urlscan.io logo urlscan.io
SecurityTrails logo

newyeartrips.ru Open in urlscan Pro
91.236.136.41  Public Scan

Go To Rescan Add Verdict Report
URL: https://newyeartrips.ru/
Submission Tags: phishingrod
Submission: On April 13 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 7 domains to perform 28 HTTP transactions. The main IP is 91.236.136.41, located in Moscow, Russian Federation and belongs to WEBHOST1-AS, RU. The main domain is newyeartrips.ru.
TLS certificate: Issued by R3 on February 5th 2024. Valid for: 3 months.
This is the only time newyeartrips.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 91.236.136.41 44094 (WEBHOST1-AS)
2 104.18.11.207 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 172.255.224.36 7979 (SERVERS-COM)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
1 18.66.112.2 16509 (AMAZON-02)
4 2a11:27c0::93 210756 (EDGECENTE...)
1 188.114.96.3 13335 (CLOUDFLAR...)
28 11
9    91.236.136.41 (Moscow, Russian Federation)

ASN44094 (WEBHOST1-AS, RU)
PTR: s110.webhost1.ru
newyeartrips.ru
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    172.255.224.36 (Netherlands)

ASN7979 (SERVERS-COM, US)
c26.travelpayouts.com
www.travelpayouts.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    2606:4700:10::6816:989 (United States)

ASN13335 (CLOUDFLARENET, US)
api.level.travel
1    2600:9000:20eb:5200:1f:1dd0:f700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.level.travel
1    18.66.112.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-2.fra56.r.cloudfront.net
static.aviasales.com
4    2a11:27c0::93 (Russian Federation)

ASN210756 (EDGECENTERLLC, RU)
cdn.yc.level.travel
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
conversion.lvtv.me
Apex Domain
Subdomains		 Transfer
12 level.travel
api.level.travel
cdn.level.travel
cdn.yc.level.travel
580 KB
9 newyeartrips.ru
newyeartrips.ru
700 KB
3 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3025
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1153
48 KB
2 travelpayouts.com
c26.travelpayouts.com
www.travelpayouts.com — Cisco Umbrella Rank: 171020
20 KB
1 lvtv.me
conversion.lvtv.me
660 B
1 aviasales.com
static.aviasales.com — Cisco Umbrella Rank: 206322
14 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 239
7 KB
28 7
Domain Requested by
9 newyeartrips.ru newyeartrips.ru
7 api.level.travel 1 redirects newyeartrips.ru
4 cdn.yc.level.travel api.level.travel
cdn.yc.level.travel
2 stackpath.bootstrapcdn.com newyeartrips.ru
1 conversion.lvtv.me cdn.yc.level.travel
1 www.travelpayouts.com newyeartrips.ru
1 static.aviasales.com c26.travelpayouts.com
1 cdn.level.travel newyeartrips.ru
1 cdnjs.cloudflare.com newyeartrips.ru
1 c26.travelpayouts.com newyeartrips.ru
1 maxcdn.bootstrapcdn.com newyeartrips.ru
28 11

This site contains links to these domains. Also see Links.

Domain
www.travelpayouts.com
Subject Issuer Validity Valid
newyeartrips.ru
R3		 2024-02-05 -
2024-05-05		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
travelpayouts.com
R3		 2024-02-21 -
2024-05-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
aviasales.com
Amazon RSA 2048 M03		 2023-12-24 -
2025-01-22		 a year crt.sh
level.travel
R3		 2024-03-07 -
2024-06-05		 3 months crt.sh
cdn.yc.level.travel
R3		 2024-03-04 -
2024-06-02		 3 months crt.sh
lvtv.me
E1		 2024-03-07 -
2024-06-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://newyeartrips.ru/
Frame ID: E1F4766CEFEBF53FFDF2C710DB4BB609
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Туры на Новый год 2019

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

96 %
HTTPS

40 %
IPv6

7
Domains

11
Subdomains

11
IPs

4
Countries

1380 kB
Transfer

3106 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://api.level.travel/js/5.0/open_api.js HTTP 301
  • https://cdn.level.travel/5.0/open_api.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newyeartrips.ru/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx / MODX Revolution
Resource Hash
c468cb06fc73f59625b6dece2a7595fd5e062a3b8dbfc3f5ebffa2a457245812

