urlscan.io logo urlscan.io
SecurityTrails logo

www.flylevel.com Open in urlscan Pro
2a02:26f0:3500:892::2c9e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.flylevel.com/
Effective URL: https://www.flylevel.com/
Submission: On July 11 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 68 IPs in 10 countries across 52 domains to perform 161 HTTP transactions. The main IP is 2a02:26f0:3500:892::2c9e, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.flylevel.com. The Cisco Umbrella rank of the primary domain is 323214.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 1st 2023. Valid for: a year.
This is the only time www.flylevel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 65.9.66.103 16509 (AMAZON-02)
28 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a02:2638:d::10 44788 (ASN-CRITE...)
5 3.124.173.63 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
5 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 7 2a02:2638:d::d 44788 (ASN-CRITE...)
2 2620:1ec:48:1... 8075 (MICROSOFT...)
2 178.250.7.13 44788 (ASN-CRITE...)
1 178.250.7.11 44788 (ASN-CRITE...)
2 2a03:2880:f17... 32934 (FACEBOOK)
3 20.119.174.243 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 2 142.250.185.166 15169 (GOOGLE)
10 34.251.122.47 16509 (AMAZON-02)
1 2 3.66.200.156 16509 (AMAZON-02)
1 1 172.217.18.2 15169 (GOOGLE)
2 178.250.1.9 44788 (ASN-CRITE...)
2 3 185.89.210.46 29990 (ASN-APPNEX)
1 2 185.89.210.90 29990 (ASN-APPNEX)
1 88.221.168.23 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 3.65.73.149 16509 (AMAZON-02)
1 185.86.138.155 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 104.102.35.84 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
1 3.71.149.231 16509 (AMAZON-02)
1 37.157.4.25 198622 (ADFORM)
1 185.255.84.153 200271 (IGUANE-)
1 2 185.80.39.216 27381 (CASALE-MEDIA)
1 2 99.81.14.86 16509 (AMAZON-02)
1 162.19.138.118 16276 (OVH)
1 2 54.72.234.196 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 18.192.135.227 16509 (AMAZON-02)
1 64.74.236.95 19024 (INTERNAP-...)
1 185.64.191.210 62713 (AS-PUBMATIC)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 23.218.209.78 16625 (AKAMAI-AS)
1 34.252.87.220 16509 (AMAZON-02)
1 18.184.162.173 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.117.98.198 396982 (GOOGLE-CL...)
1 52.16.150.30 16509 (AMAZON-02)
1 6 185.184.8.90 204995 (RTB-HOUSE...)
1 2 95.163.52.67 47764 (VK-AS)
1 2 34.117.176.229 396982 (GOOGLE-CL...)
1 1 178.170.196.176 208677 (SBERCLOUD-AS)
1 2a00:1148:db0... 47764 (VK-AS)
1 3.129.79.137 16509 (AMAZON-02)
5 35.241.246.102 396982 (GOOGLE-CL...)
161 68
16    2a02:26f0:3500:892::2c9e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.flylevel.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    65.9.66.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-103.fra56.r.cloudfront.net
nexus.ensighten.com
28    2a02:26f0:1700:799::2c9e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static.flylevel.com
staticms.flylevel.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
1    2606:4700::6810:9919 (United States)

ASN13335 (CLOUDFLARENET, US)
momentjs.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:480:980::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
684dd32d.akstat.io
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a02:26f0:3500:18::1724:a28d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p11.techlab-cdn.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a02:26f0:480:38d::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
2    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
3    2a02:2638:d::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
5    3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
data.privacy.ensighten.com
1    2606:4700:10::6816:34fc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.quantummetric.com
2    2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2620:1ec:48:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
2    2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
r.clarity.ms
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
2    142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
12334432.fls.doubleclick.net
10    34.251.122.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-122-47.eu-west-1.compute.amazonaws.com
api.flocktory.com
2    3.66.200.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-200-156.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
cm.g.doubleclick.net
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    3.65.73.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-73-149.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
1    104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
r.casalemedia.com
2    99.81.14.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-14-86.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
2    54.72.234.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-234-196.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    18.192.135.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-135-227.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    64.74.236.95 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
sync.outbrain.com
1    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2600:1f18:612b:4200:614d:4b11:6297:e906 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    23.218.209.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-78.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    34.252.87.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-87-220.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    18.184.162.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-162-173.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    34.117.98.198 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 198.98.117.34.bc.googleusercontent.com
tags.creativecdn.com
1    52.16.150.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-150-30.eu-west-1.compute.amazonaws.com
beacon.krxd.net
6    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
ams.creativecdn.com
fledge-eu.creativecdn.com
2    95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
2    34.117.176.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.176.117.34.bc.googleusercontent.com
wf.frontend.weborama.fr
1    178.170.196.176 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr13.segmento.ru
tag.rutarget.ru
1    2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)
ad.mail.ru
1    3.129.79.137 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-79-137.us-east-2.compute.amazonaws.com
s.thebrighttag.com
5    35.241.246.102 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 102.246.241.35.bc.googleusercontent.com
level-app.quantummetric.com
Apex Domain
Subdomains		 Transfer
44 flylevel.com
www.flylevel.com — Cisco Umbrella Rank: 323214
static.flylevel.com
staticms.flylevel.com
1 MB
15 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 3367
gum.criteo.com — Cisco Umbrella Rank: 405
mug.criteo.com — Cisco Umbrella Rank: 2102
sslwidget.criteo.com — Cisco Umbrella Rank: 1751
dis.criteo.com — Cisco Umbrella Rank: 608
66 KB
10 flocktory.com
api.flocktory.com — Cisco Umbrella Rank: 83459
77 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 10
region1.analytics.google.com — Cisco Umbrella Rank: 2556
adservice.google.com — Cisco Umbrella Rank: 113
1 KB
7 creativecdn.com
tags.creativecdn.com — Cisco Umbrella Rank: 7631
ams.creativecdn.com — Cisco Umbrella Rank: 10656
fledge-eu.creativecdn.com — Cisco Umbrella Rank: 13667
5 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1040
r.clarity.ms — Cisco Umbrella Rank: 9123
c.clarity.ms — Cisco Umbrella Rank: 1589
23 KB
7 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 3097
data.privacy.ensighten.com — Cisco Umbrella Rank: 8355
75 KB
6 quantummetric.com
cdn.quantummetric.com — Cisco Umbrella Rank: 1918
level-app.quantummetric.com — Cisco Umbrella Rank: 886342
84 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
12334432.fls.doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
4 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
secure.adnxs.com — Cisco Umbrella Rank: 469
4 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
22 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 390
c.bing.com — Cisco Umbrella Rank: 258
15 KB
4 techlab-cdn.com
p11.techlab-cdn.com — Cisco Umbrella Rank: 2723
59 KB
3 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 8455
ad.mail.ru — Cisco Umbrella Rank: 9416
2 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 4752
625 B
2 weborama.fr
wf.frontend.weborama.fr — Cisco Umbrella Rank: 56377
652 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 670
876 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 218
2 KB
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1573
2 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 359
879 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
239 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
151 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1293
c.go-mpulse.net — Cisco Umbrella Rank: 579
50 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
195 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
2 KB
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2046
268 B
1 akstat.io
684dd32d.akstat.io — Cisco Umbrella Rank: 64628
357 B
1 rutarget.ru
tag.rutarget.ru — Cisco Umbrella Rank: 112214
598 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 620
338 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 6861
44 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2245
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 3886
400 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 26095
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2505
399 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 797
577 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 778
145 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1226
884 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2951
274 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 423
1 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1006
236 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1276
163 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 338
125 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 422
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2136
163 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1321
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623
163 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 566
363 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 374
239 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 675
793 B
1 gstatic.com
fonts.gstatic.com
35 KB
1 momentjs.com
momentjs.com — Cisco Umbrella Rank: 29827
75 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1191
50 KB
161 52
Domain Requested by
21 static.flylevel.com www.flylevel.com
static.flylevel.com
16 www.flylevel.com 1 redirects www.flylevel.com
10 api.flocktory.com www.flylevel.com
7 gum.criteo.com 5 redirects www.flylevel.com
dynamic.criteo.com
7 staticms.flylevel.com www.flylevel.com
5 level-app.quantummetric.com www.flylevel.com
5 ams.creativecdn.com 1 redirects tags.creativecdn.com
5 region1.analytics.google.com www.flylevel.com
5 data.privacy.ensighten.com www.flylevel.com
5 www.google-analytics.com www.flylevel.com
4 p11.techlab-cdn.com www.flylevel.com
3 ib.adnxs.com 2 redirects
3 r.clarity.ms www.flylevel.com
3 dynamic.criteo.com www.flylevel.com
12334432.fls.doubleclick.net
3 bat.bing.com www.flylevel.com
3 www.google.de www.flylevel.com
2 wf.frontend.weborama.fr 1 redirects www.flylevel.com
2 top-fwz1.mail.ru 1 redirects www.flylevel.com
2 ad.360yield.com 1 redirects
2 dpm.demdex.net 1 redirects
2 r.casalemedia.com 1 redirects
2 secure.adnxs.com 1 redirects
2 dis.criteo.com
2 x.bidswitch.net 1 redirects
2 12334432.fls.doubleclick.net 1 redirects www.flylevel.com
2 c.clarity.ms 1 redirects
2 www.facebook.com www.flylevel.com
2 mug.criteo.com www.flylevel.com
2 www.clarity.ms www.flylevel.com
2 stats.g.doubleclick.net www.flylevel.com
2 connect.facebook.net www.flylevel.com
2 www.google.com www.flylevel.com
2 www.googletagmanager.com www.flylevel.com
2 nexus.ensighten.com www.flylevel.com
2 fonts.googleapis.com www.flylevel.com
1 fledge-eu.creativecdn.com tags.creativecdn.com
1 s.thebrighttag.com
1 684dd32d.akstat.io www.flylevel.com
1 ad.mail.ru www.flylevel.com
1 tag.rutarget.ru 1 redirects
1 beacon.krxd.net
1 tags.creativecdn.com 12334432.fls.doubleclick.net
1 adservice.google.com 12334432.fls.doubleclick.net
1 e1.emxdgt.com
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 a.twiago.com
1 criteo-partners.tremorhub.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 exchange.mediavine.com
1 matching.ivitrack.com
1 id5-sync.com
1 visitor.omnitagjs.com
1 cm.adform.net
1 ups.analytics.yahoo.com
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 match.sharethrough.com
1 pixel.rubiconproject.com
1 contextual.media.net
1 cm.g.doubleclick.net 1 redirects
1 c.bing.com 1 redirects
1 sslwidget.criteo.com www.flylevel.com
1 cdn.quantummetric.com www.flylevel.com
1 c.go-mpulse.net s.go-mpulse.net
1 googleads.g.doubleclick.net www.flylevel.com
1 fonts.gstatic.com fonts.googleapis.com
1 s.go-mpulse.net www.flylevel.com
1 momentjs.com www.flylevel.com
1 www.googleoptimize.com www.flylevel.com
161 73

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
level.teamtailor.com
www.iberia.com
Subject Issuer Validity Valid
*.flylevel.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-01 -
2024-03-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-07 -
2023-10-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-28 -
2024-04-27		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
p11.techlab-cdn.com
R3		 2023-06-22 -
2023-09-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.privacy.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-03 -
2024-02-16		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-19 -
2023-07-18		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.flocktory.com
GlobalSign GCC R3 DV TLS CA 2020		 2023-07-04 -
2024-08-04		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
itm.ivitrack.com
R3		 2023-06-03 -
2023-09-01		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-12-29		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-15		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
tags.creativecdn.com
GTS CA 1D4		 2023-06-03 -
2023-09-01		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-11-19		 a year crt.sh
*.frontend.weborama.fr
Gandi Standard SSL CA 2		 2023-02-22 -
2024-03-24		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.quantummetric.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-18 -
2024-02-13		 a year crt.sh

This page contains 13 frames:

Primary Page: https://www.flylevel.com/
Frame ID: 2AB0F2DB79507EB904C4DF6116D4B0CE
Requests: 103 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/AQXBX-4FVLR-CZQ5W-2Q7A2-J2RVA
Frame ID: B47438D126EFC4FBB3F33E28D2CA1E94
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.flylevel.com&origin=onetag
Frame ID: 5C2D1B1ED60650D95D26339D2FB34667
Requests: 2 HTTP requests in this frame

Frame: https://12334432.fls.doubleclick.net/activityi;dc_pre=CP-m1dzthoADFVTJsgodSykE6g;src=12334432;type=level;cat=hpg_l0;ord=9335714534064;gtm=45He37a0;auiddc=1581496747.1689085471;u1=Pa%C3%ADsDE;u2=en;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.flylevel.com%2F
Frame ID: 8ED58425CB4B5BA779055075E4815C39
Requests: 7 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-SIkZr9snx2F3PcCB62KWzCff86qJsIru3dwidw&expires=30
Frame ID: 49AF6240EF205B3F1FF21B47DBCED281
Requests: 29 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.flylevel.com&origin=onetag
Frame ID: 543E601127E64DF534AB49E7DCFD403A
Requests: 2 HTTP requests in this frame

Frame: https://api.flocktory.com/v2/provider/provider.html
Frame ID: 632C0183AD579E1D340CAB0E52F31737
Requests: 1 HTTP requests in this frame

Frame: https://top-fwz1.mail.ru/counter2?id=2951107;pid=c8d97090-1a73-4d94-85195d83322a3230
Frame ID: 6680E2E02D26F2EB95946395B33CFA5E
Requests: 1 HTTP requests in this frame

Frame: https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22c8d97090-1a73-4d94-85195d83322a3230%22%7D&d.r=1689085472878&bounce=1&random=424968370
Frame ID: 7B4E81F75219C6BED610239265C6E7C0
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/cm.gif?p=34&id=OtKR8EtQuH2r
Frame ID: F1C375F895735011410E2C6C8D28AF59
Requests: 1 HTTP requests in this frame

Frame: https://fledge-eu.creativecdn.com/fledge-igmembership?ntk=p8jBOvAHrFpFvWJwY_pK_oWUpcdEBWUPUamSV19fxdex3s8tymnGT7KxpP2NmwalxVXo51Zw2poYLwbm0BImYg
Frame ID: 2B773E1CDDB024DECEEE60900A3451C6
Requests: 1 HTTP requests in this frame

Frame: https://ams.creativecdn.com/topics-membership?ntk=wEB1yR-tIhv8KeC9N1FJCX93UEQ4rICBYQrJ8LlrldgEKdyMt6QFmaQqtZPQNj-BmsKQ0uW6MXCiUhcFbaO2HA
Frame ID: AB2C51CD98984B8F77D6B9E93AE4BBF0
Requests: 1 HTTP requests in this frame

Frame: https://static.flylevel.com/content/level-home-critical.min.css?540920
Frame ID: 904A3AFD6C8ED0B15CCC958B831B5D76
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LEVEL | Airline Tickets and Fares - Search

Page URL History Show full URLs

  1. http://www.flylevel.com/ Page URL
  2. http://www.flylevel.com/ HTTP 301
    https://www.flylevel.com/ Page URL
  3. https://www.flylevel.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • materialize(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

161
Requests

90 %
HTTPS

38 %
IPv6

52
Domains

73
Subdomains

68
IPs

10
Countries

2044 kB
Transfer

6058 kB
Size

88
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.flylevel.com/ Page URL
  2. http://www.flylevel.com/ HTTP 301
    https://www.flylevel.com/ Page URL
  3. https://www.flylevel.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://www.flylevel.com/ HTTP 301
  • https://www.flylevel.com/
Request Chain 74
  • https://gum.criteo.com/sid/json?origin=onetag&domain=flylevel.com&sn=ChromeSyncframe&so=0&topUrl=www.flylevel.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Xs0ho3x2dFd0T3NQNUY1Tmk5bzVqTk9PWlZYSXFyZmd1U2NVWUFkUm9UeWtnSkxzUHk0YXdDV3JmdnZnWHZvWGJDLzd5YTREa0FrOWJWUTQza3h5MG0rWUowY3h2VTFtdFpHV0RqTWVFLzdseEN5RlRJd3hFSmxaZHpvVXRJRFluRHRvMm1ueUNvQ0JQb05xRE8ybTNnajJUQmJsYkhxaUl5ZGtpMS93WW9Odzd1a2ZrL3lCM2pPeUp6akhZNkx5M3A0VndlWTRVaWVBOWllSU82RWY5RGVZb09TL0FwSzAwVWlEUVVGaFVXUnZnTmF6WmxCdGMvQ2tvaGg2NHh3Q2xsM3R6cGRFSXhwVkJTQndOMWdwcWtnaytadz09fA&cppv=2
Request Chain 82
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=22E7BD8B9636465EAF908B56A86F634C&RedC=c.clarity.ms&MXFR=2C12148DFF646DD9253507C6FB6463F1 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=22E7BD8B9636465EAF908B56A86F634C&MUID=39C98F21FA2C6AC507C19C6AFB806B9C
Request Chain 84
  • https://12334432.fls.doubleclick.net/activityi;src=12334432;type=level;cat=hpg_l0;ord=9335714534064;gtm=45He37a0;auiddc=1581496747.1689085471;u1=Pa%C3%ADsDE;u2=en;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.flylevel.com%2F HTTP 302
  • https://12334432.fls.doubleclick.net/activityi;dc_pre=CP-m1dzthoADFVTJsgodSykE6g;src=12334432;type=level;cat=hpg_l0;ord=9335714534064;gtm=45He37a0;auiddc=1581496747.1689085471;u1=Pa%C3%ADsDE;u2=en;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.flylevel.com%2F
Request Chain 89
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-SIkZr9snx2F3PcCB62KWzCff86qJsIru3dwidw&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-SIkZr9snx2F3PcCB62KWzCff86qJsIru3dwidw&expires=30
Request Chain 90
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-eQPzPtsnx2F3PcCB62KWzCff86q53C0il2dwQg&google_cm&google_hm=ay1lUVB6UHRzbngyRjNQY0NCNjJLV3pDZmY4NnE1M0MwaWwyZHdRZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-eQPzPtsnx2F3PcCB62KWzCff86q53C0il2dwQg&google_gid=CAESEDjQRFP_4opL92Vl0ejn834&google_cver=1&google_ula=913071,0
Request Chain 91
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3587773970884077735
Request Chain 92
  • https://secure.adnxs.com/setuid?entity=52&code=k-cGG18Nsnx2F3PcCB62KWzCff86ry3u4Hh-OWvA HTTP 307
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-cGG18Nsnx2F3PcCB62KWzCff86ry3u4Hh-OWvA
Request Chain 103
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Z7JbStsnx2F3PcCB62KWzCff86r-GiaBWIt_pQ HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Z7JbStsnx2F3PcCB62KWzCff86r-GiaBWIt_pQ&C=1
Request Chain 104
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ztOWcCQMUgwOy61BwILsAy2nQvGpJnZD HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ztOWcCQMUgwOy61BwILsAy2nQvGpJnZD
Request Chain 106
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-hcR3atsnx2F3PcCB62KWzCff86rWKv0Cdy1TFg HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hcR3atsnx2F3PcCB62KWzCff86rWKv0Cdy1TFg
Request Chain 125
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=o3UZ6H_8uZg-45V4jaTLP-y3JMFnts-f
Request Chain 128
  • https://gum.criteo.com/sid/json?origin=onetag&domain=12334432.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=www.flylevel.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=FgZicHxGMFJlTXo4OXFybFQrekhZN0h2UTY3QkZzUEltYjRqRVowa0ZVdHJDdk5sRDc2dmVydktab0RQZWdGV00vZEgxUlJETzdwZklwM2ZVTmpiUFVIbzZUZmNnYXJhdGRKa2x6MnFqRnpDSFQ1Z1BhdEVubjlsTDVTanpobkdEZnFnVnZQSCtyN0drcC9UUmtFZHVyMGNoaVpNMHJaaHVsR2d2V2ovd1JjOVhCYlFlNEltaWJuRkU2d0Q2ZlE2cmZjUE1rUGtkYWMySnI1TmtheXZUTDNEUmZlV3pIdFhLY2hnaDRFRDk3bzJOTWI0UFYzeTgxUVp0a0I0TElQT1BTQXh4d0NGc1c5dXRNWVhJWlMxNEFoTVhJK1RlazBDeWFScHZ5ZGdlSmljcmxOM2dZUGYvZzdlZGVQenR1cnMzUnlPdXw&cppv=2
Request Chain 130
  • https://ams.creativecdn.com/tags/v2?type=json HTTP 307
  • https://ams.creativecdn.com/tags/v2?type=json&tc=1
Request Chain 134
  • https://top-fwz1.mail.ru/counter?id=2951107;pid=c8d97090-1a73-4d94-85195d83322a3230 HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=2951107;pid=c8d97090-1a73-4d94-85195d83322a3230
Request Chain 135
  • https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22c8d97090-1a73-4d94-85195d83322a3230%22%7D&d.r=1689085472878 HTTP 307
  • https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22c8d97090-1a73-4d94-85195d83322a3230%22%7D&d.r=1689085472878&bounce=1&random=424968370
Request Chain 136
  • https://tag.rutarget.ru/tag?event=sync&partner=flocktory&external_visitor_id=c8d97090-1a73-4d94-85195d83322a3230 HTTP 302
  • https://ad.mail.ru/cm.gif?p=34&id=OtKR8EtQuH2r
Request Chain 140
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=-Hij_4QKQqPJuXJ9wy4D8m5KPLjQ9TuY

