f11fbc8454e4fe17ff37590a12240
dad1d7ee0051f6eb5992785940968d7d612eef19cb802d8805ad0509edd34adc
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fa83df65c1d49b28fe45cbb89379d9bf9ecc9a99457b7ddba7f4ff6b66c0371e
ff4e3cc74a0796cd0b5679fe7de5507703cd4793c9f657328f36a6b0b970dd30