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 13 Apr 2024 11:50:47 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
MODX Revolution
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 		138 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Origin
https://newyeartrips.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
752
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
03/18/2024 12:28:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a54f6adb70329921e51416230f2b2c55
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
873b3d90f8c92c1e-FRA
cdn-requestpullsuccess
True
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1078
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1913718
cdn-cachedat
03/18/2024 12:28:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5e4d53437a90cba0ca0545e9504ae32b
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
873b3d90e9e992ab-FRA
cdn-requestpullsuccess
True
style.css
newyeartrips.ru/assets/css/ 		108 B
275 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newyeartrips.ru/assets/css/style.css?v=0.001
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx /
Resource Hash
b425aaa5d2a34c7160d4a4747f0584aca7b64150d4037bf329cad149b1560f14

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
content-encoding
gzip
last-modified
Sat, 24 Mar 2018 19:26:39 GMT
server
nginx
etag
W/"5ab6a66f-6c"
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
1-qsrocb.jpg
newyeartrips.ru/assets/images/assets/images/fast_img/1/ 		10 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyeartrips.ru/assets/images/assets/images/fast_img/1/1-qsrocb.jpg
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx / MODX Revolution
Resource Hash
28877032b98dc9ec74467f05fc5cb4a72a3273f76fbf30ddb47cbe9ebd64ad69

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 13 Apr 2024 11:50:48 GMT
content-encoding
gzip
server
nginx
x-powered-by
MODX Revolution
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
nwtour1_1.jpg
newyeartrips.ru/assets/images/assets/uploads/ 		219 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyeartrips.ru/assets/images/assets/uploads/nwtour1_1.jpg
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx /
Resource Hash
d9f27ecb2df892c8389631b5a6493dc3129f11fbc8454e4fe17ff37590a12240

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
last-modified
Tue, 23 Oct 2018 06:13:19 GMT
server
nginx
etag
"5bcebbff-36d0e"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
224526
expires
Thu, 31 Dec 2037 23:55:55 GMT
content
c26.travelpayouts.com/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c26.travelpayouts.com/content?promo_id=1150&shmarker=26226
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
f0cdd37fe2a4bd58e69629ff677792c1d9823f61843559159d2bff293604cf43

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=0
timing-allow-origin
*
x-promo-id
1150
x-robots-tag
noindex
x-request-id
ec1030d29fc5ef49c265c2f83953c5f0
nwtour2.jpg
newyeartrips.ru/assets/images/assets/uploads/ 		171 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyeartrips.ru/assets/images/assets/uploads/nwtour2.jpg
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx /
Resource Hash
d312ac44899a5b5f3d087e0fad467b60989076539be4740afb6375efa1ba85d0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
last-modified
Tue, 16 Oct 2018 17:09:04 GMT
server
nginx
etag
"5bc61b30-2ade7"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
175591
expires
Thu, 31 Dec 2037 23:55:55 GMT
734-u6v2ib.jpg
newyeartrips.ru/assets/images/fast_img/734/ 		207 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyeartrips.ru/assets/images/fast_img/734/734-u6v2ib.jpg
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx /
Resource Hash
a6920cfbb6fa93a641b4821cd8dd2f0165a1e65fdcfc8c13822c73a447a44b87

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
last-modified
Mon, 05 Nov 2018 06:49:11 GMT
server
nginx
etag
"5bdfe7e7-33d2e"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
212270
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.3.1.min.js
newyeartrips.ru/assets/js/ 		85 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newyeartrips.ru/assets/js/jquery-3.3.1.min.js
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
content-encoding
gzip
last-modified
Wed, 07 Mar 2018 20:06:16 GMT
server
nginx
etag
W/"5aa04638-1538f"
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Origin
https://newyeartrips.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1363695
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6451
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4f71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJNkj%2FWZtiV%2BBGsKVPhlvUPc7U6bzbf3e0FtB2KF6l7jEd7ONwiORL01gdk53ttjDbMfr8fLnYylAbN61T5F6nIickeaXnZ4EqLZMp5AXcgLz%2FqwXW53EtdiSMCCK2M3yK3j4wum"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
873b3d910a13997b-FRA
expires
Thu, 03 Apr 2025 11:50:47 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Origin
https://newyeartrips.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
1078
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
03/18/2024 12:13:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"67176c242e1bdc20603c878dee836df3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c94e1471b25523cc020662a42e656253
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
873b3d90f8c62c1e-FRA
cdn-requestpullsuccess
True
script.js
newyeartrips.ru/assets/js/ 		146 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newyeartrips.ru/assets/js/script.js
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx /
Resource Hash
a56e0040c040bb2ce5b1d64d14ba1873104ad3eebd5e09d3e6954cfcb514d26d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
content-encoding
gzip
last-modified
Wed, 07 Mar 2018 20:59:50 GMT
server
nginx
etag
W/"5aa052c6-92"
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
open_api.js
cdn.level.travel/5.0/
Redirect Chain
  • https://api.level.travel/js/5.0/open_api.js
  • https://cdn.level.travel/5.0/open_api.js
2 MB
459 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.level.travel/5.0/open_api.js
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Server
2600:9000:20eb:5200:1f:1dd0:f700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b5d42a173daf57cdd8f1be562ea25b4ebb42753a2d755dc5f0d70ea04249487