161 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.flylevel.com/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.flylevel.com/
Protocol
HTTP/1.1
Server
2a02:26f0:3500:892::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
da63f4cdc3e92e467196270b58b9117895b78ea6f2b0c49ca38880a69b3358ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1104
Content-Type
text/html
Date
Tue, 11 Jul 2023 14:24:29 GMT
Expires
0
Server-Timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="469190_388276636_144491119_147_13879_30_-_-";dur=1
Vary
Accept-Encoding
verify
www.flylevel.com/_sec/ 		16 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.flylevel.com/_sec/verify?provider=interstitial
Requested by
Host: www.flylevel.com
URL: http://www.flylevel.com/
Protocol
HTTP/1.1
Server
2a02:26f0:3500:892::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiGHost /
Resource Hash

Request headers

Referer
http://www.flylevel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 11 Jul 2023 14:24:29 GMT
Server
AkamaiGHost
Content-Type
application/json
Connection
keep-alive
Server-Timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="469190_388276636_144491469_445_10250_30_-_-";dur=1
Mime-Version
1.0
Content-Length
16
X-Akamai-Transformed
9l - 0 pmb=mRUM,2
Expires
Tue, 11 Jul 2023 14:24:29 GMT
/
www.flylevel.com/
Redirect Chain
  • http://www.flylevel.com/
  • https://www.flylevel.com/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.flylevel.com/
Requested by
Host: www.flylevel.com
URL: http://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.flylevel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1190
content-type
text/html
date
Tue, 11 Jul 2023 14:24:29 GMT
expires
0
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="469190_388276636_144492530_17_15221_30_0_-";dur=1
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 11 Jul 2023 14:24:29 GMT
Location
https://www.flylevel.com/
Server
AkamaiGHost
Server-Timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="469190_388276636_144491793_12_12885_30_-_-";dur=1
verify
www.flylevel.com/_sec/ 		16 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flylevel.com/_sec/verify?provider=interstitial
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiGHost /
Resource Hash

Request headers

Referer
https://www.flylevel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 11 Jul 2023 14:24:29 GMT
server
AkamaiGHost
content-type
application/json
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="469190_388276636_144492898_658_11763_30_0_-";dur=1
mime-version
1.0
content-length
16
x-akamai-transformed
9l - 0 pmb=mRUM,2
expires
Tue, 11 Jul 2023 14:24:29 GMT
Primary Request /
www.flylevel.com/ 		170 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.flylevel.com/
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8b1fa96582731ce022635f8f43b51a2680708fb39bd7d4c2b211ef3c1b8fb8b9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN DENY

Request headers

Referer
https://www.flylevel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*.flylevel.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
23693
content-type
text/html; charset=utf-8
date
Tue, 11 Jul 2023 14:24:30 GMT
expires
-1
link
<https://www.flylevel.com/content/fonts/icons/icomoon.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://nexus.ensighten.com>;rel="preconnect",<https://staticms.flylevel.com>;rel="preconnect",<https://www.googleoptimize.com>;rel="preconnect",<https://static.flylevel.com>;rel="preconnect",<https://momentjs.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://p11.techlab-cdn.com>;rel="preconnect",<https://fonts.gstatic.com>;rel="preconnect"
pragma
no-cache
server
Microsoft-IIS/10.0
server-timing
cdn-cache; desc=MISS edge; dur=27 origin; dur=154 ak_p; desc="469190_388276636_144493188_18092_13792_31_0_-";dur=1
vary
Accept-Encoding
x-akamai-transformed
9l 169738 0 pmb=mTOE,3mRUM,2
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-frame-options
SAMEORIGIN DENY
x-powered-by
ASP.NET
icomoon.woff2
www.flylevel.com/content/fonts/icons/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.flylevel.com/content/fonts/icons/icomoon.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6864600ac6d7f0dc001ad8ecbcc75a532950d3d7b17b057c81ff1deb03151360
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://www.flylevel.com/
Origin
https://www.flylevel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
last-modified
Wed, 28 Jun 2023 11:05:20 GMT
server
Microsoft-IIS/10.0
etag
"018776db0a9d91:0"
x-powered-by
ASP.NET
x-frame-options
DENY
content-type
application/font-woff2
cache-control
private, max-age=72197
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469190_388276636_144494429_243_13798_31_0_-";dur=1
accept-ranges
bytes
content-length
70164
expires
Wed, 12 Jul 2023 10:27:47 GMT
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;600;700&display=swap
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21461a5fb486a3fa22c9f6f6934fc9b010834e93fd6791867e6bb55d5c468358
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.flylevel.com/
Origin
https://www.flylevel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 12:35:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jul 2023 14:24:30 GMT
css2
fonts.googleapis.com/ 		6 KB
737 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
060076783862d7980392dfdf22ced5698d470ce32cb2c69ae0a412d72d090695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.flylevel.com/
Origin
https://www.flylevel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 14:18:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jul 2023 14:24:30 GMT
5e6143f0985380dbe0056f634020b2f8b7490013008656
www.flylevel.com/static/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8eb66ae18f098a3a6d928683528856bdcf2397a00402e840dc9685a6dc891fe8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 06:41:45 GMT
content-md5
j40IORbZZyo9RsA9+ZBfSQ==
etag
0x8DAD754F1C5B799
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
server-timing
edge; dur=1, origin; dur=13, cdn-cache; desc=MISS, ak_p; desc="469190_388276636_144496241_1556_5238_37_0_-";dur=1
timing-allow-origin
*
content-length
52256
expires
Tue, 11 Jul 2023 14:34:30 GMT
Bootstrap.js
nexus.ensighten.com/vueling/level_production/ 		339 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/vueling/level_production/Bootstrap.js
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-103.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
06808fe941f491e2096d14429a755f28f0d39aaf165a809250d88c13428364d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 08:21:30 GMT
x-amz-version-id
ecM8WBkC.RWLGhVuDQRJR522CIPjA47m
content-encoding
gzip
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
9612181
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Nov 2022 06:39:52 GMT
server
CloudFront
etag
W/"eff8a84202d8826d81d4eef10d4b0467"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
bp3IJe2aKZ6FjnqXMRRrPgM9HK2kgLcMdwIUpghzQxgM1jkixG17LQ==
level-home-critical.min.css
static.flylevel.com/content/ 		39 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/content/level-home-critical.min.css?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
d9e36985f344f575a2ccd91d54232f0464c5ff2382af3a52dc89ab4b7ef5a27a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
last-modified
Sun, 09 Jul 2023 06:32:57 GMT
server
Akamai Resource Optimizer
etag
"eadcb0891590fdee97c9ea8f76167023:1688541391.361088"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=40937
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
6051
expires
Wed, 12 Jul 2023 01:46:47 GMT
searcher.min.css
static.flylevel.com/content/ 		47 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/content/searcher.min.css?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
287caea6675492bd9f370299444cbfdada45b489fe06a480e9a50f3fab5ccaae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
last-modified
Wed, 05 Jul 2023 21:44:42 GMT
server
Akamai Resource Optimizer
etag
"103378b8b2f13b271b90f38bb73632d8:1688541394.589278"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=53451
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
7058
expires
Wed, 12 Jul 2023 05:15:21 GMT
core.js
static.flylevel.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/js/core.js?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
537968e1abe423a94327a5ddc74a1eec2bf817f3ad21d3b18fb5591e3902734e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
last-modified
Wed, 05 Jul 2023 16:54:33 GMT
server
Akamai Resource Optimizer
etag
"1acfff4fc6dc12f8113a605121d5ff78:1688541397.078789"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=43703
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
2031
expires
Wed, 12 Jul 2023 02:32:53 GMT
202302.png
staticms.flylevel.com/1008/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticms.flylevel.com/1008/202302.png
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
84024f02f08be9d2aa71d85e6da3f018b8cfdd01a88d88c7dcdde2caf5ff1cc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
last-modified
Tue, 28 Mar 2023 06:24:00 GMT
x-serial
1182
server
Akamai Image Manager
x-check-cacheable
YES
etag
"e39a716c8652db0293201343f8218d7b:1676552763.406938"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=2591960
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
107704
expires
Thu, 10 Aug 2023 14:23:50 GMT
optimize.js
www.googleoptimize.com/ 		131 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-K5DZXVV
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0eb049a6b9847fc4e6b7cf126da805c342bb8b542508731cc7b0471f72df416b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
50899
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jul 2023 14:24:30 GMT
level-fonts.min.css
static.flylevel.com/content/ 		79 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/content/level-fonts.min.css?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
749ce835e5b2ee4528011092e9c2c39dfdc4ae79b57cffa4ac8922c1fd7eb7ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
last-modified
Thu, 06 Jul 2023 23:49:23 GMT
server
Akamai Resource Optimizer
etag
"1629483344127cd1c768260cbea4e74e:1688541391.153747"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=76415
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
7633
expires
Wed, 12 Jul 2023 11:38:05 GMT
level-critical.min.css
static.flylevel.com/content/ 		107 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/content/level-critical.min.css?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
db8df7be5ed2fb16f60c3f23393cea4f707d112e93cc2382408d5878e25f4e16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
last-modified
Thu, 06 Jul 2023 09:21:24 GMT
server
Akamai Resource Optimizer
etag
"e5ab471d5d1e50bb934b65a9cd0ac1d8:1688541390.514004"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=24948
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
13337
expires
Tue, 11 Jul 2023 21:20:18 GMT
17f0b92e
www.flylevel.com/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flylevel.com/akam/13/17f0b92e
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f6351a37885974d424142ac5aa4d7411423d0463363c5e8f5e69fb1970a36e67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 15:12:09 GMT
etag
"e7a474b73be41a527f3f139c5a9f88f035d950519ebe69e9d744fcf63a7dab6b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="469190_388276636_144496242_435_7225_37_0_-";dur=1
content-length
8794
expires
Tue, 11 Jul 2023 14:24:30 GMT
jquery.js
static.flylevel.com/js/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/js/jquery.js?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
93932ee5918426f47913b2d44dc28c53a2fb9c326c502f9f1a938616dfa223a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
last-modified
Wed, 05 Jul 2023 20:28:13 GMT
server
Akamai Resource Optimizer
etag
"59b0a0765d2811bf8577a14bd1332c83:1688541400.24192"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=56632
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
28478
expires
Wed, 12 Jul 2023 06:08:22 GMT
materialize.js
static.flylevel.com/js/ 		116 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/js/materialize.js?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
954e6e474e37d8f0524324f506ea9112eeaff167e306a19bdae67de7eab30feb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
last-modified
Wed, 05 Jul 2023 23:09:27 GMT
server
Akamai Resource Optimizer
etag
"6c8190489cf7f10cbe8b465c4509b8d9:1688541403.225119"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=66161
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
26693
expires
Wed, 12 Jul 2023 08:47:11 GMT
level-core-home.js
static.flylevel.com/js/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/js/level-core-home.js?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
beaa47440f04a979659efc2186ddf059650250ebcc02f052054e962fb425944f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
last-modified
Wed, 05 Jul 2023 07:56:33 GMT
server
Akamai Resource Optimizer
etag
"2b99a6ca524f81408ff1e3179db6d08f:1688541400.83055"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=20505
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
19336
expires
Tue, 11 Jul 2023 20:06:15 GMT
validation.js
static.flylevel.com/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/js/validation.js?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
47bffb0ea7656af1d2474b82578ae6d6abb7c003bc624e680e90301076c346de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
last-modified
Wed, 05 Jul 2023 08:00:07 GMT
server
Akamai Resource Optimizer
etag
"159591f334eb3c7b7669017b88031a4f:1688541406.333023"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=20556
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
2383
expires
Tue, 11 Jul 2023 20:07:06 GMT
moment-with-locales.min.js
momentjs.com/downloads/ 		360 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://momentjs.com/downloads/moment-with-locales.min.js
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:9919 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
430725b95468277dcbccc27e08e3d873276c0082737310b0b1ad330392511847

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 11 Jul 2023 18:24:30 GMT
date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 03:25:19 GMT
server
cloudflare
x-github-request-id
B83A:1BCB:4C5EA6:69F12B:64AD661E
etag
W/"645b0e9f-5a17b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
x-origin-cache
HIT
cf-ray
7e51b5dfbce69948-FRA
x-proxy-cache
HIT
searcher.js
static.flylevel.com/js/ 		101 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/js/searcher.js?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
c9dfb9bacec1d8d06aed2171c9571c9c6a82d1150110397107622121df89480b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
last-modified
Wed, 05 Jul 2023 20:27:11 GMT
server
Akamai Resource Optimizer
etag
"d38154a8b62f00a458d24389a3425963:1688541404.795817"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=20580
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
15016
expires
Tue, 11 Jul 2023 20:07:30 GMT
level-search.js
static.flylevel.com/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/js/level-search.js?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
40f089fda38b110bb688eec7c1ce9b872b8e0b8ebf6e9ad26754d64b913a470d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
last-modified
Sun, 09 Jul 2023 00:52:24 GMT
server
Akamai Resource Optimizer
etag
"194eccaf2be247334cbbc4baf7821280:1688541402.280159"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=20364
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
4884
expires
Tue, 11 Jul 2023 20:03:54 GMT
tagging.js
static.flylevel.com/js/ 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/js/tagging.js?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
4be1975749006cd1a82c4d044a6675728644029be7b19cb41e2569e75e6eeca1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
last-modified
Tue, 11 Jul 2023 04:29:38 GMT
server
Akamai Resource Optimizer
etag
"7b84f6147e7b461b94c894d7bd9fdfd4:1688541405.497633"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=50673
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
4007
expires
Wed, 12 Jul 2023 04:29:03 GMT
level-styles.min.css
static.flylevel.com/content/ 		288 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/content/level-styles.min.css?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
b9cf6fe7f3b64bfb21805802a767596497882bc2dc93143a99ae7b7570aca96d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
last-modified
Sun, 09 Jul 2023 08:02:40 GMT
server
Akamai Resource Optimizer
etag
"e9da8ce2a1b3ee8d56c00448312d5540:1688541393.103416"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=46501
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
36688
expires
Wed, 12 Jul 2023 03:19:31 GMT
W4cIx4
www.flylevel.com/E7GKts/s2_zc/YR9bM/8A/aOm9J0QcJJ/Cn50XQ/UG8OK/ 		211 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flylevel.com/E7GKts/s2_zc/YR9bM/8A/aOm9J0QcJJ/Cn50XQ/UG8OK/W4cIx4
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a5837320362656cb621d7bcf3a68ef6f5113e326a4a53a45e585aeaadc884f05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 17:14:22 GMT
etag
"212db13fb66a67c83df701184825f40826435ed19667b6693133a5895c2b0fa0"
stored-attribute-sha-checksum
a5837320362656cb621d7bcf3a68ef6f5113e326a4a53a45e585aeaadc884f05
content-type
application/javascript
cache-control
max-age=21600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469190_388276636_144496184_36_8827_37_0_-";dur=1
content-length
80428
expires
Wed, 09 Aug 2023 12:59:12 GMT
gtm.js
www.googletagmanager.com/ 		389 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KFT37DM
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e07f859423f9e114a1ee361341d0982dfb47d65b8d8a2a1bde931d5d3306f5b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108997
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Jul 2023 14:24:30 GMT
AQXBX-4FVLR-CZQ5W-2Q7A2-J2RVA
s.go-mpulse.net/boomerang/ Frame B474 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/AQXBX-4FVLR-CZQ5W-2Q7A2-J2RVA
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:980::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
last-modified
Mon, 03 Jul 2023 15:59:21 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.flylevel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 19:02:02 GMT
x-content-type-options
nosniff
age
415348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35448
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jul 2024 19:02:02 GMT
icomoon.woff2
static.flylevel.com/content/fonts/icons/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/content/fonts/icons/icomoon.woff2
Requested by
Host: static.flylevel.com
URL: https://static.flylevel.com/content/level-fonts.min.css?540920
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6864600ac6d7f0dc001ad8ecbcc75a532950d3d7b17b057c81ff1deb03151360