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://newyeartrips.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 11:48:19 GMT
content-encoding
gzip
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
last-modified
Tue, 07 Feb 2023 12:51:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
165
x-amz-server-side-encryption
AES256
etag
W/"b954be18d8b90cf6a545d73fbc5fb951"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
x-amz-cf-id
3d16xsJP-W_9JSAmbreVb0HaxrcL7Pxjo3vmAfprDExRj-IyZ-h3QQ==

Redirect headers

location
https://cdn.level.travel/5.0/open_api.js
date
Sat, 13 Apr 2024 11:50:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
873b3d91c8b24db4-FRA
content-type
text/html
sp.js
static.aviasales.com/snowplow/19.20.1/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.aviasales.com/snowplow/19.20.1/sp.js
Requested by
Host: c26.travelpayouts.com
URL: https://c26.travelpayouts.com/content?promo_id=1150&shmarker=26226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-2.fra56.r.cloudfront.net
Software
/
Resource Hash
5b7961e43ba73a1ec7a400060934040077aef584ce1a6ab0185d9c41ce029d32

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Jan 2024 01:29:02 GMT
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 07:57:47 GMT
x-amz-cf-pop
FRA56-P5
age
8245305
etag
W/"56c168eae5c685d285eeaf940c1f21d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
d4DaE6Jp-j7aq2_4AY_oEOa0RLYp4elKKzWBYO2x_baxTqsmqOZL3Q==
tp.png
www.travelpayouts.com/powered_by/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelpayouts.com/powered_by/img/tp.png
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
last-modified
Mon, 13 Nov 2023 11:56:56 GMT
server
nginx
content-type
image/png
cache-control
no-store, no-cache
accept-ranges
bytes
x-robots-tag
noindex
content-length
3584
x-request-id
f3c79ffb7be3dfaa7ab0f72017407e18
info
api.level.travel/partner/ 		250 B
922 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.level.travel/partner/info?api_version=3&key=7ed89029e820078cdfe4c5d704cca698&js=true&ltev=0.1.4&sign=9986d70e26a7d89a197e8f3944c2f91b
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/assets/js/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:989 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7409c647a5c89a150219beae28a0179ab1b97d516a41ee3d35d8ae30a964b21e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
text/plain, */*; q=0.01
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-length
250
x-xss-protection
1; mode=block
x-request-id
fee61119b21cb444be3f11d61140f637
x-runtime
0.077329
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7409c647a5c89a150219beae28a0179a"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
1000
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
text/aes; charset=utf-8
access-control-allow-origin
https://newyeartrips.ru
access-control-expose-headers
WWW-Authenticate
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
vary
Origin
cf-ray
873b3d934a234db4-FRA
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Requested-With, sentry-trace, baggage
leveltravel.css
cdn.yc.level.travel/5.0/stylesheets/widgets/search_widget/ 		57 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.yc.level.travel/5.0/stylesheets/widgets/search_widget/leveltravel.css?v=1713009047560
Requested by
Host: api.level.travel
URL: https://api.level.travel/js/5.0/open_api.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
943193352490b5303717c9ccc956fff2c1d9773dac3e0b73be9a90b09653dd60

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
via
1.1 ec7c49e0bdff8d2da026b54143deeec2.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
HEL51-P3
age
194
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-node
k12-up-gc14
last-modified
Tue, 07 Feb 2023 12:51:28 GMT
server
nginx
etag
W/"38f8614e575ae5c35c07f4d38b96c04e"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cache
MISS
x-amz-cf-id
9I4Fkl9TOZUfJU79iUm09AgPcKancE0h4F21K_Qqi76sRAJlqN6ltg==
expires
Sat, 13 Apr 2024 15:50:47 GMT
widget_base.css
cdn.yc.level.travel/5.0/stylesheets/ 		40 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.yc.level.travel/5.0/stylesheets/widget_base.css?v=1713009047560
Requested by
Host: api.level.travel
URL: https://api.level.travel/js/5.0/open_api.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
ff4e3cc74a0796cd0b5679fe7de5507703cd4793c9f657328f36a6b0b970dd30

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
via
1.1 3d5ba84de3473d9c2f73bbc0b77be730.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
HEL51-P3
age
152
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-node
k12-up-gc17
last-modified
Tue, 07 Feb 2023 12:51:28 GMT
server
nginx
etag
W/"2d4136f7a37e3b5715315ac93a3bcfea"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cache
MISS
x-amz-cf-id
MuritTrXlPZXmKwjiD4b4j-PW1VHZazlZvQYyJB6l0jXHiec4Oc4jA==
expires
Sat, 13 Apr 2024 15:50:47 GMT
tracker.js
cdn.yc.level.travel/tracker/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yc.level.travel/tracker/tracker.js
Requested by
Host: api.level.travel
URL: https://api.level.travel/js/5.0/open_api.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
bc020cfeec69d6106de73c718c4532be7bbc963a2dc8b6d5fe91b470f95fb7dc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
via
1.1 17b95fd669f8de6a2489250110d40b3e.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
HEL51-P3
age
258
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-cached-since
2024-04-09T12:56:31+00:00
x-node
k12-up-gc12
last-modified
Thu, 18 May 2023 13:48:11 GMT
server
nginx
etag
W/"01781ecf4eba9787149f9efe31e28450"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cache
HIT
x-amz-cf-id
KpY9M-C9qNjjEkK22jSctJCKtkVorbENDyaPzeAIh146N0caUMXD1w==
expires
Sat, 13 Apr 2024 15:50:47 GMT
track
conversion.lvtv.me/ 		48 B
660 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://conversion.lvtv.me/track
Requested by
Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/tracker/tracker.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
decd365cf58788f73d7a464567e46852f84261b13558a741b15e0cc175b4d80d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Apr 2024 11:50:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-request-id
d20fce2583045a424588c1692aaff199
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IpO9%2FELml2TnV5KrWi2Y%2FDke40%2F61n7zwnciSSv3xWqvFWAenSEwf3Z98bJlQDT3q3PJgM3BEGh9wQ0bEwMsAiJPhFY4d9U4OczDqYQgix6bHLvW2fpuQyehvKvq42dxT8FY51s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newyeartrips.ru
access-control-expose-headers
*, Authorization, X-Authorization
access-control-allow-credentials
true
cf-ray
873b3d958e0271d0-FRA
countries
api.level.travel/references/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.level.travel/references/countries?api_version=3&key=7ed89029e820078cdfe4c5d704cca698&js=true&ltev=0.1.4&sign=c49b4ae93b28033cb35c29e292ad315b
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/assets/js/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:989 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd7fed10f99de0fb501d8062f0a2534fc0e554e72632b7e41efdf92899da9f19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
text/plain, */*; q=0.01
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:47 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-length
4038
x-xss-protection
1; mode=block
x-request-id
e1d5e6fc22066197f0d8b9fda9e19f50
x-runtime
0.017607
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"fd7fed10f99de0fb501d8062f0a2534f"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
1000
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
text/aes; charset=utf-8
access-control-allow-origin
https://newyeartrips.ru
access-control-expose-headers
WWW-Authenticate
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
vary
Origin
cf-ray
873b3d956c934db4-FRA
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Requested-With, sentry-trace, baggage
autocomplete
api.level.travel/references/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.level.travel/references/autocomplete?destinations=true&api_version=3&key=7ed89029e820078cdfe4c5d704cca698&js=true&ltev=0.1.4&sign=14f3bb93a406fd569ded812dc9d54a08
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/assets/js/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:989 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31ce5baf465a979396a0dd186d112a9654c1c532a08afe9246b6528249db4f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
text/plain, */*; q=0.01
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:48 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-length
2338
x-xss-protection
1; mode=block
x-request-id
225bcc829d0f792513dbb58b087d7911
x-runtime
0.121759
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"31ce5baf465a979396a0dd186d112a96"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
1000
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
text/aes; charset=utf-8
access-control-allow-origin
https://newyeartrips.ru
access-control-expose-headers
WWW-Authenticate
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
vary
Origin
cf-ray
873b3d956c964db4-FRA
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Requested-With, sentry-trace, baggage
departures
api.level.travel/references/ 		10 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.level.travel/references/departures?api_version=3&key=7ed89029e820078cdfe4c5d704cca698&js=true&ltev=0.1.4&sign=d110a9b51b7d3f7729c5976e9359fbae
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/assets/js/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:989 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
175fa9452351b95c024b97d371dbe8ac1aff6251e975002d1060e4d475aa1778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
text/plain, */*; q=0.01
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:48 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-length
9826
x-xss-protection
1; mode=block
x-request-id
abfcb9034328b889460229e7be4f2126
x-runtime
0.022284
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"175fa9452351b95c024b97d371dbe8ac"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
1000
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
text/aes; charset=utf-8
access-control-allow-origin
https://newyeartrips.ru
access-control-expose-headers
WWW-Authenticate
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
vary
Origin
cf-ray
873b3d957ca94db4-FRA
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Requested-With, sentry-trace, baggage
Backpack-Regular.woff2
cdn.yc.level.travel/fonts/backpack/2.004/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.yc.level.travel/fonts/backpack/2.004/Backpack-Regular.woff2
Requested by
Host: cdn.yc.level.travel
URL: https://cdn.yc.level.travel/5.0/stylesheets/widget_base.css?v=1713009047560
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
fa83df65c1d49b28fe45cbb89379d9bf9ecc9a99457b7ddba7f4ff6b66c0371e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdn.yc.level.travel/5.0/stylesheets/widget_base.css?v=1713009047560
Origin
https://newyeartrips.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:48 GMT
via
1.1 96f166bd4fe3e2e4ce9b6362848307be.cloudfront.net (CloudFront)
x-amz-cf-pop
HEL51-P3
x-cache
Miss from cloudfront
x-cached-since
2024-04-11T07:29:11+00:00
x-node
m9-up-gc90
content-length
61100
last-modified
Mon, 05 Sep 2022 10:52:09 GMT
server
nginx
etag
"2615800d72f959f185ef4cff9e106c5c"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
cache
HIT
accept-ranges
bytes
x-amz-cf-id
7zCCCm9261Zdqjzy6srKZttF9VQuHQ-9UbcND1T31IfbcIh_IG_R5g==
expires
Sat, 13 Apr 2024 15:50:48 GMT
truncated
/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d5bb1884c84599d6210dde09b4a37a2abe9e48ea922481f5c2f6f1c3e281418