Request headers

Referer
https://static.flylevel.com/content/level-fonts.min.css?540920
Origin
https://www.flylevel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
last-modified
Wed, 05 Jul 2023 07:16:24 GMT
server
AkamaiNetStorage
etag
"4a54dcdd0f1d1173cbc2e994b5edb5ad:1688541384.808787"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=76925
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
70164
expires
Wed, 12 Jul 2023 11:46:35 GMT
65319_1825202461.js
p11.techlab-cdn.com/e/ 		54 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/65319_1825202461.js
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ad80a3f6b1b1b869088b872381b3179a21dccc4e465ec0a00c92824f6462c258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 14:24:26 GMT
content-md5
TBz6CQ/Qf16sF8+q5U3Ixg==
etag
"0x8DA7C6E5C88AF92"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
content-length
18223
expires
Tue, 11 Jul 2023 14:34:30 GMT
65257_1825232097.js
p11.techlab-cdn.com/e/ 		14 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/65257_1825232097.js
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 12:38:55 GMT
content-md5
7rdGFe+/Y2zHt4sXxqkzxw==
etag
0x8DAD39902829531
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
timing-allow-origin
*
content-length
6061
expires
Tue, 11 Jul 2023 14:34:30 GMT
64885_1825202523.js
p11.techlab-cdn.com/e/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/64885_1825202523.js
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
gzip
last-modified
Sun, 24 Apr 2022 12:00:07 GMT
content-md5
DnvBZTKTbXGPNtxH2P6zMg==
etag
"0x8DA25E9F9A41165"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
content-length
1470
expires
Tue, 11 Jul 2023 14:34:30 GMT
65226_1825232221.js
p11.techlab-cdn.com/e/ 		69 KB
32 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/65226_1825232221.js
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f15d0efbde8255667f5a72b6d15514a07af8ed26fc0123dbecd7a57b8571f5f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
gzip
last-modified
Tue, 22 Jun 2021 09:56:19 GMT
content-md5
SXxgqgysjhD+doh01gfTBg==
etag
"0x8D93563FBF1CA03"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
content-length
32564
expires
Tue, 11 Jul 2023 14:34:30 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/656333200/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/656333200/?random=1689085470851&cv=11&fst=1689085470851&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.flylevel.com%2F&ref=http%3A%2F%2Fwww.flylevel.com%2F&hn=www.googleadservices.com&frm=0&tiba=LEVEL%20%7C%20Airline%20Tickets%20and%20Fares%20-%20Search&auid=1581496747.1689085471&rfmt=3&fmt=4
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3cea9e76cbdb486cfe4a0832d0661344740f90c34f82687f1730b11868864c34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.json
c.go-mpulse.net/api/ Frame B474 		1 KB
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=AQXBX-4FVLR-CZQ5W-2Q7A2-J2RVA&d=www.flylevel.com&t=5630285&v=1.720.0&if=&sl=0&si=dd3f9b6a-64aa-462b-b684-e3bcd0b100d8-rxmyou&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=436386
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/AQXBX-4FVLR-CZQ5W-2Q7A2-J2RVA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:38d::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ca206399ce55bc34cb792a6f193f0ceac4a160cd89afa5496e1895f7e661b22e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 14:24:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
558
/
www.google.com/pagead/1p-user-list/656333200/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/656333200/?random=1689085470851&cv=11&fst=1689084000000&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.flylevel.com%2F&ref=http%3A%2F%2Fwww.flylevel.com%2F&frm=0&tiba=LEVEL%20%7C%20Airline%20Tickets%20and%20Fares%20-%20Search&fmt=3&is_vtc=1&random=4109371844&rmt_tld=0&ipr=y
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/656333200/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/656333200/?random=1689085470851&cv=11&fst=1689084000000&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.flylevel.com%2F&ref=http%3A%2F%2Fwww.flylevel.com%2F&frm=0&tiba=LEVEL%20%7C%20Airline%20Tickets%20and%20Fares%20-%20Search&fmt=3&is_vtc=1&random=4109371844&rmt_tld=1&ipr=y
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
W4cIx4
www.flylevel.com/E7GKts/s2_zc/YR9bM/8A/aOm9J0QcJJ/Cn50XQ/UG8OK/ 		18 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flylevel.com/E7GKts/s2_zc/YR9bM/8A/aOm9J0QcJJ/Cn50XQ/UG8OK/W4cIx4
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
https://www.flylevel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.flylevel.com
access-control-allow-credentials
true
x_req_id
609660a4-aeca-4c54-a7a0-0b38ff88350a
server-timing
edge; dur=5, origin; dur=134, cdn-cache; desc=MISS, ak_p; desc="469190_388276636_144499184_13888_7649_31_0_-";dur=1
access-control-allow-headers
Content-Type
content-length
18
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
stations
www.flylevel.com/api/ 		46 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.flylevel.com/api/stations
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d76830caf007f08914142600429535833bdf642c564f01df21e8cc1937820874
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:31 GMT
content-encoding
gzip
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*.flylevel.com
cache-control
no-cache, no-store, must-revalidate
server-timing
cdn-cache; desc=MISS, edge; dur=34, origin; dur=45, ak_p; desc="469190_388276636_144499592_7933_14853_31_0_-";dur=1
content-length
3505
expires
-1
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 12:35:19 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6552
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 11 Jul 2023 14:35:19 GMT
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 11 Jul 2023 14:24:30 GMT
last-modified
Thu, 11 May 2023 18:08:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F1F03E493E674F0A8F8AD3B92FE637B5 Ref B: FRA31EDGE0820 Ref C: 2023-07-11T14:24:31Z
etag
"80df77953384d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12183
ld.js
dynamic.criteo.com/js/ld/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=95387
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a99c0ce13080dc79f40974fae52bf1034f9d00b1ad0b754e38da8bf11a31f170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		264 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GYKXMCMM34&l=dataLayer&cx=c
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
376cff28cc4f30931fe90c11fcb69b66b9f6fb3cb83d53229d3246bbc0aa0167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90335
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jul 2023 14:24:31 GMT
bcn_en.gif
staticms.flylevel.com/1043/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticms.flylevel.com/1043/bcn_en.gif
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
697e05ecd3408d99820ec8fd2f9258585ec299d2faf6623e8e9930d48e7bbddc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
last-modified
Mon, 10 Jul 2023 12:52:58 GMT
server
Akamai Image Manager
etag
"be1f2aae35009a83c1b08d620cfabdf6:1688641638.285946"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=2500123
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
101944
expires
Wed, 09 Aug 2023 12:53:14 GMT
bcn-mbl_en.gif
staticms.flylevel.com/1041/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticms.flylevel.com/1041/bcn-mbl_en.gif
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2301981eb5eef5f0551aa1026ea364a102c2bf07f39eaa68eb26541d4043cbd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
last-modified
Mon, 10 Jul 2023 12:52:59 GMT
server
Akamai Image Manager
etag
"a3ce5ce1f3c16ba2885714e9d5e368a2:1688641636.199882"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=2500168
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
86000
expires
Wed, 09 Aug 2023 12:53:59 GMT
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=2692&i=54qzil&p=level_production&s=320&d=8ER7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTIzIiwiY2xpZW50SWQiOjI2OTIsInB1Ymxpc2hQYXRoIjoibGV2ZWxfcHJvZHVjdE0AoCwiaW5zdGFuY2UzAPAUIjU0cXppbCIsInBhY2tldCI6MCwibW9kZSI6Im9ic2VydmVjAPAOb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJFbmduAPAJIiwicmVxdWVzdHMiOlt7ImRlc3RpbmF0cgCAOiIiLCJ0eXBUAPAPYmlsbGluZyIsInN0YXJ0IjoxNjg5MDg1NDcxMjYzXQDAZCI6LTEsInNvdXJjMgACKwBBdHVzIkgAYHJlYXNvbmUA010sImRhdGFQYXR0ZXISAMAibGlzdCI6W119XX0
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
cache-control
no-cache, no-store
server
nginx
expires
Tue, 11 Jul 2023 14:24:30 GMT
quantum-level.js
cdn.quantummetric.com/qscripts/ 		265 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.quantummetric.com/qscripts/quantum-level.js
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
654652f006d13bf87ed5b986ed1ef761bbe272baad5de9cbbf5870c1239ad73a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options no-sniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
no-sniff
cf-cache-status
EXPIRED
content-encoding
br
server
cloudflare
etag
W/"168898596880616885892918731689062402664"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
cf-ray
7e51b5e49a891cab-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/ 		171 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Jul 2023 14:24:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
46863
x-xss-protection
0
pragma
public
x-fb-debug
I6s/2XZ7oI+mrIm2NbRtEiSO8A/ie9LPZG7CZjJ/MWUR7Wdc8heiBMHojKxdASUFbvfWuhTJ2a7CTxHsh6RK9Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
serverComponent.php
nexus.ensighten.com/vueling/level_production/ 		188 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/vueling/level_production/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/vueling/level_production/code/&publishedOn=Tue%20Nov%2015%2006:39:50%20GMT%202022&ClientID=2692&PageID=https%3A%2F%2Fwww.flylevel.com%2F
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-103.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
ea9bdcdc0297a9099adc003f2b74d79c4be8a5f298cb4719fbcacf62ba794551