Request headers

Referer
Origin
https://newyeartrips.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
font/truetype
available_countries
api.level.travel/references/ 		70 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.level.travel/references/available_countries?city_from=&api_version=3&key=7ed89029e820078cdfe4c5d704cca698&js=true&ltev=0.1.4&sign=9f5661a7f22f5649934f16fe00ec6d9f
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/assets/js/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:989 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90bf3287643a905b7cbe2ab4a93c40ef7dc2496e879a0a24c847a198f903f0e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
text/plain, */*; q=0.01
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:48 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-length
70
x-xss-protection
1; mode=block
x-request-id
03d354bbcd82b20880eecc213538a3f6
x-runtime
0.014600
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"90bf3287643a905b7cbe2ab4a93c40ef"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
1000
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
text/aes; charset=utf-8
access-control-allow-origin
https://newyeartrips.ru
access-control-expose-headers
WWW-Authenticate
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
vary
Origin
cf-ray
873b3d959cbd4db4-FRA
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Requested-With, sentry-trace, baggage
available_countries
api.level.travel/references/ 		250 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.level.travel/references/available_countries?city_from=Moscow&api_version=3&key=7ed89029e820078cdfe4c5d704cca698&js=true&ltev=0.1.4&sign=2ef3692282297422097b0bcdc55c3ce1
Requested by
Host: newyeartrips.ru
URL: https://newyeartrips.ru/assets/js/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:989 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
092e0d102b17c51da1491e1d3a6865db875ad99c32f86f8d86f934d5d5b12c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
text/plain, */*; q=0.01
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:48 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-length
250
x-xss-protection
1; mode=block
x-request-id
841e8f141f75b70f5237877f8b70d961
x-runtime
0.116055
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"092e0d102b17c51da1491e1d3a6865db"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
1000
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
text/aes; charset=utf-8
access-control-allow-origin
https://newyeartrips.ru
access-control-expose-headers
WWW-Authenticate
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
vary
Origin
cf-ray
873b3d963d5c4db4-FRA
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Requested-With, sentry-trace, baggage
1-jd9ime.png
newyeartrips.ru/assets/images/fast_img/1/ 		63 KB
63 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://newyeartrips.ru/assets/images/fast_img/1/1-jd9ime.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.136.41 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s110.webhost1.ru
Software
nginx /
Resource Hash
addbab7fb38b3b50c2acbb6270f0f570cbc1bb5cee82e4831efe2e1e307b9a99