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store
content-length
188
x-amz-cf-id
JmMYqgWYeCLJU5dmBkzKs-9ehdhQtwS9iPjt9VxAUYnuLSPv53-O8w==
expires
Tue, 11 Jul 2023 14:24:30 GMT
level-logo.svg
static.flylevel.com/Images/Header/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.flylevel.com/Images/Header/level-logo.svg?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
3e610c49f4e160ec39da286cd0e69f825135c234f9bcb9822604c3a1e271b5e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
content-encoding
gzip
content-length
1247
last-modified
Wed, 05 Jul 2023 07:53:14 GMT
server
Akamai Resource Optimizer
etag
"1e55372180d4bb90e9de0c67e3c112b8:1688541346.480249"
vary
Accept-Encoding
access-control-max-age
86400
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=72131
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 12 Jul 2023 10:26:42 GMT
fly-text-icon.svg
static.flylevel.com/Images/Icons/ 		632 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.flylevel.com/Images/Icons/fly-text-icon.svg?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
cfb2f4f8cf185955eee255109e9a56bbd868bf4db3942711f504a9d78363440e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
content-encoding
gzip
content-length
400
last-modified
Wed, 05 Jul 2023 10:33:04 GMT
server
Akamai Resource Optimizer
etag
"fe971f51025cbddb9207fae0cd0f2c09:1688541362.778427"
vary
Accept-Encoding
access-control-max-age
86400
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=72528
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 12 Jul 2023 10:33:19 GMT
ny-from_en.png
staticms.flylevel.com/1055/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticms.flylevel.com/1055/ny-from_en.png
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5772043d9bc8253b58ed196293dbcfb159fae9993c891c24c4d1df8f706ed87c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
last-modified
Mon, 10 Jul 2023 12:59:39 GMT
server
Akamai Image Manager
etag
"0bfc51fa822fff5fa3f32a86009e6d30:1688993857.44932"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=2500445
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
48101
expires
Wed, 09 Aug 2023 12:58:36 GMT
lax-from_en.png
staticms.flylevel.com/1058/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticms.flylevel.com/1058/lax-from_en.png
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
811cf1aca5721865ca1e0be248db7d14ef67f97be2339883e756cc9882eb98c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
last-modified
Mon, 10 Jul 2023 12:59:40 GMT
x-serial
769
server
Akamai Image Manager
x-check-cacheable
YES
etag
"b03b21d785b46c3a2423a799cfb60d61:1688993862.666088"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=2500508
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
45513
expires
Wed, 09 Aug 2023 12:59:39 GMT
sfo-en.png
staticms.flylevel.com/1017/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticms.flylevel.com/1017/sfo-en.png
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
dfb876d18a52412bc544dbf1c1096b2edd4ad9d24e2de2c5cef4d2a574009a4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
last-modified
Tue, 28 Mar 2023 06:24:04 GMT
x-serial
1659
server
Akamai Image Manager
x-check-cacheable
YES
etag
"e99b9236f1dfdb7f3e7a2c515d78a0d5:1675160990.861583"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=518554
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
15958
expires
Mon, 17 Jul 2023 14:27:05 GMT
bos-from_en.png
staticms.flylevel.com/1061/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticms.flylevel.com/1061/bos-from_en.png
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
26c0e0f9beb76b68fae59ea92412cad2390a2fc5f2014b6b39b962cf8e4f7ec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
last-modified
Mon, 10 Jul 2023 12:59:39 GMT
server
Akamai Image Manager
etag
"b760e8a5d1e5e8e86bfbe89cef2f282a:1688993872.841003"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=2500483
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
81349
expires
Wed, 09 Aug 2023 12:59:14 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GYKXMCMM34&gtm=45je37a0&_p=318293237&_gaz=1&cid=712395196.1689085471&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1689085471&sct=1&seg=0&dl=https%3A%2F%2Fwww.flylevel.com%2F&dr=http%3A%2F%2Fwww.flylevel.com%2F&dt=LEVEL%20%7C%20Airline%20Tickets%20and%20Fares%20-%20Search&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_type=home&ep.content_group=home&ep.page_language=en&ep.conversion_id=656333200&ep.currency_code=EUR
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.flylevel.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GYKXMCMM34&cid=712395196.1689085471&gtm=45je37a0&aip=1
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.flylevel.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GYKXMCMM34&cid=712395196.1689085471&gtm=45je37a0&aip=1&z=310151253
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
r.rnc
data.privacy.ensighten.com/privacy/v1/c/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/c/r.rnc?n=0&c=2692&i=5xtbnq&p=level_production&d=9Cd7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTIzIiwiY2xpZW50SWQiOjI2OTIQAPAdTmFtZSI6InZ1ZWxpbmciLCJwdWJsaXNoUGF0aCI6ImxldmVsX3Byb2R1Y3RkAFAsIm1vZDIAkHdoaXRlbGlzdFsA8CJvb2tpZXMiOnsiVlVFTElOR19FTlNJR0hURU5fUFJJVkFDWV9CQU5ORVJfTE9BREVErADxDyJ9LCJkdCI6MTY4OTA4NTQ3MTUxNiwic2V0dGluZ04A8Bdtb2RhbCI6ImVudGVycHJpc2UiLCJlbnZpcm9ubWVudCI6IkVuZ7AAoSIsImRlZmF1bHQ5APAEQW5hbHl0aWNzIjoxLCJNYXJrZVUAsCI6MX19LCJldmVuKAAiW3sLAEEiOiJjwwBwQ2hhbmdlZE0ADpkABcEAwEFERUQiOiIxIn1dfQ&s=382
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
cache-control
no-cache, no-store
server
nginx
expires
Tue, 11 Jul 2023 14:24:30 GMT
collect
www.google-analytics.com/j/ 		3 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=318293237&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flylevel.com%2F&ul=en-us&de=UTF-8&dt=LEVEL%20%7C%20Airline%20Tickets%20and%20Fares%20-%20Search&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAAAACAEK~&jid=850668052&gjid=733584654&cid=712395196.1689085471&tid=UA-107505121-1&_gid=314426848.1689085472&_slc=1&gtm=45He37a0n81KFT37DM&cg1=home&cg2=en&cd19=en&cd20=https%3A%2F%2Fwww.flylevel.com%2F&cd1=712395196.1689085471&z=1070963494
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.flylevel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.flylevel.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-107505121-1&cid=712395196.1689085471&jid=850668052&gjid=733584654&_gid=314426848.1689085472&_u=YCDAgUABAAAAAGAEK~&z=1065718861
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.flylevel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 11 Jul 2023 14:24:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.flylevel.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
149017656.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/149017656.js
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
994e0285fdcee7312a3477d5383cc5427227ee3a6640588aab121910c37a8fa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Tue, 11 Jul 2023 14:24:31 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B2733F9BF4D34A5AA024929D3AF237AD Ref B: FRA31EDGE0820 Ref C: 2023-07-11T14:24:31Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=149017656&tm=gtm002&Ver=2&mid=ef17e4c5-4fe5-4db7-b144-f2a7820db878&sid=a6e7a3301ff611eeacee7b3bdde542d9&vid=a6e805c01ff611ee8e26ab5487b81167&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=LEVEL%20%7C%20Airline%20Tickets%20and%20Fares%20-%20Search&p=https%3A%2F%2Fwww.flylevel.com%2F&r=http%3A%2F%2Fwww.flylevel.com%2F&lt=1411&evt=pageLoad&sv=1&rn=953353
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jul 2023 14:24:31 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7ABDB3DFAF214B50A646EDE6FA51A502 Ref B: FRA31EDGE0820 Ref C: 2023-07-11T14:24:31Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
W4cIx4
www.flylevel.com/E7GKts/s2_zc/YR9bM/8A/aOm9J0QcJJ/Cn50XQ/UG8OK/ 		18 B
838 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flylevel.com/E7GKts/s2_zc/YR9bM/8A/aOm9J0QcJJ/Cn50XQ/UG8OK/W4cIx4
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
https://www.flylevel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.flylevel.com
access-control-allow-credentials
true
x_req_id
3b2efd10-458d-4393-bd11-6e8f83fe26db
server-timing
edge; dur=4, origin; dur=102, cdn-cache; desc=MISS, ak_p; desc="469190_388276636_144502052_10557_7584_30_0_-";dur=1
access-control-allow-headers
Content-Type
content-length
18
syncframe
gum.criteo.com/ Frame 5C2D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.flylevel.com&origin=onetag
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.flylevel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 14:24:31 GMT
server
Kestrel
server-processing-duration-in-ticks
238849
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
1918798068340983
connect.facebook.net/signals/config/ 		365 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1918798068340983?v=2.9.111&r=stable
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d033aa4984f3d842cdd225313572c48df5462cf4325ccdce731265b15286b058
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Jul 2023 14:24:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
sQQ8EDRPdI9ZtwkgZQY9vhJgkTvro2qTUgnUXsdVpGt9eMRF4KOirRbhc0K+hBydL8kzhDfKeHZje3fXPdhqBQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel_17f0b92e
www.flylevel.com/akam/13/ 		0
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flylevel.com/akam/13/pixel_17f0b92e
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.flylevel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="469190_388276636_144502275_491_7229_31_0_-";dur=1
content-length
0
content-type
text/html
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-107505121-1&cid=712395196.1689085471&jid=850668052&_u=YCDAgUABAAAAAGAEK~&z=1194316454
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-107505121-1&cid=712395196.1689085471&jid=850668052&_u=YCDAgUABAAAAAGAEK~&z=1194316454
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
149017656
www.clarity.ms/tag/uet/ 		1021 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/149017656
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2910171d488c2e26b7c5123e99c12213ad77d8467f6f5fb4195ab429347b928b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
date
Tue, 11 Jul 2023 14:24:31 GMT
x-azure-ref
0H2atZAAAAAAC7nPuU4TZSrXWpB9WHTifRlJBMjMxMDUwNDE4MDExADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
1021
expires
-1
sid
mug.criteo.com/ Frame 5C2D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=flylevel.com&sn=ChromeSyncframe&so=0&topUrl=www.flylevel.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Xs0ho3x2dFd0T3NQNUY1Tmk5bzVqTk9PWlZYSXFyZmd1U2NVWUFkUm9UeWtnSkxzUHk0YXdDV3JmdnZnWHZvWGJDLzd5YTREa0FrOWJWUTQza3h5MG0rWUowY3h2VTFtdFpHV0RqTWVFLzdseEN5RlRJd3hFSmxaZHpvVX...
436 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Xs0ho3x2dFd0T3NQNUY1Tmk5bzVqTk9PWlZYSXFyZmd1U2NVWUFkUm9UeWtnSkxzUHk0YXdDV3JmdnZnWHZvWGJDLzd5YTREa0FrOWJWUTQza3h5MG0rWUowY3h2VTFtdFpHV0RqTWVFLzdseEN5RlRJd3hFSmxaZHpvVXRJRFluRHRvMm1ueUNvQ0JQb05xRE8ybTNnajJUQmJsYkhxaUl5ZGtpMS93WW9Odzd1a2ZrL3lCM2pPeUp6akhZNkx5M3A0VndlWTRVaWVBOWllSU82RWY5RGVZb09TL0FwSzAwVWlEUVVGaFVXUnZnTmF6WmxCdGMvQ2tvaGg2NHh3Q2xsM3R6cGRFSXhwVkJTQndOMWdwcWtnaytadz09fA&cppv=2
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
635652b36663c87b2a4a3ce071ae5a83ae532927395991e5640fb5b955554de7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1507292
expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Xs0ho3x2dFd0T3NQNUY1Tmk5bzVqTk9PWlZYSXFyZmd1U2NVWUFkUm9UeWtnSkxzUHk0YXdDV3JmdnZnWHZvWGJDLzd5YTREa0FrOWJWUTQza3h5MG0rWUowY3h2VTFtdFpHV0RqTWVFLzdseEN5RlRJd3hFSmxaZHpvVXRJRFluRHRvMm1ueUNvQ0JQb05xRE8ybTNnajJUQmJsYkhxaUl5ZGtpMS93WW9Odzd1a2ZrL3lCM2pPeUp6akhZNkx5M3A0VndlWTRVaWVBOWllSU82RWY5RGVZb09TL0FwSzAwVWlEUVVGaFVXUnZnTmF6WmxCdGMvQ2tvaGg2NHh3Q2xsM3R6cGRFSXhwVkJTQndOMWdwcWtnaytadz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
264856
content-length
0
expires
0
clarity.js
www.clarity.ms/s/0.7.8/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.8/clarity.js
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
content-encoding
br
last-modified
Mon, 10 Jul 2023 18:56:17 GMT
etag
"0x8DB817757AB9A71"
x-azure-ref
0IGatZAAAAABH4XhcxLqdSZj1lvQkDHkwRlJBMjMxMDUwNDE4MDExADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
14c780aa-601e-0040-2a76-b329e3000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
event
sslwidget.criteo.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=95387&v=5.16.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=2i1s0l96TmhteHFWN01NS0VHU2JRRG5QTE51V2ttb3pLVEdCeTBra0pQZjlka09sUiUyRkxaSndaeXhxWWhaeVZIYSUyQmU4cWNwaW9FenhUUyUyQkVJYXd3TnJSZ3UlMkZTTHdkOHZuZlNMTjhUSlVlSFQxalpVJTJCTEdQZUprdE9PUyUyRjdFODRkTDIxZjlNMXV0TXYlMkI0bkwzekNlVnJEajVWdyUzRCUzRA&tld=flylevel.com&dy=1&fu=https%253A%252F%252Fwww.flylevel.com%252F&pu=http%253A%252F%252Fwww.flylevel.com%252F&ceid=647b282d-2cea-4dc5-ae70-4053b21beb48&dtycbr=78806
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e4c625a47ce62af88e478cf993374aea0b5486c1c580ffd6784e275a7a0581a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
7768398
timing-allow-origin
*
expires
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1918798068340983&ev=PageView&dl=https%3A%2F%2Fwww.flylevel.com%2F&rl=http%3A%2F%2Fwww.flylevel.com%2F&if=false&ts=1689085472108&sw=1600&sh=1200&v=2.9.111&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&it=1689085471883&coo=false&rqm=GET
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Jul 2023 14:24:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
W4cIx4
www.flylevel.com/E7GKts/s2_zc/YR9bM/8A/aOm9J0QcJJ/Cn50XQ/UG8OK/ 		18 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flylevel.com/E7GKts/s2_zc/YR9bM/8A/aOm9J0QcJJ/Cn50XQ/UG8OK/W4cIx4
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
https://www.flylevel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 11 Jul 2023 14:24:32 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.flylevel.com
access-control-allow-credentials
true
x_req_id
9c7c61a4-9ba5-44f3-ba2c-35cde33ef84f
server-timing
edge; dur=16, origin; dur=79, cdn-cache; desc=MISS, ak_p; desc="469190_388276636_144503806_9542_7792_30_0_-";dur=1
access-control-allow-headers
Content-Type
content-length
18
collect
r.clarity.ms/ 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.flylevel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.flylevel.com
Date
Tue, 11 Jul 2023 14:24:32 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
W4cIx4
www.flylevel.com/E7GKts/s2_zc/YR9bM/8A/aOm9J0QcJJ/Cn50XQ/UG8OK/ 		18 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flylevel.com/E7GKts/s2_zc/YR9bM/8A/aOm9J0QcJJ/Cn50XQ/UG8OK/W4cIx4
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
https://www.flylevel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 11 Jul 2023 14:24:32 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.flylevel.com
access-control-allow-credentials
true
x_req_id
5360b4da-ad7b-45fb-a0c8-0ee65c1569b3
server-timing
edge; dur=6, origin; dur=120, cdn-cache; desc=MISS, ak_p; desc="469190_388276636_144504010_12556_8392_30_0_-";dur=1
access-control-allow-headers
Content-Type
content-length
18
r.rnc
data.privacy.ensighten.com/privacy/v1/c/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/c/r.rnc?n=1&c=2692&i=5xtbnq&p=level_production&d=9Cd7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTIzIiwiY2xpZW50SWQiOjI2OTIQAPAdTmFtZSI6InZ1ZWxpbmciLCJwdWJsaXNoUGF0aCI6ImxldmVsX3Byb2R1Y3RkAFAsIm1vZDIAkHdoaXRlbGlzdFsA8URvb2tpZXMiOnsiVlVFTElOR19FTlNJR0hURU5fUFJJVkFDWV9CQU5ORVJfTE9BREVEIjoiMCJ9LCJkdCI6MTY4OTA4NTQ3MjMzNiwic2V0dGluZ04A8Bdtb2RhbCI6ImVudGVycHJpc2UiLCJlbnZpcm9ubWVudCI6IkVuZ7AAoSIsImRlZmF1bHQ5APAEQW5hbHl0aWNzIjoxLCJNYXJrZVUAsCI6MX19LCJldmVuKAAiW3sLAEEiOiJjwwBwQ2hhbmdlZE0ADpkABcEAwEFERUQiOiIwIn1dfQ&s=382
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:32 GMT
cache-control
no-cache, no-store
server
nginx
expires
Tue, 11 Jul 2023 14:24:31 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=22E7BD8B9636465EAF908B56A86F634C&RedC=c.clarity.ms&MXFR=2C12148DFF646DD9253507C6FB6463F1
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=22E7BD8B9636465EAF908B56A86F634C&MUID=39C98F21FA2C6AC507C19C6AFB806B9C
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=22E7BD8B9636465EAF908B56A86F634C&MUID=39C98F21FA2C6AC507C19C6AFB806B9C
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:32 GMT
last-modified
Tue, 06 Jun 2023 17:31:23 GMT
server
Microsoft-IIS/10.0
etag
"dca6ffb69c98d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:31 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8A3BF349D30F4741862BDD8BC3958408 Ref B: FRA31EDGE0820 Ref C: 2023-07-11T14:24:32Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=22E7BD8B9636465EAF908B56A86F634C&MUID=39C98F21FA2C6AC507C19C6AFB806B9C
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:11:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 11 Jul 2023 15:11:08 GMT
activityi;dc_pre=CP-m1dzthoADFVTJsgodSykE6g;src=12334432;type=level;cat=hpg_l0;ord=9335714534064;gtm=45He37a0;auiddc=1581496747.1689085471;u1=Pa%C3%ADsDE;u2=en;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uap...
12334432.fls.doubleclick.net/ Frame 8ED5
Redirect Chain
  • https://12334432.fls.doubleclick.net/activityi;src=12334432;type=level;cat=hpg_l0;ord=9335714534064;gtm=45He37a0;auiddc=1581496747.1689085471;u1=Pa%C3%ADsDE;u2=en;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;...
  • https://12334432.fls.doubleclick.net/activityi;dc_pre=CP-m1dzthoADFVTJsgodSykE6g;src=12334432;type=level;cat=hpg_l0;ord=9335714534064;gtm=45He37a0;auiddc=1581496747.1689085471;u1=Pa%C3%ADsDE;u2=en;...
1 KB
680 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12334432.fls.doubleclick.net/activityi;dc_pre=CP-m1dzthoADFVTJsgodSykE6g;src=12334432;type=level;cat=hpg_l0;ord=9335714534064;gtm=45He37a0;auiddc=1581496747.1689085471;u1=Pa%C3%ADsDE;u2=en;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.flylevel.com%2F?
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
cafe /
Resource Hash
f8d6b4650145808f7b4c8de2cb6895f53dceb587214a636a320733873a0e536d
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flylevel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
570
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 14:24:32 GMT
expires
Tue, 11 Jul 2023 14:24:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 14:24:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12334432.fls.doubleclick.net/activityi;dc_pre=CP-m1dzthoADFVTJsgodSykE6g;src=12334432;type=level;cat=hpg_l0;ord=9335714534064;gtm=45He37a0;auiddc=1581496747.1689085471;u1=Pa%C3%ADsDE;u2=en;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.flylevel.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
loader.js
api.flocktory.com/v2/ 		168 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.flocktory.com/v2/loader.js?site_id=3405
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.122.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-122-47.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
8378730ac2a5348f4fddd1476ace0245831d69e0bc3c123fafc4ec2647541f08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 14:24:32 GMT
Content-Encoding
br
x-amz-request-id
9S0GS89YAJE35QFE
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
52418
x-amz-id-2
g+kO0aIbmFSOCubMXsJeD/x01dKexrhNQA82L137dV9tN28d+Hq9ZVdMbbJyLz6rPkgKTOhkAOc=
Last-Modified
Tue, 04 Jul 2023 10:38:22 GMT
Server
openresty
x-amz-meta-s3cmd-attrs
atime:1688467063/ctime:1688467063/gid:0/gname:root/md5:c30a5b9c451f8f6bf823c58e757b4a1d/mode:33188/mtime:1688467063/uid:0/uname:root
ETag
W/"c30a5b9c451f8f6bf823c58e757b4a1d"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Access-Control-Allow-Credentials
true
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GYKXMCMM34&gtm=45je37a0&_p=318293237&cid=712395196.1689085471&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1689085471&sct=1&seg=0&dl=https%3A%2F%2Fwww.flylevel.com%2F&dr=http%3A%2F%2Fwww.flylevel.com%2F&dt=LEVEL%20%7C%20Airline%20Tickets%20and%20Fares%20-%20Search&en=testab_pnrs&ep.page_type=home&ep.content_group=home&ep.page_language=en&ep.conversion_id=656333200&ep.currency_code=EUR&_et=4
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.flylevel.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GYKXMCMM34&gtm=45je37a0&_p=318293237&cid=712395196.1689085471&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Yg&_s=3&sid=1689085471&sct=1&seg=0&dl=https%3A%2F%2Fwww.flylevel.com%2F&dr=http%3A%2F%2Fwww.flylevel.com%2F&dt=LEVEL%20%7C%20Airline%20Tickets%20and%20Fares%20-%20Search&en=view_promotion&pr1=piEN_JFK_BCN_HOME~pnHOME_DESTINATIONS_EN~cnEN_JFK_BCN_HOME~lp1&pr2=piEN_LAX_BCN_HOME~pnHOME_DESTINATIONS_EN~cnEN_LAX_BCN_HOME~lp2&pr3=piEN_SFO_BCN_HOME~pnHOME_DESTINATIONS_EN~cnEN_SFO_BCN_HOME~lp4&pr4=piEN_BOS_BCN_HOME~pnHOME_DESTINATIONS_EN~cnEN_BOS_BCN_HOME~lp3&ep.page_type=home&ep.content_group=home&ep.page_language=en&ep.conversion_id=656333200&ep.currency_code=EUR&_et=903
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.flylevel.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GYKXMCMM34&gtm=45je37a0&_p=318293237&cid=712395196.1689085471&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=4&sid=1689085471&sct=1&seg=0&dl=https%3A%2F%2Fwww.flylevel.com%2F&dr=http%3A%2F%2Fwww.flylevel.com%2F&dt=LEVEL%20%7C%20Airline%20Tickets%20and%20Fares%20-%20Search&en=page_load_time&ep.page_type=home&ep.content_group=home&ep.page_language=en&ep.conversion_id=656333200&ep.currency_code=EUR&epn.loading_time_sec=2.4&_et=2
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.flylevel.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ul_cb/ Frame 49AF
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-SIkZr9snx2F3PcCB62KWzCff86qJsIru3dwidw&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-SIkZr9snx2F3PcCB62KWzCff86qJsIru3dwidw&expires=30
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-SIkZr9snx2F3PcCB62KWzCff86qJsIru3dwidw&expires=30
Protocol
H2
Server
3.66.200.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-200-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-SIkZr9snx2F3PcCB62KWzCff86qJsIru3dwidw&expires=30
date
Tue, 11 Jul 2023 14:24:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 49AF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-eQPzPtsnx2F3PcCB62KWzCff86q53C0il2dwQg&google_cm&google_hm=ay1lUVB6UHRzbngyRjNQY0NCNjJLV3pDZmY4NnE1M0Mwa...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-eQPzPtsnx2F3PcCB62KWzCff86q53C0il2dwQg&google_gid=CAESEDjQRFP_4opL92Vl0ejn834&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-eQPzPtsnx2F3PcCB62KWzCff86q53C0il2dwQg&google_gid=CAESEDjQRFP_4opL92Vl0ejn834&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:32 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
578536
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-eQPzPtsnx2F3PcCB62KWzCff86q53C0il2dwQg&google_gid=CAESEDjQRFP_4opL92Vl0ejn834&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 49AF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3587773970884077735
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3587773970884077735
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:32 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2137200
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:32 GMT
an-x-request-uuid
52ee8540-6f3c-4876-b807-87af26e5c9da
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3587773970884077735
x-proxy-origin
217.114.218.28; 217.114.218.28; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/ Frame 49AF
Redirect Chain
  • https://secure.adnxs.com/setuid?entity=52&code=k-cGG18Nsnx2F3PcCB62KWzCff86ry3u4Hh-OWvA
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-cGG18Nsnx2F3PcCB62KWzCff86ry3u4Hh-OWvA
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-cGG18Nsnx2F3PcCB62KWzCff86ry3u4Hh-OWvA
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:32 GMT
an-x-request-uuid
62be2a2a-2693-4cae-a1ac-8804f6ca510d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.28; 217.114.218.28; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:32 GMT
an-x-request-uuid
db99e34c-072f-4d9d-910b-008ab38c61b1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-cGG18Nsnx2F3PcCB62KWzCff86ry3u4Hh-OWvA
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.28; 217.114.218.28; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 49AF 		61 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-HXLBC9snx2F3PcCB62KWzCff86oAyQP_ZvGyRA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 11 Jul 2023 14:24:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Tue, 11 Jul 2023 14:24:32 GMT
tap.php
pixel.rubiconproject.com/ Frame 49AF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-7AHoUtsnx2F3PcCB62KWzCff86oPWmxpypMOCA&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 49AF 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-BVjMuNsnx2F3PcCB62KWzCff86qFyDyx1jNZrg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.73.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-73-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:32 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 49AF 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-zBEAUdsnx2F3PcCB62KWzCff86pJJcv2CiGwnw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 49AF 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-r70hitsnx2F3PcCB62KWzCff86pA58-ZRtPAHg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:32 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25947
um
criteo-sync.teads.tv/ Frame 49AF 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-NtcrjNsnx2F3PcCB62KWzCff86oaJqy4PH4r-A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 11 Jul 2023 14:24:32 GMT
pragma
no-cache
date
Tue, 11 Jul 2023 14:24:32 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 49AF 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-AyGU8dsnx2F3PcCB62KWzCff86ozZZBgRnvSWw&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 49AF 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Zfli8tsnx2F3PcCB62KWzCff86rWtfSm3d3bpA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 49AF 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-saOE79snx2F3PcCB62KWzCff86qlBeXo0hC3eA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:32 GMT
last-modified
Wed, 11 Oct 2017 14:26:30 GMT
server
nginx
accept-ranges
bytes
etag
"59de2a16-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 49AF 		49 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-1VwsVNsnx2F3PcCB62KWzCff86q9Htuz9jpmTw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:32 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
27
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 49AF
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Z7JbStsnx2F3PcCB62KWzCff86r-GiaBWIt_pQ
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Z7JbStsnx2F3PcCB62KWzCff86r-GiaBWIt_pQ&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Z7JbStsnx2F3PcCB62KWzCff86r-GiaBWIt_pQ&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Jul 2023 14:24:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 11 Jul 2023 14:24:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=20&external_user_id=k-Z7JbStsnx2F3PcCB62KWzCff86r-GiaBWIt_pQ&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
demconf.jpg
dpm.demdex.net/ Frame 49AF
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ztOWcCQMUgwOy61BwILsAy2nQvGpJnZD
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ztOWcCQMUgwOy61BwILsAy2nQvGpJnZD
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ztOWcCQMUgwOy61BwILsAy2nQvGpJnZD
Protocol
HTTP/1.1
Server
99.81.14.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-14-86.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-0e70ad34b.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
E4r+M3rvRGg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v050-0ec6ca8b8.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
rxR3AQU9Tfo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ztOWcCQMUgwOy61BwILsAy2nQvGpJnZD
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame 49AF 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-zyBF4tsnx2F3PcCB62KWzCff86oaVHgzjC9GYA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 11 Jul 2023 14:24:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ul_cb/ Frame 49AF
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-hcR3atsnx2F3PcCB62KWzCff86rWKv0Cdy1TFg
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hcR3atsnx2F3PcCB62KWzCff86rWKv0Cdy1TFg
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hcR3atsnx2F3PcCB62KWzCff86rWKv0Cdy1TFg
Protocol
H2
Server
54.72.234.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-234-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 11 Jul 2023 14:24:32 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hcR3atsnx2F3PcCB62KWzCff86rWKv0Cdy1TFg
access-control-allow-origin
*
date
Tue, 11 Jul 2023 14:24:32 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 49AF 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-dBmBeNsnx2F3PcCB62KWzCff86oDOkXk4yj3IQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:31 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 49AF 		0
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-aGykPNsnx2F3PcCB62KWzCff86qveEMbtE7REw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.135.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-135-227.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:32 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame 49AF 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-oYR9XNsnx2F3PcCB62KWzCff86rAMeJ4KeevOA&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.95 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 14:24:33 GMT
Cache-Control
no-cache
X-TraceId
2a1b3e2f0158bf09ed1f89ebabb52241
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 49AF 		42 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-hdOxPdsnx2F3PcCB62KWzCff86ojn_r7uqfk0A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 11 Jul 2023 14:24:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame 49AF 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-jXjhNNsnx2F3PcCB62KWzCff86rgzhhjL6TP6w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:614d:4b11:6297:e906 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 11 Jul 2023 14:24:32 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 49AF 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-M9xNsdsnx2F3PcCB62KWzCff86pdCXboaY2bNw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 11 Jul 2023 14:24:32 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 49AF 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-5dau9tsnx2F3PcCB62KWzCff86rM3nwUfOAXNQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.209.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Jul 2023 14:24:32 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 10 Jul 2023 14:24:32 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 49AF 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-ZnQqNNsnx2F3PcCB62KWzCff86rxd7rH3qUDsA&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.87.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-87-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:32 GMT
content-length
0
put
e1.emxdgt.com/ Frame 49AF 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-C-F2D9snx2F3PcCB62KWzCff86rEzqp4lv0NdA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.162.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-162-173.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:32 GMT
server
awselb/2.0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=318293237&t=timing&ni=0&_s=2&dl=https%3A%2F%2Fwww.flylevel.com%2F&ul=en-us&de=UTF-8&dt=LEVEL%20%7C%20Airline%20Tickets%20and%20Fares%20-%20Search&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2372&pdt=16&dns=0&rrt=1&srt=268&tcp=0&dit=1284&clt=1353&_gst=1371&_gbt=1751&_u=aCDAgUALAAAAAGAEK~&jid=&gjid=&cid=712395196.1689085471&tid=UA-107505121-1&_gid=314426848.1689085472&gtm=45He37a0n81KFT37DM&cg1=home&cg2=en&cd19=en&cd20=https%3A%2F%2Fwww.flylevel.com%2F&cd1=712395196.1689085471&z=1908716287
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 02:11:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44011
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=318293237&t=event&ni=0&_s=3&dl=https%3A%2F%2Fwww.flylevel.com%2F&ul=en-us&de=UTF-8&dt=LEVEL%20%7C%20Airline%20Tickets%20and%20Fares%20-%20Search&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Promotion&ea=home&el=View&_u=aCDAgUALAAAAAGAMK~&jid=&gjid=&cid=712395196.1689085471&tid=UA-107505121-1&_gid=314426848.1689085472&gtm=45He37a0n81KFT37DM&cg1=home&cg2=en&cd19=en&cd20=https%3A%2F%2Fwww.flylevel.com%2F&cd1=712395196.1689085471&promo1id=EN_JFK_BCN_HOME&promo1nm=HOME_DESTINATIONS_EN&promo1cr=EN_JFK_BCN_HOME&promo1ps=1&promo2id=EN_LAX_BCN_HOME&promo2nm=HOME_DESTINATIONS_EN&promo2cr=EN_LAX_BCN_HOME&promo2ps=2&promo3id=EN_SFO_BCN_HOME&promo3nm=HOME_DESTINATIONS_EN&promo3cr=EN_SFO_BCN_HOME&promo3ps=4&promo4id=EN_BOS_BCN_HOME&promo4nm=HOME_DESTINATIONS_EN&promo4cr=EN_BOS_BCN_HOME&promo4ps=3&z=626837884
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 02:11:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44011
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
d0565141-f8e8-42dc-ae25-1a3ff10345f3
https://www.flylevel.com/ 		9 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.flylevel.com/d0565141-f8e8-42dc-ae25-1a3ff10345f3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4544263983373c9dfdb45b93facb3deaff4d35090bf181b281dabaecac10a6c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
8859
Content-Type
application/javascript
ld.js
dynamic.criteo.com/js/ld/ Frame 8ED5 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=95327
Requested by
Host: 12334432.fls.doubleclick.net
URL: https://12334432.fls.doubleclick.net/activityi;dc_pre=CP-m1dzthoADFVTJsgodSykE6g;src=12334432;type=level;cat=hpg_l0;ord=9335714534064;gtm=45He37a0;auiddc=1581496747.1689085471;u1=Pa%C3%ADsDE;u2=en;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.flylevel.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6e597a8ce1fa2fab9e374d369c0a34c8abd5c464d24207555040679c737334ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12334432.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
ld.js
dynamic.criteo.com/js/ld/ Frame 8ED5 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=95387
Requested by
Host: 12334432.fls.doubleclick.net
URL: https://12334432.fls.doubleclick.net/activityi;dc_pre=CP-m1dzthoADFVTJsgodSykE6g;src=12334432;type=level;cat=hpg_l0;ord=9335714534064;gtm=45He37a0;auiddc=1581496747.1689085471;u1=Pa%C3%ADsDE;u2=en;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.flylevel.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a99c0ce13080dc79f40974fae52bf1034f9d00b1ad0b754e38da8bf11a31f170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12334432.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
dc_pre=CP-m1dzthoADFVTJsgodSykE6g;src=12334432;type=level;cat=hpg_l0;ord=9335714534064;gtm=45He37a0;auiddc=*;u1=Pa%C3%ADsDE;u2=en;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fw...
adservice.google.com/ddm/fls/z/ Frame 8ED5 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CP-m1dzthoADFVTJsgodSykE6g;src=12334432;type=level;cat=hpg_l0;ord=9335714534064;gtm=45He37a0;auiddc=*;u1=Pa%C3%ADsDE;u2=en;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.flylevel.com%2F
Requested by
Host: 12334432.fls.doubleclick.net
URL: https://12334432.fls.doubleclick.net/activityi;dc_pre=CP-m1dzthoADFVTJsgodSykE6g;src=12334432;type=level;cat=hpg_l0;ord=9335714534064;gtm=45He37a0;auiddc=1581496747.1689085471;u1=Pa%C3%ADsDE;u2=en;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.flylevel.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12334432.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
r.clarity.ms/ 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.flylevel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.flylevel.com
Date
Tue, 11 Jul 2023 14:24:32 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
UT041We7vofYjDufUefl.js
tags.creativecdn.com/ Frame 8ED5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.creativecdn.com/UT041We7vofYjDufUefl.js
Requested by
Host: 12334432.fls.doubleclick.net
URL: https://12334432.fls.doubleclick.net/activityi;dc_pre=CP-m1dzthoADFVTJsgodSykE6g;src=12334432;type=level;cat=hpg_l0;ord=9335714534064;gtm=45He37a0;auiddc=1581496747.1689085471;u1=Pa%C3%ADsDE;u2=en;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.flylevel.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.98.198 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
198.98.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12334432.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 13:37:13 GMT
content-encoding
gzip
age
2839
x-guploader-uploadid
ADPycduoadLTs9ebQRjHNbK6HKW5EOephqfzITv19yv09RkJS_ybStKQXkwySX7a0YANMCVDkjzjjUQmWUHytXwz18Z8Tg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1741
last-modified
Tue, 07 Feb 2023 15:08:17 GMT
server
UploadServer
etag
"7dd71e4b922b44d4a1b639cea2047fcd"
vary
Accept-Encoding
x-goog-generation
1675782497155976
x-goog-hash
crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
content-type
application/javascript
cache-control
public,max-age=0
x-goog-stored-content-length
1741
accept-ranges
bytes
syncframe
gum.criteo.com/ Frame 543E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.flylevel.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=95387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://12334432.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 14:24:32 GMT
server
Kestrel
server-processing-duration-in-ticks
671247
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usermatch.gif
beacon.krxd.net/ Frame 49AF
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=o3UZ6H_8uZg-45V4jaTLP-y3JMFnts-f
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=o3UZ6H_8uZg-45V4jaTLP-y3JMFnts-f
Protocol
H2
Server
52.16.150.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-150-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
beacon-n010-dub-prod.krxd.net
date
Tue, 11 Jul 2023 14:24:32 GMT
cache-control
private, no-cache, no-store
x-request-time
D=41 t=1689085472
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=o3UZ6H_8uZg-45V4jaTLP-y3JMFnts-f
date
Tue, 11 Jul 2023 14:24:32 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
689360
content-length
0
provider.html
api.flocktory.com/v2/provider/ Frame 632C 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.flocktory.com/v2/provider/provider.html
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.122.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-122-47.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
dde19c00156fa9aaf2943c7e85e6f09640a2d546ecacc60435bdb630e4d56837

Request headers

Referer
https://www.flylevel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
public, must-revalidate, proxy-revalidate, max-age=604800
Connection
keep-alive
Content-Encoding
br
Content-Length
14007
Content-Type
text/html
Date
Tue, 11 Jul 2023 14:24:32 GMT
ETag
W/"58501bae4cfa7ab42c180d63859c1088"
Last-Modified
Tue, 07 Feb 2023 11:42:21 GMT
Server
openresty
Vary
Accept-Encoding
x-amz-id-2
ADP3LrbASVFeE7yWbqg1iD/t9IP1ZBWVPSsoYRIUyiC4AwtdvP3kdp1Prd9YNvBvn3KDTqdF0rI=
x-amz-meta-s3cmd-attrs
atime:1675770093/ctime:1675770096/gid:0/gname:root/md5:58501bae4cfa7ab42c180d63859c1088/mode:33188/mtime:1675770093/uid:0/uname:root
x-amz-request-id
WMKCJD6RJHW17DYJ
x-amz-server-side-encryption
AES256
setup-api.js
api.flocktory.com/u_shaman/ 		36 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.flocktory.com/u_shaman/setup-api.js?body=%7B%22siteId%22%3A%223405%22%2C%22utm%22%3A%7B%22source%22%3A%22%22%2C%22medium%22%3A%22%22%2C%22campaign%22%3A%22%22%2C%22term%22%3A%22%22%2C%22content%22%3A%22%22%7D%2C%22site-session-id%22%3A%22d7ae371d-b346-4d46-b088-a33c1d148cad-8%22%7D&callback=flock_jsonp_1
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.122.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-122-47.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
a5473d507513b2849236a261733d530bb42225f01f09a228552d00cfacea4326
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;
Strict-Transport-Security max-age=31536000; includeSubdomains, max-age=604800;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;
Content-Encoding
br
x-content-type-options
nosniff
Date
Tue, 11 Jul 2023 14:24:32 GMT
x-envoy-decorator-operation
site-api.production.svc.cluster.local:80/*
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubdomains, max-age=604800;
x-envoy-upstream-service-time
36
Connection
keep-alive
Content-Length
4022
x-xss-protection
1; mode=block
Server
openresty
x-download-options
noopen
Vary
Accept-Encoding
x-frame-options
DENY
Content-Type
application/javascript; charset=utf-8
sid
mug.criteo.com/ Frame 543E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=12334432.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=www.flylevel.com&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=FgZicHxGMFJlTXo4OXFybFQrekhZN0h2UTY3QkZzUEltYjRqRVowa0ZVdHJDdk5sRDc2dmVydktab0RQZWdGV00vZEgxUlJETzdwZklwM2ZVTmpiUFVIbzZUZmNnYXJhdGRKa2x6MnFqRnpDSFQ1Z1BhdEVubjlsTDVTan...
428 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FgZicHxGMFJlTXo4OXFybFQrekhZN0h2UTY3QkZzUEltYjRqRVowa0ZVdHJDdk5sRDc2dmVydktab0RQZWdGV00vZEgxUlJETzdwZklwM2ZVTmpiUFVIbzZUZmNnYXJhdGRKa2x6MnFqRnpDSFQ1Z1BhdEVubjlsTDVTanpobkdEZnFnVnZQSCtyN0drcC9UUmtFZHVyMGNoaVpNMHJaaHVsR2d2V2ovd1JjOVhCYlFlNEltaWJuRkU2d0Q2ZlE2cmZjUE1rUGtkYWMySnI1TmtheXZUTDNEUmZlV3pIdFhLY2hnaDRFRDk3bzJOTWI0UFYzeTgxUVp0a0I0TElQT1BTQXh4d0NGc1c5dXRNWVhJWlMxNEFoTVhJK1RlazBDeWFScHZ5ZGdlSmljcmxOM2dZUGYvZzdlZGVQenR1cnMzUnlPdXw&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
30224b8e9d5f865f4b034cf45ca86eee3a9152e8e6a434cfec0e029e38fdcb18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
791453
expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:32 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=FgZicHxGMFJlTXo4OXFybFQrekhZN0h2UTY3QkZzUEltYjRqRVowa0ZVdHJDdk5sRDc2dmVydktab0RQZWdGV00vZEgxUlJETzdwZklwM2ZVTmpiUFVIbzZUZmNnYXJhdGRKa2x6MnFqRnpDSFQ1Z1BhdEVubjlsTDVTanpobkdEZnFnVnZQSCtyN0drcC9UUmtFZHVyMGNoaVpNMHJaaHVsR2d2V2ovd1JjOVhCYlFlNEltaWJuRkU2d0Q2ZlE2cmZjUE1rUGtkYWMySnI1TmtheXZUTDNEUmZlV3pIdFhLY2hnaDRFRDk3bzJOTWI0UFYzeTgxUVp0a0I0TElQT1BTQXh4d0NGc1c5dXRNWVhJWlMxNEFoTVhJK1RlazBDeWFScHZ5ZGdlSmljcmxOM2dZUGYvZzdlZGVQenR1cnMzUnlPdXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
277859
content-length
0
expires
0
v2
ams.creativecdn.com/tags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ams.creativecdn.com/tags/v2?type=json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://12334432.fls.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
https://12334432.fls.doubleclick.net
access-control-max-age
3600
content-length
0
date
Tue, 11 Jul 2023 14:24:32 GMT
vary
Origin
v2
ams.creativecdn.com/tags/ Frame 8ED5
Redirect Chain
  • https://ams.creativecdn.com/tags/v2?type=json
  • https://ams.creativecdn.com/tags/v2?type=json&tc=1
423 B
719 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ams.creativecdn.com/tags/v2?type=json&tc=1
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
52a9eb5d6311081b5c5c9a9a1d828c09bc1fe7c9b091d240d2e18188d88de0f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12334432.fls.doubleclick.net/activityi;dc_pre=CP-m1dzthoADFVTJsgodSykE6g;src=12334432;type=level;cat=hpg_l0;ord=9335714534064;gtm=45He37a0;auiddc=1581496747.1689085471;u1=Pa%C3%ADsDE;u2=en;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.flylevel.com%2F?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:33 GMT, Tue, 11 Jul 2023 14:24:33 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
access-control-max-age
3600
access-control-allow-methods
GET, POST
access-control-allow-origin
https://12334432.fls.doubleclick.net
content-type
application/json;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
319
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 11 Jul 2023 14:24:32 GMT
vary
Origin
access-control-max-age
3600
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin
https://12334432.fls.doubleclick.net
access-control-allow-methods
GET, POST
location
https://ams.creativecdn.com/tags/v2?type=json&tc=1
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ultimate.js
api.flocktory.com/underworld/tracks/ 		33 B
33 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.flocktory.com/underworld/tracks/ultimate.js?body=%7B%22data%22%3A%7B%22action%22%3A%22session.page_visit%22%2C%22payload%22%3A%7B%22resolution%22%3A%221600x1200%22%2C%22ga%22%3A%7B%22utmcsr%22%3A%22%22%2C%22utmccn%22%3A%22%22%2C%22utmcmd%22%3A%22%22%2C%22h_utmcsr%22%3A%22%22%2C%22h_utmccn%22%3A%22%22%2C%22h_utmcmd%22%3A%22%22%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.flylevel.com%2F%22%7D%2C%22links%22%3A%7B%22site%22%3A3405%7D%7D%2C%22site-session-id%22%3A%22d7ae371d-b346-4d46-b088-a33c1d148cad-8%22%7D&callback=flock_jsonp_9999
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.122.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-122-47.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=604800;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 14:24:32 GMT
Content-Encoding
br
x-envoy-decorator-operation
tracks-general.production.svc.cluster.local:80/*
Strict-Transport-Security
max-age=604800;
Server
openresty
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
5
Connection
keep-alive
Content-Length
37
set-profile-custom-meta.js
api.flocktory.com/u_flockman/ 		17 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.flocktory.com/u_flockman/set-profile-custom-meta.js?body=%7B%22site-id%22%3A%223405%22%2C%22meta%22%3A%7B%22lang%22%3A%22en%22%7D%2C%22site-session-id%22%3A%22d7ae371d-b346-4d46-b088-a33c1d148cad-8%22%7D&callback=flock_jsonp_2
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.122.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-122-47.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
37749c2ac25a8e0182518c3acf54f0ef510ae4b84bcdd3308e7e34c2696839c4
Security Headers
Name Value
Strict-Transport-Security max-age=604800;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 14:24:32 GMT
Strict-Transport-Security
max-age=604800;
x-envoy-decorator-operation
flockman-external.production.svc.cluster.local:80/*
Server
openresty
Content-Type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
17
set-profile-custom-meta.js
api.flocktory.com/u_flockman/ 		17 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.flocktory.com/u_flockman/set-profile-custom-meta.js?body=%7B%22site-id%22%3A%223405%22%2C%22meta%22%3A%7B%22lang%22%3A%22en%22%7D%2C%22site-session-id%22%3A%22d7ae371d-b346-4d46-b088-a33c1d148cad-8%22%7D&callback=flock_jsonp_3
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.122.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-122-47.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
9960a753371c111732c36ee71751f328a3b25896469d9f66034b9c293a7da7c1
Security Headers
Name Value
Strict-Transport-Security max-age=604800;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 14:24:32 GMT
Strict-Transport-Security
max-age=604800;
x-envoy-decorator-operation
flockman-external.production.svc.cluster.local:80/*
Server
openresty
Content-Type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
17
counter2
top-fwz1.mail.ru/ Frame 6680
Redirect Chain
  • https://top-fwz1.mail.ru/counter?id=2951107;pid=c8d97090-1a73-4d94-85195d83322a3230
  • https://top-fwz1.mail.ru/counter2?id=2951107;pid=c8d97090-1a73-4d94-85195d83322a3230
43 B
960 B 		Document
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter2?id=2951107;pid=c8d97090-1a73-4d94-85195d83322a3230
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime
86400
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
private, no-cache, no-store, max-age=0
content-length
43
content-type
image/gif
date
Tue, 11 Jul 2023 14:24:33 GMT
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
pragma
no-cache
server
nginx
timing-allow-origin
*
x-content-type-options
nosniff

Redirect headers

accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime
86400
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
private, no-cache, no-store, max-age=0
content-length
0
date
Tue, 11 Jul 2023 14:24:33 GMT
location
https://top-fwz1.mail.ru/counter2?id=2951107;pid=c8d97090-1a73-4d94-85195d83322a3230
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
pragma
no-cache
server
nginx
timing-allow-origin
*
x-content-type-options
nosniff
/
wf.frontend.weborama.fr/streampixel/ Frame 7B4E
Redirect Chain
  • https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22c8d97090-1a73-4d94-85195d83322a3230%22%7D&d.r=1689085472878
  • https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22c8d97090-1a73-4d94-85195d83322a3230%22%7D&d.r=1689085472878&bounce=1&random=424968370
67 B
143 B 		Document
General
Check archive.org
Download Go to
Full URL
https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22c8d97090-1a73-4d94-85195d83322a3230%22%7D&d.r=1689085472878&bounce=1&random=424968370
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.176.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
229.176.117.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length
67
content-type
image/gif
date
Tue, 11 Jul 2023 14:24:32 GMT
expires
Tue, 03 Jul 2001 06:00:00 GMT
last-modified
Tue, 11 Jul 2023 14:24:32 GMT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
pragma
no-cache
server
Weborama Collect Frontend
vary
Origin
via
1.1 google

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length
0
date
Tue, 11 Jul 2023 14:24:32 GMT
expires
Tue, 03 Jul 2001 06:00:00 GMT
last-modified
Tue, 11 Jul 2023 14:24:32 GMT
location
https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22c8d97090-1a73-4d94-85195d83322a3230%22%7D&d.r=1689085472878&bounce=1&random=424968370
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
pragma
no-cache
server
Weborama Collect Frontend
vary
Origin
via
1.1 google
cm.gif
ad.mail.ru/ Frame F1C3
Redirect Chain
  • https://tag.rutarget.ru/tag?event=sync&partner=flocktory&external_visitor_id=c8d97090-1a73-4d94-85195d83322a3230
  • https://ad.mail.ru/cm.gif?p=34&id=OtKR8EtQuH2r
43 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/cm.gif?p=34&id=OtKR8EtQuH2r
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=21600
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Cross-Origin-Embedder-Policy
require-corp
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
cross-origin
Date
Tue, 11 Jul 2023 14:24:33 GMT
Expires
Tue, 11 Jul 2023 20:24:33 GMT
Last-Modified
Tue, 11 Jul 2023 14:24:33 GMT
Server
nginx
Timing-Allow-Origin
*