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newyeartrips.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 11:50:48 GMT
last-modified
Mon, 05 Nov 2018 06:26:35 GMT
server
nginx
etag
"5bdfe29b-fbcd"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
64461
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ref number| len object| script string| src object| matches object| TP_POWERED_BY_SETTINGS object| match object| powered_by_wrapper string| promo_id number| prevIdIndex object| widget_wrapper object| LTApiInit object| TP_POWERED_BY object| GSN function| mamka object| TP_POWERED_BY_DATA function| $ function| jQuery function| Popper object| bootstrap object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| nacl object| pako function| md5 object| LTApi function| HitStorageTracker object| trackerWidget

3 Cookies

Domain/Path Name / Value
.newyeartrips.ru/ Name: PHPSESSID
Value: ef72cc8363521b1f05dde716b3679c05
.newyeartrips.ru/ Name: _sp_ses.edc0
Value: *
.newyeartrips.ru/ Name: _sp_id.edc0
Value: ce6c4b9d-8615-4336-850b-2bd292b567b8.1713009047.1.1713009047.1713009047.dd6a876b-8f92-4f1e-8239-d0170fe3cc6b

1 Console Messages

Source Level URL
Text
network error URL: https://newyeartrips.ru/assets/images/assets/images/fast_img/1/1-qsrocb.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.level.travel
c26.travelpayouts.com
cdn.level.travel
cdn.yc.level.travel
cdnjs.cloudflare.com
conversion.lvtv.me
maxcdn.bootstrapcdn.com
newyeartrips.ru
stackpath.bootstrapcdn.com
static.aviasales.com
www.travelpayouts.com
104.17.24.14
104.18.11.207
172.255.224.36
18.66.112.2
188.114.96.3
2600:9000:20eb:5200:1f:1dd0:f700:93a1
2606:4700:10::6816:989
2606:4700::6812:bcf
2a11:27c0::93
91.236.136.41
092e0d102b17c51da1491e1d3a6865db875ad99c32f86f8d86f934d5d5b12c38
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
175fa9452351b95c024b97d371dbe8ac1aff6251e975002d1060e4d475aa1778
2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905
28877032b98dc9ec74467f05fc5cb4a72a3273f76fbf30ddb47cbe9ebd64ad69
2b5d42a173daf57cdd8f1be562ea25b4ebb42753a2d755dc5f0d70ea04249487
31ce5baf465a979396a0dd186d112a9654c1c532a08afe9246b6528249db4f64
3d5bb1884c84599d6210dde09b4a37a2abe9e48ea922481f5c2f6f1c3e281418
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5b7961e43ba73a1ec7a400060934040077aef584ce1a6ab0185d9c41ce029d32
7409c647a5c89a150219beae28a0179ab1b97d516a41ee3d35d8ae30a964b21e
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
90bf3287643a905b7cbe2ab4a93c40ef7dc2496e879a0a24c847a198f903f0e4
943193352490b5303717c9ccc956fff2c1d9773dac3e0b73be9a90b09653dd60
a56e0040c040bb2ce5b1d64d14ba1873104ad3eebd5e09d3e6954cfcb514d26d
a6920cfbb6fa93a641b4821cd8dd2f0165a1e65fdcfc8c13822c73a447a44b87
addbab7fb38b3b50c2acbb6270f0f570cbc1bb5cee82e4831efe2e1e307b9a99
b425aaa5d2a34c7160d4a4747f0584aca7b64150d4037bf329cad149b1560f14
bc020cfeec69d6106de73c718c4532be7bbc963a2dc8b6d5fe91b470f95fb7dc
c468cb06fc73f59625b6dece2a7595fd5e062a3b8dbfc3f5ebffa2a457245812
d312ac44899a5b5f3d087e0fad467b60989076539be4740afb6375efa1ba85d0
d9f27ecb2df892c8389631b5a6493dc3129f11fbc8454e4fe17ff37590a12240
decd365cf58788f73d7a464567e46852f84261b13558a741b15e0cc175b4d80d
f0cdd37fe2a4bd58e69629ff677792c1d9823f61843559159d2bff293604cf43
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fa83df65c1d49b28fe45cbb89379d9bf9ecc9a99457b7ddba7f4ff6b66c0371e
fd7fed10f99de0fb501d8062f0a2534fc0e554e72632b7e41efdf92899da9f19
ff4e3cc74a0796cd0b5679fe7de5507703cd4793c9f657328f36a6b0b970dd30