Redirect headers

Connection
close
Content-Length
0
Date
Tue, 11 Jul 2023 14:24:33 GMT
Location
https://ad.mail.ru/cm.gif?p=34&id=OtKR8EtQuH2r
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Server
nginx
Timing-Allow-Origin
*
get-widget.js
api.flocktory.com/u_widget/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.flocktory.com/u_widget/get-widget.js?body=%7B%22version-id%22%3A%22ebdd183f-8b1e-4b66-9c07-393e38b96eaa%22%2C%22locale%22%3A%22ru%22%2C%22site-id%22%3A%223405%22%2C%22campaign-id%22%3A%22605349%22%2C%22flags%22%3A%5B%22render%22%5D%2C%22params%22%3A%5B%7B%22key%22%3A%22campaign_id%22%2C%22value%22%3A%22605349%22%7D%2C%7B%22key%22%3A%22attach_key%22%2C%22value%22%3A%22campaign%22%7D%2C%7B%22key%22%3A%22attach_value%22%2C%22value%22%3A%22605349%22%7D%2C%7B%22key%22%3A%22motivation_id%22%2C%22value%22%3A%22%22%7D%5D%7D&callback=flock_jsonp_4
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.122.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-122-47.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
7673f69676d0b18fc2145faf83c142aaba32d5c46c63ae4d13de524e33d1f31a
Security Headers
Name Value
Strict-Transport-Security max-age=604800;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 14:24:32 GMT
Content-Encoding
br
x-envoy-decorator-operation
widget-public-api.production.svc.cluster.local:80/*
Strict-Transport-Security
max-age=604800;
Server
openresty
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
2
Connection
keep-alive
Content-Length
1056
get-widget.js
api.flocktory.com/u_widget/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.flocktory.com/u_widget/get-widget.js?body=%7B%22version-id%22%3A%22d41d2545-f1f7-4269-aa5a-c19d1627f340%22%2C%22locale%22%3A%22ru%22%2C%22site-id%22%3A%223405%22%2C%22campaign-id%22%3A%22642706%22%2C%22flags%22%3A%5B%22render%22%5D%2C%22params%22%3A%5B%7B%22key%22%3A%22campaign_id%22%2C%22value%22%3A%22642706%22%7D%2C%7B%22key%22%3A%22attach_key%22%2C%22value%22%3A%22campaign%22%7D%2C%7B%22key%22%3A%22attach_value%22%2C%22value%22%3A%22642706%22%7D%2C%7B%22key%22%3A%22motivation_id%22%2C%22value%22%3A%22%22%7D%5D%7D&callback=flock_jsonp_5
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.122.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-122-47.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
0676cd9f4f7b27bdf265af2513dc4191fd77f04a429425616b03d6a613c49e44
Security Headers
Name Value
Strict-Transport-Security max-age=604800;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 14:24:33 GMT
Content-Encoding
br
x-envoy-decorator-operation
widget-public-api.production.svc.cluster.local:80/*
Strict-Transport-Security
max-age=604800;
Server
openresty
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
7
Connection
keep-alive
Content-Length
2714
/
684dd32d.akstat.io/ 		0
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://684dd32d.akstat.io/
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:980::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.flylevel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 11 Jul 2023 14:24:33 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.flylevel.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-XSS-Protection
0
Expires
Tue, 11 Jul 2023 14:24:33 GMT
cs
s.thebrighttag.com/ Frame 49AF
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=-Hij_4QKQqPJuXJ9wy4D8m5KPLjQ9TuY
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=-Hij_4QKQqPJuXJ9wy4D8m5KPLjQ9TuY
Protocol
H2
Server
3.129.79.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-79-137.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:33 GMT
x-bt-requestid
a7cd2780-1ff6-11ee-823a-0000ac1702cf
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=-Hij_4QKQqPJuXJ9wy4D8m5KPLjQ9TuY
date
Tue, 11 Jul 2023 14:24:32 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
2144207
content-length
0
v2
ams.creativecdn.com/tags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ams.creativecdn.com/tags/v2?type=json&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://12334432.fls.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
https://12334432.fls.doubleclick.net
access-control-max-age
3600
content-length
0
date
Tue, 11 Jul 2023 14:24:32 GMT
vary
Origin
custom-activity.js
api.flocktory.com/u_shaman/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.flocktory.com/u_shaman/custom-activity.js?body=%7B%22data%22%3A%5B%7B%22key%22%3A%22url%22%2C%22value%22%3A%22https%3A%2F%2Fwww.flylevel.com%2F%22%7D%2C%7B%22key%22%3A%22category%22%2C%22value%22%3A%22flocktory-precheckout%22%7D%2C%7B%22key%22%3A%22action%22%2C%22value%22%3A%22show-widget%22%7D%2C%7B%22key%22%3A%22label%22%2C%22value%22%3A%22477681-A%22%7D%2C%7B%22key%22%3A%22nonInteraction%22%2C%22value%22%3A%22true%22%7D%2C%7B%22key%22%3A%22utm_source%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22utm_medium%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22utm_campaign%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22utm_term%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22utm_content%22%2C%22value%22%3A%22%22%7D%5D%2C%22site-id%22%3A%223405%22%2C%22campaign-id%22%3A%22605349%22%2C%22label%22%3A%22precheckout-event%22%2C%22site-session-id%22%3A%22d7ae371d-b346-4d46-b088-a33c1d148cad-8%22%7D&callback=flock_jsonp_9999
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.122.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-122-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
custom-activity.js
api.flocktory.com/u_shaman/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.flocktory.com/u_shaman/custom-activity.js?body=%7B%22data%22%3A%5B%7B%22key%22%3A%22url%22%2C%22value%22%3A%22https%3A%2F%2Fwww.flylevel.com%2F%22%7D%2C%7B%22key%22%3A%22category%22%2C%22value%22%3A%22flocktory-precheckout%22%7D%2C%7B%22key%22%3A%22action%22%2C%22value%22%3A%22show-widget%22%7D%2C%7B%22key%22%3A%22label%22%2C%22value%22%3A%22508870-A%22%7D%2C%7B%22key%22%3A%22nonInteraction%22%2C%22value%22%3A%22false%22%7D%2C%7B%22key%22%3A%22utm_source%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22utm_medium%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22utm_campaign%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22utm_term%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22utm_content%22%2C%22value%22%3A%22%22%7D%5D%2C%22site-id%22%3A%223405%22%2C%22campaign-id%22%3A%22642706%22%2C%22label%22%3A%22precheckout-event%22%2C%22site-session-id%22%3A%22d7ae371d-b346-4d46-b088-a33c1d148cad-8%22%7D&callback=flock_jsonp_9999
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.122.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-122-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
fledge-igmembership
fledge-eu.creativecdn.com/ Frame 2B77 		1 KB
907 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fledge-eu.creativecdn.com/fledge-igmembership?ntk=p8jBOvAHrFpFvWJwY_pK_oWUpcdEBWUPUamSV19fxdex3s8tymnGT7KxpP2NmwalxVXo51Zw2poYLwbm0BImYg
Requested by
Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/UT041We7vofYjDufUefl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
5d27b428e23c27b91ad3f210f250e3b65de042ba4782d59ef6d1227e24b6f48b

Request headers

Referer
https://12334432.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
content-length
459
content-type
text/html;charset=utf-8
date
Tue, 11 Jul 2023 14:24:33 GMT Tue, 11 Jul 2023 14:24:33 GMT
expires
Wed, 12 Jul 2023 14:24:33 GMT
origin-trial
AiqqkrAUoJheeZkkH1jxmBePCDyeSQgKpYicTXM6Upqddw0wIqs6UzP2lTFcZ4sjYlt5J0Ogl291NVzxz68oTAYAAABxeyJvcmlnaW4iOiJodHRwczovL2NyZWF0aXZlY2RuLmNvbTo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhwaXJ5IjoxNjk1MTY3OTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
vary
Accept-Encoding
topics-membership
ams.creativecdn.com/ Frame AB2C 		1 KB
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ams.creativecdn.com/topics-membership?ntk=wEB1yR-tIhv8KeC9N1FJCX93UEQ4rICBYQrJ8LlrldgEKdyMt6QFmaQqtZPQNj-BmsKQ0uW6MXCiUhcFbaO2HA
Requested by
Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/UT041We7vofYjDufUefl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
8a2ac4c25eefac87409469a7912c96fde957616ecdafe8f1cbd84c20c5e785e0

Request headers

Referer
https://12334432.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
content-length
735
content-type
text/html;charset=utf-8
date
Tue, 11 Jul 2023 14:24:33 GMT Tue, 11 Jul 2023 14:24:33 GMT
expires
Wed, 12 Jul 2023 14:24:33 GMT
vary
Accept-Encoding
setuid
ib.adnxs.com/ Frame 8ED5 		43 B
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=315&code=ipoS438KMRH0SlOWB3dX
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12334432.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:33 GMT
an-x-request-uuid
78b82fe2-eb81-4399-87fd-48d04ce05c17
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.28; 217.114.218.28; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1918798068340983&ev=Microdata&dl=https%3A%2F%2Fwww.flylevel.com%2F&rl=http%3A%2F%2Fwww.flylevel.com%2F&if=false&ts=1689085473637&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22LEVEL%20%7C%20Airline%20Tickets%20and%20Fares%20-%20Search%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&a=tmgoogletagmanager&ec=1&o=30&it=1689085471883&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Jul 2023 14:24:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=1&c=2692&i=54qzil&p=level_production&s=36504&d=8ER7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTIzIiwiY2xpZW50SWQiOjI2OTIsInB1Ymxpc2hQYXRoIjoibGV2ZWxfcHJvZHVjdE0AoCwiaW5zdGFuY2UzAPAUIjU0cXppbCIsInBhY2tldCI6MSwibW9kZSI6Im9ic2VydmVjAPAOb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJFbmduAPAJIiwicmVxdWVzdHMiOlt7ImRlc3RpbmF0cgDwAzoiaHR0cHM6Ly93d3cuZmx5bJQAsS5jb20vYXBpL3N0JwBwcyIsInR5cHkAwGZldGNoIiwic3RhcpIAwDY4OTA4NTQ3MTMxNIAAR2QiOjEUAIA2LCJzb3VyYzsA0kZFVENIX01BTkFHRVJDANF0dXMiOiJhbGxvd2VkqABAYXNvbqcA1F0sImRhdGFQYXR0ZXISALtsaXN0IjpbXSwiaWgAPzR9LNkABYFiYXQuYmluZ9UAAA0AF2rPAGJzY3JpcHSNAAvQAC4zOdAAJzQx0ACwaW5zZXJ0QmVmb3KJAQAsAQHPAFtibG9ja88AYSJXaGl0ZcAAD9oACQonAAvlAC8zOeUAB-FkeW5hbWljLmNyaXRlb-sA9gRqcy9sZC9sZC5qcz9hPTk1Mzg3xwEP-AAILzQy-AAAGTP4AHJuZXJIVE1MNwECxAEP9QBFLzQy9QBTHzP1AA4P7QFbLzQz-AAHAMUCD9ICIS80N-UAABc32gEibXXwAxJPXgQvckPjAVMfN-sABw_YAjkP_gCfAFMESmljbXOZBfYAMTA0My9iY25fZW4uZ2lm1QMyaW1nkwMLygQuNjH4AQAUAAWaBQDNA_IDSW1hZ2VfU0VUQVRUUklCVVRFTAAC3wMPowUvLzYx5gEHD-gABhAx6ABPLW1ibOwAvQrSAQF8AZFzL0hlYWRlci-DB_AALWxvZ28uc3ZnPzU0MDkyYQgDggcP5gEELjQwuAUBFAAP5gFZLzQwrwUIAuYBD_oAAv8ESWNvbnMvZmx5LXRleHQtaWNvbvwAGw6_BSg0MLQGD-ICUC80MLMFCPEJcmVnaW9uMS5hbmFseXRpY3MuZ29vZ2xlqgf1QGcvY29sbGVjdD92PTImdGlkPUctR1lLWE1DTU0zNCZndG09NDVqZTM3YTAmX3A9MzE4MjkzMjM3Jl9nYXo9MSZjaWQ9NzEyMzk1MTk2LjF_CfAQJnVsPWVuLXVzJnNyPTE2MDB4MTIwMCZ1YWE9JnVhYgUAMGZ2bAcAMG1iPRgAEG0MABFwBQAQdgYA9gV3PTAmX2V1PUFnJl9zPTEmc2lkPd4JQCZzY3QVAIFlZz0wJmRsPUoKnCUzQSUyRiUyRlAKYSUyRiZkciUADyQAC_ANdD1MRVZFTCUyMCU3QyUyMEFpcmxpbmUlMjBUaQcL4HMlMjBhbmQlMjBGYXJlDgDwAC0lMjBTZWFyY2gmZW49cMgE8AB2aWV3Jl9mdj0xJl9uc2kHABBzwgAxZXAuIAAATAP1Bz1ob21lJmVwLmNvbnRlbnRfZ3JvdXAWAAEoALNsYW5ndWFnZT1lbioAA_kLoF9pZD02NTYzMzNTAQBFAPAAdXJyZW5jeV9jb2RlPUVV4goAZgDSIjoic2VuZEJlYWNvblMFCp8FLjQ3aQoBFAAFuQOvU0VOREJFQUNPTj4LAQ96CUQvNDdvCggAywP_BXMuZy5kb3VibGVjbGljay5uZXQvygIMH2OpAgUJ4wJWYWlwPTHWBg8-AQwtODDdBhA0FAAPPgEUD9kGLj80ODDZBgcABQMC6QOidGFnbWFuYWdlcvMDfHRhZy9qcz_sAyBsPfYMp0xheWVyJmN4PWMHAQ-qDAceNHoNNzQ4OdgJD6oMBT9sb2F2DSkfNHYNCA_6AFQO1AkK-gAP0goLDwABLQ-5CggAIgMPuwkCD9MIIA7dBjc1MjLfAQzlABJBZwQCugkP5AAsHzbVBggC5AAP0QdDHTXWAw_0AFY_NDA10gMH8QBuZXh1cy5lbnNpZ2h0ZW7NA3J2dWVsaW5nuQkH0BERL6QR8hdyQ29tcG9uZW50LnBocD9uYW1lc3BhY2U9Qm9vdHN0cmFwcGVyJkwBIEpzGxIfPWUAGgBwBiMvJloScGVkT249VHUuB_ITTm92JTIwMTUlMjAwNjozOTo1MCUyMEdNVCUyMDIwMjImQ50SIEQ9nBJxJlBhZ2VJRKAHH3OhBwkPkgQSLTg2vwEoNzGQCQ-SBEQvODa6Af8vDo0ICroBDG0ECiQQD24ELB84dAgIBlIGFi1GCwCpFBdqPwu3MSZfdj1qMTAxJmEoCxF0FQoCFAoABgoPrQoSBT0Lr2RlPVVURi04JmSbCiqac2Q9MjQtYml0jgsndnCbCyBqZXILsHU9WUNEQWdVQUJBAQDwBkNBRUt-JmppZD04NTA2NjgwNTImZw8AnzczMzU4NDY1NAIMBwBNDPYOVUEtMTA3NTA1MTIxLTEmX2dpZD0zMTQ0MjY4NDgvDIMyJl9zbGM9MXAMEUhwDOJuODFLRlQzN0RNJmNnMRwLMGNnMg8LQmNkMTkIAC8yMDcED08mY2QxpQwDxno9MTA3MDk2MzQ5NF0EMnhocsYGCi0LLjcyGQYBFAAF7wk_WEhSJgsBD-gJLi83MhYGCA-cAv__iwBaCA-sDQEGNwVRdD1kYyZ2DWEmX3I9MyY2DwNHBQ9BBAAPxg0GAJQED6MEBg93BAgL8AQRR_AEABcEdzY1NzE4ODYNDg8XBAYPcQgAGDJ9Gg8XBEcPcwgID3sB_2kPkgUGBjwIDwgcFQ9yBgEINhkPzApEHzNwBggJAhoxcC9hPx6_LzE0OTAxNzY1Ni7bABMvNzbbAAAAFAAFTQcAnAxgbmRDaGlsKBAAzwIP4hxJLzc28wD_CQPkAVUwP3RpPekB8SomdG09Z3RtMDAyJlZlcj0yJm1pZD1lZjE3ZTRjNS00ZmU1LTRkYjctYjE0NC1mMmE3ODIwZGI4NzjLFfUdYTZlN2EzMzAxZmY2MTFlZWFjZWU3YjNiZGRlNTQyZDkmdmlkPWE2ZTgwNWMlAPABOGUyNmFiNTQ4N2I4MTE2NyUAAFQL0G1zY2xraWQ9TiZwaT1oFpAxMDE1MjUmbGeEFlFVUyZzd-kKMSZzaB8AnyZzYz0yNCZ0bO8VKR9weQoQD3QWEKJsdD0xNDExJmV2KgxgTG9hZCZzBwcgcm46HyAzNc0hA84VD4AZBC43N2YbARQABU0DD4QYDw_LFUQvNzd8GwgPSwQ0Hjd-Gig3N_IPDzgOCw_6AEYPkBoICfoAD18D_5AOBhUPYQJyDyAVCACECAlTJf8kRTdHS3RzL3MyX3pjL1lSOWJNLzhBL2FPbTlKMFFjSkovQ241MFhRL1VHOE9LL1c0Y0l4Ew8PLjg1eQQBFAAFeQQP_ApFLzg1WAQID_0A6jhndW2LJfwCc3luY2ZyYW1lP3RvcFVybD0dAfAOJm9yaWdpbj1vbmV0YWcjeyUyMmJ1bmRsZSUyMjoOAAIgAAAOAIAwLCUyMnZhbOQVcDI6bnVsbH0SACBjdx0AQHRydWUOAGBvcHRvdXQSAA89ABIGXgAyJTIyhAAwJTIySQA_c2lkRgAWIXRsLAA4JTIy9QIDSQAC-QAATAA8JTIy_wADJAADWx0DJQBjNV8xNl8xGwAwaWZhFwAPzgASKWxzDAEgcG06ACYwfVwSIGlmjAEPXxIBLjg1SA4BFAAFTAMPEgtbLzg1Xg4ID2UC_____w8tNjiDGxA4FAAFygQPkQtiPzg2OKIbB_IAY29ubmVjdC5mYWNlYm9vUyLvZW5fVVMvZmJldmVudHPaEBQQMwIiKWVuJS4QOJUcBf4AD7URRA8NIg0IGgfwBy9ha2FtLzEzL3BpeGVsXzE3ZjBiOTJLLgNqDg_tFAQvODnxCQAAFAAF3QAP8QlGHznxCRkP3wC_sGNsYXJpdHkubXMvwCM2dWV0dBMGXwgPXC8HLjkyugEBFAAFugEPlwIFDyAPRC85MtEBDA_yAC8Otw0vOTIYEG4vOTK3DQwH-ACEcy8wLjcuOC8TAA9cFRI9MjA5myQCFAAP6wFkAH0AD3oFBwCRCwTgAD9tcy_zACUNPCA4MjA5iCYPcwZhAIMAD_kAB5hzc2x3aWRnZXSvDQFrBgQ0M_ANJnY9NS4xNi4xJnAwPWUlM0RleGQlMjZzaXRlX6gFcSUzRGQmcDEbAFF2aCZwMgoAsmRpcyZhZGNlPTEmyQ3woj0yaTFzMGw5NlRtaHRlSEZXTjAxTlMwVkhVMkpSUkc1UVRFNTFWMnR0YjNwTFZFZENlVEJyYTBwUVpqbGthMDlzVWlVeVJreGFTbmRhZVhoeFdXaGFlVlpJWVNVeVFtVTRjV053YVc5RmVuaFVVeVV5UWtWSllYZDNUbkpTWjNVbE1rWlRUSGRrT0hadVpsTk1UamhVU2xWbFNGUXhhbHBWSlRKQ1RFZFFaVXByZEU5UEQA-CxSamRGT0RSa1RESXhaamxOTVhWMFRYWWxNa0kwYmt3emVrTmxWbkpFYWpWV2R5VXpSQ1V6UkEmdGxkPekGgyZkeT0xJmZ1rRUgMjUkLBA1JiwfNSgsAVI1MkYmcC0AHyUsABEgY2WMK_ATNDdiMjgyZC0yY2VhLTRkYzUtYWU3MC00MDUzYjIxYmViNMEhr3ljYnI9Nzg4MDawBRAuMjFULwIUAAXFAw8PDloAfAAPywL_____9g3wLk8yMTA0ES0ICqQoD0wLQwCDAA-dBQcP2w4C8BBzaWduYWxzL2NvbmZpZy8xOTE4Nzk4MDY4MzQwOTgzDjTnLjkuMTExJnI9c3RhYmwcDg9lDAcvODgfAQEIhwkPZQwFD70pKy84OA8wCA8AAVoNxBU4MjEwAAEPhwoLDwYBLQ-yFQgAZwsIGQkfLxEaQT4yMjN7DAEUAAW2CA8gEEQAegAPAwMHD_0A6idyLl8NA-43BoIKD-kRAz0yMjTcNAIUAA_JAQ0P4gRELzI06zQID-IAzw_BAlQdOCQSIDIyFAAP9QEND-IsLQBmAA--A24A6QAKuBUAlwAH2wcPuwRGHzgKEwjwAGNkbi5xdWFudHVtbWV0cmhDQm9tL3GEByNzLxsAES25PQ-iFhUO9jk_MjMzX0QRD6AGKx8z1zkJUGFwaS5mvkRCdG9yeds0IDIvcAAgZXJGRAH0EAA9MDY0MDW9BAIGAQ9OHQA-MjM4iQYBFAAFywIvaW5LRAAPyQIuLzM4mTcID4o9Qw8ULQYFRjIPgz0tAoQ9ETK5Jw-EPY4gdGWwClBfcG5yczc9AUs9AC0TAkEyAC49D3M9QlcmX2V0PTIjDzs8Cj4yMzkpCwEUAAWfAg95PWEAlwAPhwUHD74CpBFZQUAfM70CkwAoNgDGOSBtbyNL8AomcHIxPXBpRU5fSkZLX0JDTl9IT01FfnBuBwD8BF9ERVNUSU5BVElPTlNfRU5-Y24pAHJscDEmcHIyQwA_TEFYQwATCSkAcmxwMiZwcjNDAD9TRk9DABMJKQBybHA0JnByNEMAP0JPU0MAEwkpAD9scDPMA14nOTB5Kw_OAw0N8R5HMjM5ODsID84DZA_xHggPzgOkAosGHzTOA5MBfAYAxAgyX3Rp70MBEgAPjgZRQGVwbi56ADFpbmd9AIFfc2VjPTIuNKcGFzJCCQ8gRAkRMsVHCxQLARQAD6cGaw_rRwrNMTIzMzQ0MzIuZmxzJUQAay2kdml0eWk7c3JjPSsAETuSAQFDC_IPO2NhdD1ocGdfbDA7b3JkPTkzMzU3MTQ1MzQwNjQ7LEQCnzr2AzthdWlkZGM9MTU4MTQ5Njc0N9A68AMxO3UxPVBhJUMzJUFEc0RFO3W3OhA7_kYQO_5GMDt1Yf5GUDt1YW09BQBwYj0wO3VhcAwAIHB2BgCTdz0wO35vcmVmuBoAthoP2kYEFj_NAQ9dKAY-MjQwDwsBFAAFyQEPmRILD9YPRC80MC4LCAD0DgLBRAt1Pd9wbHVnaW5zL3VhL2Vj9AwTPjIzNiEeEDTROwUBAQ-aFEIAeAAPUgkHD_QMPAHRAQyuAwnkAA_lAQsAMAQPCVMmAGMCD-oABw-iESIuNjIlCxk20AAPkg8ED64CRC82MmYWCA_iACQNBjc4MjYy4TcP4gBdDwY3CA-uAjwBjg8LrgIoNzOfIw-SA0QPog8JD-QAApRwcm92aWRlci8JAEAuaHRtHFcANwY_IjoidwUHLjcwEBgQN5oQBXYED8UfBA-LAysvNzAJGAgP4wA9D6UDAArjAA91BEkfN5MDCQ7qAPALdW5kZXJ3b3JsZC90cmFja3MvdWx0aW1hdGVkErBib2R5PSU3QiUyMgpLMCUyMo1GARAAADgII29uEgBQMjJzZXOCWQLQTUB2aXNp8DCQJTJDJTIycGF5vQEDKwABPQBgcmVzb2x10Q0DFgAlMjISTwASAAE4ABBnZTAFcABgdXRtY3NyHQAA-gcQMgkAASYAABgAFmOIAAkYABBtAzEAQgAWMjAAIGhfMgAPSgABAhoAD0wAAQIaAAtOACI3RN8AMHVybHUAAZYAD3VPDgAqAAQ5AFBsaW5rcxEAIjNBYwEA0hMCEABwMzQwNSU3RAMAAeUAABoAEy1jAREtBTIC1gDwF2Q3YWUzNzFkLWIzNDYtNGQ0Ni1iMDg4LWEzM2MxZDE0OGNhZC04VADBN0QmY2FsbGJhY2s9VRS3X2pzb25wXzk5OTkvCQ-0VAI9Mjg2UDgCFAAFtQMPTjkPD0gULi84Nj44CA_ZAgDgX3NoYW1hbi9zZXR1cC0hADdqcz_RAgBUARZJIQIBcwEAKAIAswIgdXSnMgBkAQGvAgLnAABHAQHmAQAJAAGXAVRtZWRpdSoAADwAEjITAn9jYW1wYWlnlgIAP3RlcjAAAQKAEwBYAAVhAAQmAgCnAA_7AUMHyUEPNhYHLjcyJgo3ODc1yQ8PsAVDHzJ8SAgAzAEBxAIFGRcfde0B_zUA8xgLgQgK7QEPugZKHzP1GQgP9AH_Ry84NdwFAAnhA21yZW1vdmV3QgDUBw8cDScvODXOBQjwCXRvcC1md3oxLm1haWwucnUvY291bnRlcqFT-B8yOTUxMTA3O3BpZD1jOGQ5NzA5MC0xYTczLTRkOTQtODUxOTVkODMzMjJhMzIzqlkPaDgFPjI4N60UARQAAvgFABRhP3BwZXpDVgCQAA84DgcPHAH_ClF3Zi5mckwH8QVkLndlYm9yYW1hLmZyL3N0cmVhbdkzQC8_d2GXQ5M3NjI5Jld2YXLfCgVQBhdfXwkPYAIQALQHUDdEJmQu1FkDfmMAwQEHVAkPeAIID1wHAQgcJQ9cBwQPzg9EHziOHgkPXAH_SpB0YWcucnV0YXL7MCBydc80ET_3MBA9rD6CJnBhcnRuZXK4CwD0CDAmZXiIZTFhbF9qDSBvcgBbD60CEA-VAhIOrTcgMjgUAA8NBWUPxTcJDzkB_ygPYgdcHzhlCAAAFAAFVQIPWQoLD_EERR84hQgID_EEnQBPAQy8CwAUAA9jAYgPvwN7D6MCn_YENjg0ZGQzMmQuYWtzdGF0LmlvL-MFD8cqBB84CzkAARQABSgCD2EXBA_BES8fOdsaCA_LACMPuAsACWUgD8sARw9IIAgPqw4BAV8KA44S-wUtcHJvZmlsZS1jdXN0b20tbWV0YW0VAfURB4kKCZ0SADAAAHcKBDcUABZjAxAAMTIyZXUSDz0STwgKIg8MYQUgMjh0TAuUBBk5CVQP4QoED1wOLB83UDwID54B-Q5rGwqeAQ-VBwsPpQEtD1kbGi91X0MDvgh0Ig9DAwYQOd4dD0MDCg-fEUIfOWBbCQ9DA_kOkB8oOTfqWA_hBEQPdx8ID54B9xA5xxQMPAMJngEPPANDHzfaBBwDqRoDDwgAWR0AkSULEwgHgB0iNUIwHDVrZXn4BwOGHAGXGgSQTgDAGi8yMpQcGAHtGghWAHFjYXRlZ29yZwAPWwAAAZMFAJEQki1wcmVjaGVja-hOA7gcDU8AANsAAjQeD00AAFJzaG93Lf9BANYAAsMIDUMAQWxhYmVwHQ9CAACPNDc3NjgxLUE_AAhAbm9uSUoWD4oACgC4Tw9EAAhCdXRtXy0LACUAD4gAAAAXAA-_AAQAPAAGNhwPPAAfCFocDz4AHwR-HA86AB8DlW0A2gAPPQAHEzUSHw--CgoEwgAIxx5lNjA1MzQ5XQAF5AEBDR0HWwIRLRUTBSgAAWgADxYfZj0zMDBACQIUAAIdAj8iOiIWH08AcQAPLBgHDwsGAQJiA0MvZ2V0bQMLaAQD91EInwH1FWQ0MWQyNTQ1LWYxZjctNDI2OS1hYTVhLWMxOWQxNjI3ZjM0MJUBQWxvY2EqUwJ-BCVydRoAAa8BD9UMBQ8XAgJVNDI3MDZAAERmbGFnMCEQNZMiIHJlvSIAIAAEegJXcGFyYW0kAA0_BARnAAPmFw_MAgAVNnUAD8MDBHNhdHRhY2hfJwUPQgAABGQAAJkAD0QACwWpBQ9GAAAPiAAOABExEXYRfA_NAAcDgwAQNUoiDwAiAw87NhIBrU0KSQcgMzDJJQXqAg_nCEMPQWoJD9wC__85DUUSC9wCDwYPSh84SRIcD78FIPEUZWJkZDE4M2YtOGIxZS00YjY2LTljMDctMzkzZTM4Yjk2ZWFqJwGFBA-_BTkK1gcPvwVUBXUAD3sFCw-_BU4PiAAND78FMwhfOQ9EEAcAj1IPvwUKDwgNQw-gUgoPqx-aPzMwMCYEAQjQNg9DAQQPuhpDAJAAD_cJGw9kDv82bzUwODg3MGQOL0BmYWxzUF4PKw8FACkOAl4JAMQJAZsFBS4KARcNABcAD-MEBAA8AA9lDv8BBdkLAU4BD2UOlR8zeQQAABQAAh0CD2UOVB8zpghPD2UO_-4gMzDmNQymCAnqAg9jBwQPiBoqAHcAD0oHBw9tKVsgMzETXgsDARAxpzkF7QMPAwEED2YIRB8xIF4JD70heD0zMzWcSwIUAA85AV7AMDg1NDczMzUwfV19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:33 GMT
cache-control
no-cache, no-store
server
nginx
expires
Tue, 11 Jul 2023 14:24:32 GMT
level-home-critical.min.css
static.flylevel.com/content/ Frame 904A 		39 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/content/level-home-critical.min.css?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
d9e36985f344f575a2ccd91d54232f0464c5ff2382af3a52dc89ab4b7ef5a27a

Request headers

Referer
Origin
https://www.flylevel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:33 GMT
content-encoding
br
last-modified
Sun, 09 Jul 2023 06:32:57 GMT
server
Akamai Resource Optimizer
etag
"eadcb0891590fdee97c9ea8f76167023:1688541391.361088"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=40934
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
6051
expires
Wed, 12 Jul 2023 01:46:47 GMT
searcher.min.css
static.flylevel.com/content/ Frame 904A 		47 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/content/searcher.min.css?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
287caea6675492bd9f370299444cbfdada45b489fe06a480e9a50f3fab5ccaae

Request headers

Referer
Origin
https://www.flylevel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:34 GMT
content-encoding
br
last-modified
Wed, 05 Jul 2023 21:44:42 GMT
server
Akamai Resource Optimizer
etag
"103378b8b2f13b271b90f38bb73632d8:1688541394.589278"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=53447
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
7058
expires
Wed, 12 Jul 2023 05:15:21 GMT
collect
r.clarity.ms/ 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.flylevel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.flylevel.com
Date
Tue, 11 Jul 2023 14:24:34 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
level-fonts.min.css
static.flylevel.com/content/ Frame 904A 		79 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/content/level-fonts.min.css?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
749ce835e5b2ee4528011092e9c2c39dfdc4ae79b57cffa4ac8922c1fd7eb7ce

Request headers

Referer
Origin
https://www.flylevel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:34 GMT
content-encoding
br
last-modified
Thu, 06 Jul 2023 23:49:23 GMT
server
Akamai Resource Optimizer
etag
"1629483344127cd1c768260cbea4e74e:1688541391.153747"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=76411
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
7633
expires
Wed, 12 Jul 2023 11:38:05 GMT
level-critical.min.css
static.flylevel.com/content/ Frame 904A 		107 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/content/level-critical.min.css?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
db8df7be5ed2fb16f60c3f23393cea4f707d112e93cc2382408d5878e25f4e16

Request headers

Referer
Origin
https://www.flylevel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:35 GMT
content-encoding
br
last-modified
Thu, 06 Jul 2023 09:21:24 GMT
server
Akamai Resource Optimizer
etag
"e5ab471d5d1e50bb934b65a9cd0ac1d8:1688541390.514004"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=24943
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
13337
expires
Tue, 11 Jul 2023 21:20:18 GMT
level-styles.min.css
static.flylevel.com/content/ Frame 904A 		288 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.flylevel.com/content/level-styles.min.css?540920
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:799::2c9e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
b9cf6fe7f3b64bfb21805802a767596497882bc2dc93143a99ae7b7570aca96d

Request headers

Referer
Origin
https://www.flylevel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:35 GMT
content-encoding
br
last-modified
Sun, 09 Jul 2023 08:02:40 GMT
server
Akamai Resource Optimizer
etag
"e9da8ce2a1b3ee8d56c00448312d5540:1688541393.103416"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=46496
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
36688
expires
Wed, 12 Jul 2023 03:19:31 GMT
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=2&c=2692&i=54qzil&p=level_production&s=640&d=8ER7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTIzIiwiY2xpZW50SWQiOjI2OTIsInB1Ymxpc2hQYXRoIjoibGV2ZWxfcHJvZHVjdE0AoCwiaW5zdGFuY2UzAPAUIjU0cXppbCIsInBhY2tldCI6MiwibW9kZSI6Im9ic2VydmVjAPAOb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJFbmduAPAJIiwicmVxdWVzdHMiOlt7ImRlc3RpbmF0cgDwFToiaHR0cHM6Ly9yLmNsYXJpdHkubXMvY29sbGVjdCIsInR5cHAA8At4aHIiLCJzdGFydCI6MTY4OTA4NTQ3NDcwNHUAHWQUAFBzb3VyYzkAslhIUl9NQU5BR0VSQQDRdHVzIjoiYmxvY2tlZJsAQGFzb26aAPEJIldoaXRlbGlzdCJdLCJkYXRhUGF0dGVyHQAxXSwiGgAqOlsnABxpfAAvfSziAMTAMDg1NDc0NzA0fV19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flylevel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:36 GMT
cache-control
no-cache, no-store
server
nginx
expires
Tue, 11 Jul 2023 14:24:35 GMT
/
level-app.quantummetric.com/ Frame 904A 		90 B
913 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://level-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.flylevel.com%2F&t=1689085472573&v=1689085476384&z=1&S=0&N=0&P=0
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.241.246.102 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
102.246.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
751c9331a1b87e1a99b4bedd5d793d67273c19dfb6868f34f040b1a645db7cda
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Jul 2023 14:24:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.flylevel.com
access-control-allow-credentials
true
x-robots-tag
noindex
/
level-app.quantummetric.com/ Frame 904A 		0
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://level-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.flylevel.com%2F&t=1689085472573&v=1689085476386&z=1&Q=1&Y=1&X=f797d78c51a949da21b7aac0b5fc5a12
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.241.246.102 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
102.246.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Jul 2023 14:24:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server
nginx
content-type
application/json
access-control-allow-origin
https://www.flylevel.com
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
0
/
level-app.quantummetric.com/ Frame 904A 		28 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://level-app.quantummetric.com/?s=9fc598efb648a25ecc1303ede9c026b3&H=3216d2db2dca59ef2a305a3e&Q=3
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.241.246.102 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
102.246.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.flylevel.com
access-control-allow-credentials
true
x-robots-tag
noindex
/
level-app.quantummetric.com/ Frame 904A 		0
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://level-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.flylevel.com%2F&t=1689085472573&v=1689085476521&H=3216d2db2dca59ef2a305a3e&s=9fc598efb648a25ecc1303ede9c026b3&U=98848bed141e835ece4de3904bf2a05f&z=1&Q=2&S=0&N=0
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.241.246.102 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
102.246.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Jul 2023 14:24:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server
nginx
content-type
application/json
access-control-allow-origin
https://www.flylevel.com
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
0
/
level-app.quantummetric.com/ Frame 904A 		0
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://level-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.flylevel.com%2F&t=1689085472573&v=1689085476553&H=3216d2db2dca59ef2a305a3e&s=9fc598efb648a25ecc1303ede9c026b3&z=1&S=5801&N=101&P=1
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.241.246.102 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
102.246.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Jul 2023 14:24:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server
nginx
content-type
application/json
access-control-allow-origin
https://www.flylevel.com
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
0
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GYKXMCMM34&gtm=45je37a0&_p=318293237&cid=712395196.1689085471&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&sid=1689085471&sct=1&seg=0&dl=https%3A%2F%2Fwww.flylevel.com%2F&dr=http%3A%2F%2Fwww.flylevel.com%2F&dt=LEVEL%20%7C%20Airline%20Tickets%20and%20Fares%20-%20Search&_s=5
Requested by
Host: www.flylevel.com
URL: https://www.flylevel.com/static/5e6143f0985380dbe0056f634020b2f8b7490013008656
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.flylevel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 14:24:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.flylevel.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| Animation boolean| credentialless object| onbeforetoggle object| onscrollend object| nca object| dataLayer object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart string| bazadebezolkohpepadr object| searcherResources object|  $$__itats/moc. number| ___dm function| ___dto function| $ function| jQuery function| cash function| anime object| M object| Waves object| google_tag_manager object| google_tag_data object| google_optimize function| postscribe object| google_tag_manager_external function| create_UUID function| toQueryString function| isEmpty function| filterObject function| filterArrayByKey function| associativeArrayToArray function| toBool function| removeAllEventListeners function| post function| log function| removeDiacritics boolean| ko object| level function| Globalize object| GooglebQhCsO string| url string| keyToFind undefined| valueFound object| _cf object| bmak string| _sdTrace number| BOOMR_configt object| ensBootstraps object| Bootstrapper object| ensClientConfig boolean| ensBrowserSupported object| gateway string| urhehlevkedkilrobacf function| moment function| DatePicker string| GoogleAnalyticsObject function| ga object| flocktory function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| UET function| UET_init function| UET_push object| Criteo object| criteo_q string| deviceType object| ueto_d5b39b2e23 object| uetq function| clarity function| gtag object| clarityuetq function| QuantumMetricInstrumentationStart object| QuantumMetricAPI number| BOOMR_onload function| qmflate function| _QuantumMetricSymbol function| flock_jsonp_1 object| regex function| flock_jsonp_2 function| flock_jsonp_3 function| flock_jsonp_4 function| flock_jsonp_5

88 Cookies

Domain/Path Name / Value
.flylevel.com/E7GKts/s2_zc/YR9bM/8A/aOm9J0QcJJ/Cn50XQ/UG8OK Name: device
Value: desktop
.flylevel.com/content/fonts/icons Name: device
Value: desktop
.flylevel.com/akam/13 Name: device
Value: desktop
.flylevel.com/static Name: device
Value: desktop
.flylevel.com/api Name: device
Value: desktop
www.flylevel.com/ Name: _userctry
Value: DE
.flylevel.com/ Name: device
Value: desktop
.flylevel.com/ Name: bm_sz
Value: EE25ED4E3EE44E347164F86372B65362~YAAQnKEkF1PnWkOJAQAAseNWRRTIL5PRmdbPdqhRg6o7DrtrLtFk9JjKln62nOWNyZifHKNUBVusN/kVfor8bwZDKDX5xTCeuOho+Oh3C6foXwocYzV9IlekenjHgnCy0HrZ5032od32NLQnWJKdeNZtFCfDC/lcNYmhzActLplj+ikpH5Xt+APM5YZN/x51mg/ZXBZ78syGoot34ZPvUH88iVQh9Ina29HpeP2bz2VksTW/D2GzWRa4seVvLAZwchQcDEONjjIFWv08t0U6q0TduRGbQcz/4RZQkt4+mzjrk/Y8ag==~4470337~3223621
.flylevel.com/ Name: AKA_A2
Value: A
www.flylevel.com/ Name: CurrencyCookie
Value: EUR
www.flylevel.com/ Name: ASP.NET_SessionId
Value: crislib2kq2azvaxnkk3cevp
www.flylevel.com/ Name: CultureCookie
Value: en-GB
www.flylevel.com/ Name: __RequestVerificationToken
Value: 4iaCv1P8L46W4mmIh1rVrC5ULVPny4-FTJbkksxIWT2XWMMcV-3il0LsSmO5rnPjtkC8R4yaLWNR-QjXWQk1xnqE8QA1
.flylevel.com/ Name: bm_mi
Value: B2D8FB5F1AE1283EB6E4EF51CC3892AD~YAAQnKEkF13nWkOJAQAADuZWRRQ70GJd5+eUecEyeItCSqVtEtIkuzDOHyvpcGsqEe0oVF1ciKqHln0HrmVQ+c6uodvQFvNxBI8+/E1sgKbA2d1bYemUu/1qIUwDvc2WQmcRutNKWd9GfriF+T/F9oAVxMh3kJWA1CaGeqyKEDhevZBiR384tjKrq07dygnWQK6Fxnm8/fAV7kiYRHPz1fDRPnkyqHRE4TgtfXvdFez9wDcGliUZ1Imnz0N55XSy55db/mpw5eFaMoCFFc0FHoW3DgTAUhEVBXS1kqQPmqNvUm6nLR0/X8HeQfDlhd8=~1
.flylevel.com/ Name: PIM-SESSION-ID
Value: ZLgQX6IQjhpLovWb
.flylevel.com/ Name: _gcl_au
Value: 1.1.1581496747.1689085471
www.flylevel.com/ Name: AWSALB
Value: RM8EqL+V3QmGvfzCJ5wCeQok0nnDkZj1xgbiAqCYern36oXyyXEsjYkI/HoprutsYtvF69q0BNe5kb4C6H4u6jugivKEBzoFX2/e1xO/dDgtYozxOdqnKktjvIBt
www.flylevel.com/ Name: AWSALBCORS
Value: RM8EqL+V3QmGvfzCJ5wCeQok0nnDkZj1xgbiAqCYern36oXyyXEsjYkI/HoprutsYtvF69q0BNe5kb4C6H4u6jugivKEBzoFX2/e1xO/dDgtYozxOdqnKktjvIBt
.flylevel.com/ Name: bm_sv
Value: 3D75517BDCFB9093B6D58F8F4B208FB3~YAAQnKEkF2fnWkOJAQAAyupWRRTL4ZGB88yUO7H0GXKKmfaNpsdGmawTDa3WZ9CuCvgSBiqILUeGreKOrDR79/NUnL9GGBml5ctB3cK4tSU1mXVkkw8sVrgVWuieTT2Prp8H0iKvjj9ZXVeFtKaZoWLcbeuR5Qr4C4otlGZaemsmNkbAL+niYjaJdJI4VUyMlfogMd2IxA1xQfpm4pbDBp/ZnTtSi1a3Z1I22TzhTh0S36QPzuqnmyfTSf005gZK0wjw~1
.flylevel.com/ Name: _ga
Value: GA1.2.712395196.1689085471
.flylevel.com/ Name: _gid
Value: GA1.2.314426848.1689085472
.flylevel.com/ Name: _dc_gtm_UA-107505121-1
Value: 1
.flylevel.com/ Name: _uetsid
Value: a6e7a3301ff611eeacee7b3bdde542d9
.flylevel.com/ Name: _uetvid
Value: a6e805c01ff611ee8e26ab5487b81167
.bing.com/ Name: MUID
Value: 39C98F21FA2C6AC507C19C6AFB806B9C
.criteo.com/ Name: uid
Value: 9b0f0423-b2ee-46eb-bd80-7cf96f59dc58
www.clarity.ms/ Name: CLID
Value: f20019fc50c442cc88e5d1d9c03cdf3b.20230711.20240710
.flylevel.com/ Name: cto_bundle
Value: 2i1s0l96TmhteHFWN01NS0VHU2JRRG5QTE51V2ttb3pLVEdCeTBra0pQZjlka09sUiUyRkxaSndaeXhxWWhaeVZIYSUyQmU4cWNwaW9FenhUUyUyQkVJYXd3TnJSZ3UlMkZTTHdkOHZuZlNMTjhUSlVlSFQxalpVJTJCTEdQZUprdE9PUyUyRjdFODRkTDIxZjlNMXV0TXYlMkI0bkwzekNlVnJEajVWdyUzRCUzRA
.flylevel.com/ Name: _clck
Value: oyzbu2|2|fd7|0|1287
.flylevel.com/ Name: VUELING_ENSIGHTEN_PRIVACY_BANNER_LOADED
Value: 0
.flylevel.com/ Name: RT
Value: "z=1&dm=flylevel.com&si=992e8013-548c-48d4-890c-ff83802970da&ss=ljydvlsb&sl=1&tt=1u9&bcn=%2F%2F684dd32d.akstat.io%2F&ld=1ub"
.flylevel.com/ Name: _ga_GYKXMCMM34
Value: GS1.1.1689085471.1.0.1689085472.59.0.0
.flylevel.com/ Name: _abck
Value: 83BA2242E24736F641AD117B3FAE7D01~-1~YAAQnKEkF23nWkOJAQAAt+5WRQo0wnCKk9qB5o8ixgxLCQGw2U9FINSAaI/gg7x+f/BKsP3rB6SdZU7bssg2+pmBdWRK+Fz14TI5/CM/NRJ76XYDPgHVIGnyXzj733adwazhP2dKHMnxKTVid5qjehAAMHCOviLbICujO2eXjQt4UBbmiEuTE2QWZUBMwAd2X8i7KijgLI1KcfmQACuh/bxk3B7sUo4K6zVqgSJKhfItX6fIFQNyX9BzwQtQhXAcAO1xq133kDDDr9U2EQYmi/abj67LPTgl2eHXGaZdDd+ovMZ8Vg8acPpX+v3Fr79ucXXUE2TeC5vQ/+lns8W83U5UbL2kIHu/ETjJjNWgelBQWKUiBzk98MHBdf/BKi83ptIZcaVfl3pbqevc~-1~-1~-1
.bidswitch.net/ Name: tuuid
Value: 9746a038-d482-4c6b-a204-de31338b3648
.bidswitch.net/ Name: c
Value: 1689085472
.bidswitch.net/ Name: tuuid_lu
Value: 1689085472
.doubleclick.net/ Name: IDE
Value: AHWqTUkYSlUKjUjBXJeoaOPqpKvUzOkddVOLJegfjQNRYXpOIaESRI3lQGVBOn-YAQg
match.sharethrough.com/ Name: AWSALBCORS
Value: A7xRY6rP5M4MidxPRT09J6O7l47P4OKGtxzSicj7a+/TQLPZ9fJgvNq4DfHyQzvQi1snAe6COBrWJnLC8k2FRIDAEx0DPpY/R7FfMZWQ95TL+lgA1HinpzONZ20p
.media.net/ Name: visitor-id
Value: 3320870728281210000V10
.media.net/ Name: data-c-ts
Value: 1689085472
.media.net/ Name: data-c
Value: k-HXLBC9snx2F3PcCB62KWzCff86oAyQP_ZvGyRA~~3
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 39C98F21FA2C6AC507C19C6AFB806B9C
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 39C98F21FA2C6AC507C19C6AFB806B9C
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.adnxs.com/ Name: uuid2
Value: 4481543812823061371
.flylevel.com/ Name: _clsk
Value: 1l6lmxt|1689085472601|1|1|r.clarity.ms/collect
.demdex.net/ Name: demdex
Value: 68976603523025661322406399754279814057
.casalemedia.com/ Name: CMID
Value: ZK1mIDE6lZ-XfWhcY9Y0MAAA
.casalemedia.com/ Name: CMPS
Value: 5125
.casalemedia.com/ Name: CMPRO
Value: 5125
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.flocktory.com/ Name: __flocktory-web_session2
Value: c8d97090-1a73-4d94-85195d83322a3230
.dpm.demdex.net/ Name: dpm
Value: 68976603523025661322406399754279814057
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22a772f990-1ff6-11ee-a6ea-27f9239f35b0%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22a772f990-1ff6-11ee-a6ea-27f9239f35b0%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22a772f990-1ff6-11ee-a6ea-27f9239f35b0%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22a772f990-1ff6-11ee-a6ea-27f9239f35b0%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-aGykPNsnx2F3PcCB62KWzCff86qveEMbtE7REw%22%2C%22version%22%3A%22criteo%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-hdOxPdsnx2F3PcCB62KWzCff86ojn_r7uqfk0A&KRTB&23144-uid:k-hdOxPdsnx2F3PcCB62KWzCff86ojn_r7uqfk0A&KRTB&23286-uid:k-hdOxPdsnx2F3PcCB62KWzCff86ojn_r7uqfk0A&KRTB&23287-uid:k-hdOxPdsnx2F3PcCB62KWzCff86ojn_r7uqfk0A
.pubmatic.com/ Name: PugT
Value: 1689085471
www.flylevel.com/ Name: flocktory-uuid
Value: d7ae371d-b346-4d46-b088-a33c1d148cad-8
.360yield.com/ Name: tuuid
Value: 626de42a-7de6-462d-8330-6e28b443bee8
.360yield.com/ Name: tuuid_lu
Value: 1689085472
.360yield.com/ Name: um
Value: !38,EmmqnhBzSz-8gJSTpinlizYFUDWEm8n6BONdOWSq4DVzUajwQ-khSINLOX526uzWHXM8xl.W,1696861472
.360yield.com/ Name: umeh
Value: !38,0,1751293472,-1
.krxd.net/ Name: _kuid_
Value: PqwFe6nc
.flylevel.com/ Name: ak_bmsc
Value: FE5F1F5ED60E2AB02C8E8FBDF9646C51~000000000000000000000000000000~YAAQnKEkF27nWkOJAQAAgfBWRRSQjsxsSqe5ItVtVv3UwnKp1guKQsPv2dGnyaEQUvc5fyj3R0/myqkTKls9KnNfXKvB83kpzmGm53g6WOLmtUszln4o4hGf5jD1fhxIyO7RemY1T+GB2WEQRn7XdCavQnZuLjwf2wKKAtVh2jbWRk17EmyramLqQmargELfhjeuQtUsQgly1qsV5fW5UOd1mXI/4m0K42jHErdAxI7fD3MdsGpHXScpmOKSNxQAhrPiHpa5a3Hc8bb3TMbsR1LXaXiTzBrCUUJzDGuQTbRRVBdI1asWjn7J1GD0mxlww6MK2YQCri4WIBhDuB6VXfpW2X9fWvdN/ec58cWHOBP/IhfJfyAJaVjGX7Q2U0VjL0b7XQcImLI3f36/6Q/8+DkIywL3aMoRUa+U3iU+QJ1XgmzJyYjhMtN+MTQ6X8wTE3YwdxWRW/HamspEC1Zm6iG6Jl7NlyXMhja4PyFXkuUjSo2KXYqfgeyO0Flshbi8poNt1GEZtxsHfgIpVoyB78edSIMNwAnzGCDyn2UDJPpa0IMHHIEnEJL0mL6VJV6SpukOfnc2pTjxw40xZR0OtGB7CrQc1I0EqFgkaoUedg==
.weborama.fr/ Name: AFFICHE_W
Value: 4AuNiy@-Jofg11
.creativecdn.com/ Name: u
Value: ipoS438KMRH0SlOWB3dX
.creativecdn.com/ Name: ts
Value: 1689085472
.tremorhub.com/ Name: tvid
Value: bc2a6b95d5aa495f8a4a05388843afbf
.tremorhub.com/ Name: tv_UICR
Value: k-jXjhNNsnx2F3PcCB62KWzCff86rgzhhjL6TP6w
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2E>0eu9Th!]tbx8i_it:z!9CUYaI%_JieFOoWm.OtvoI8iMd`VC?b@U$l/yOnv=PIR.igP=C$RVE:UP4P%6S<QJ9vJ-vN`T5i4x2FEB`3y0XJ'Mz4^hPHIm42@_?A=vg@cd#A^e+.<Q!$tn'r2V.i
.rutarget.ru/ Name: userId
Value: OtKR8EtQuH2r
.rutarget.ru/ Name: sync_71c015090a068e09460994346a52bdbb
Value: OtKR8EtQuH2r|1689085473075
.mail.ru/ Name: VID
Value: 2MjOl92RVNYI0025An1cGM2I:::0-0-0-9c7bee1:CAASEAd8s8s7gE7S-HJLZ_hjBIkaYKgBMaH4vwhG36lWZzd48wYEQwGFW_87w1ulfZU8vg_wQnhlZFZ9yXre8t2WBKE8NEybbNRqUkQrsvKGR7b0VD5KzhYGaymEEmiv8GqbB7w9zjdMJn9bI4yjY2H4Ejlb7w
level-app.quantummetric.com/ Name: s
Value: 9fc598efb648a25ecc1303ede9c026b3
level-app.quantummetric.com/ Name: U
Value: 98848bed141e835ece4de3904bf2a05f
.flylevel.com/ Name: QuantumMetricSessionID
Value: 9fc598efb648a25ecc1303ede9c026b3
.flylevel.com/ Name: QuantumMetricUserID
Value: 98848bed141e835ece4de3904bf2a05f

1 Console Messages

Source Level URL
Text
network error
Message:
A bad HTTP response code (403) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12334432.fls.doubleclick.net
684dd32d.akstat.io
a.twiago.com
ad.360yield.com
ad.mail.ru
ad.yieldlab.net
adservice.google.com
ams.creativecdn.com
api.flocktory.com
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
c.go-mpulse.net
cdn.quantummetric.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
data.privacy.ensighten.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fledge-eu.creativecdn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
level-app.quantummetric.com
match.sharethrough.com
matching.ivitrack.com
momentjs.com
mug.criteo.com
nexus.ensighten.com
p11.techlab-cdn.com
pixel.rubiconproject.com
r.casalemedia.com
r.clarity.ms
region1.analytics.google.com
rtb-csync.smartadserver.com
s.go-mpulse.net
s.thebrighttag.com
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
static.flylevel.com
staticms.flylevel.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tag.rutarget.ru
tags.creativecdn.com
top-fwz1.mail.ru
ups.analytics.yahoo.com
visitor.omnitagjs.com
wf.frontend.weborama.fr
www.clarity.ms
www.facebook.com
www.flylevel.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
x.bidswitch.net
104.102.35.84
141.226.228.48
142.250.185.166
162.19.138.118
172.217.18.2
178.170.196.176
178.250.1.9
178.250.7.11
178.250.7.13
18.184.162.173
18.192.135.227
185.184.8.90
185.255.84.153
185.64.191.210
185.80.39.216
185.86.138.155
185.89.210.46
185.89.210.90
20.119.174.243
2001:4860:4802:34::36
23.218.209.78
2600:1f18:612b:4200:614d:4b11:6297:e906
2606:4700:10::6816:34fc
2606:4700::6810:9919
2620:1ec:48:1::45
2620:1ec:c11::200
2a00:1148:db00::17
2a00:1450:4001:800::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9d
2a02:2638:d::10
2a02:2638:d::d
2a02:26f0:1700:799::2c9e
2a02:26f0:3500:18::1724:a28d
2a02:26f0:3500:892::2c9e
2a02:26f0:480:38d::11a6
2a02:26f0:480:980::11a6
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f173:81:face:b00c:0:25de
3.124.173.63
3.129.79.137
3.65.73.149
3.66.200.156
3.71.149.231
34.117.157.22
34.117.176.229
34.117.98.198
34.251.122.47
34.252.87.220
35.241.246.102
37.157.4.25
52.16.150.30
54.72.234.196
64.74.236.95
65.9.66.103
68.219.88.97
69.173.144.165
76.223.111.18
85.215.5.31
88.221.168.23
95.163.52.67
99.81.14.86
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
060076783862d7980392dfdf22ced5698d470ce32cb2c69ae0a412d72d090695
0676cd9f4f7b27bdf265af2513dc4191fd77f04a429425616b03d6a613c49e44
06808fe941f491e2096d14429a755f28f0d39aaf165a809250d88c13428364d2
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0eb049a6b9847fc4e6b7cf126da805c342bb8b542508731cc7b0471f72df416b
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21461a5fb486a3fa22c9f6f6934fc9b010834e93fd6791867e6bb55d5c468358
2301981eb5eef5f0551aa1026ea364a102c2bf07f39eaa68eb26541d4043cbd4
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
26c0e0f9beb76b68fae59ea92412cad2390a2fc5f2014b6b39b962cf8e4f7ec9
287caea6675492bd9f370299444cbfdada45b489fe06a480e9a50f3fab5ccaae
2910171d488c2e26b7c5123e99c12213ad77d8467f6f5fb4195ab429347b928b
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
30224b8e9d5f865f4b034cf45ca86eee3a9152e8e6a434cfec0e029e38fdcb18
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
376cff28cc4f30931fe90c11fcb69b66b9f6fb3cb83d53229d3246bbc0aa0167
37749c2ac25a8e0182518c3acf54f0ef510ae4b84bcdd3308e7e34c2696839c4
3cea9e76cbdb486cfe4a0832d0661344740f90c34f82687f1730b11868864c34
3e610c49f4e160ec39da286cd0e69f825135c234f9bcb9822604c3a1e271b5e2
40f089fda38b110bb688eec7c1ce9b872b8e0b8ebf6e9ad26754d64b913a470d
422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529
430725b95468277dcbccc27e08e3d873276c0082737310b0b1ad330392511847
4544263983373c9dfdb45b93facb3deaff4d35090bf181b281dabaecac10a6c8
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
47bffb0ea7656af1d2474b82578ae6d6abb7c003bc624e680e90301076c346de
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be1975749006cd1a82c4d044a6675728644029be7b19cb41e2569e75e6eeca1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52a9eb5d6311081b5c5c9a9a1d828c09bc1fe7c9b091d240d2e18188d88de0f4
537968e1abe423a94327a5ddc74a1eec2bf817f3ad21d3b18fb5591e3902734e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5772043d9bc8253b58ed196293dbcfb159fae9993c891c24c4d1df8f706ed87c
5d27b428e23c27b91ad3f210f250e3b65de042ba4782d59ef6d1227e24b6f48b
635652b36663c87b2a4a3ce071ae5a83ae532927395991e5640fb5b955554de7
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
654652f006d13bf87ed5b986ed1ef761bbe272baad5de9cbbf5870c1239ad73a
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6864600ac6d7f0dc001ad8ecbcc75a532950d3d7b17b057c81ff1deb03151360
697e05ecd3408d99820ec8fd2f9258585ec299d2faf6623e8e9930d48e7bbddc
6e597a8ce1fa2fab9e374d369c0a34c8abd5c464d24207555040679c737334ae
749ce835e5b2ee4528011092e9c2c39dfdc4ae79b57cffa4ac8922c1fd7eb7ce
74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb
751c9331a1b87e1a99b4bedd5d793d67273c19dfb6868f34f040b1a645db7cda
7673f69676d0b18fc2145faf83c142aaba32d5c46c63ae4d13de524e33d1f31a
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
811cf1aca5721865ca1e0be248db7d14ef67f97be2339883e756cc9882eb98c6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8378730ac2a5348f4fddd1476ace0245831d69e0bc3c123fafc4ec2647541f08
84024f02f08be9d2aa71d85e6da3f018b8cfdd01a88d88c7dcdde2caf5ff1cc8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2ac4c25eefac87409469a7912c96fde957616ecdafe8f1cbd84c20c5e785e0
8b1fa96582731ce022635f8f43b51a2680708fb39bd7d4c2b211ef3c1b8fb8b9
8eb66ae18f098a3a6d928683528856bdcf2397a00402e840dc9685a6dc891fe8
93932ee5918426f47913b2d44dc28c53a2fb9c326c502f9f1a938616dfa223a9
954e6e474e37d8f0524324f506ea9112eeaff167e306a19bdae67de7eab30feb
994e0285fdcee7312a3477d5383cc5427227ee3a6640588aab121910c37a8fa8
9960a753371c111732c36ee71751f328a3b25896469d9f66034b9c293a7da7c1
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d
a5473d507513b2849236a261733d530bb42225f01f09a228552d00cfacea4326
a5837320362656cb621d7bcf3a68ef6f5113e326a4a53a45e585aeaadc884f05
a99c0ce13080dc79f40974fae52bf1034f9d00b1ad0b754e38da8bf11a31f170
ad80a3f6b1b1b869088b872381b3179a21dccc4e465ec0a00c92824f6462c258
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9cf6fe7f3b64bfb21805802a767596497882bc2dc93143a99ae7b7570aca96d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
beaa47440f04a979659efc2186ddf059650250ebcc02f052054e962fb425944f
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c9dfb9bacec1d8d06aed2171c9571c9c6a82d1150110397107622121df89480b
ca206399ce55bc34cb792a6f193f0ceac4a160cd89afa5496e1895f7e661b22e
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb2f4f8cf185955eee255109e9a56bbd868bf4db3942711f504a9d78363440e
d033aa4984f3d842cdd225313572c48df5462cf4325ccdce731265b15286b058
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d76830caf007f08914142600429535833bdf642c564f01df21e8cc1937820874
d9e36985f344f575a2ccd91d54232f0464c5ff2382af3a52dc89ab4b7ef5a27a
da63f4cdc3e92e467196270b58b9117895b78ea6f2b0c49ca38880a69b3358ea
db8df7be5ed2fb16f60c3f23393cea4f707d112e93cc2382408d5878e25f4e16
dde19c00156fa9aaf2943c7e85e6f09640a2d546ecacc60435bdb630e4d56837
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfb876d18a52412bc544dbf1c1096b2edd4ad9d24e2de2c5cef4d2a574009a4d
e07f859423f9e114a1ee361341d0982dfb47d65b8d8a2a1bde931d5d3306f5b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c625a47ce62af88e478cf993374aea0b5486c1c580ffd6784e275a7a0581a8
ea9bdcdc0297a9099adc003f2b74d79c4be8a5f298cb4719fbcacf62ba794551
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15d0efbde8255667f5a72b6d15514a07af8ed26fc0123dbecd7a57b8571f5f6
f6351a37885974d424142ac5aa4d7411423d0463363c5e8f5e69fb1970a36e67
f8d6b4650145808f7b4c8de2cb6895f53dceb587214a636a320733873a0e536d