share.levi.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 34.204.165.186, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is share.levi.com.
TLS certificate: Issued by R3 on March 24th 2023. Valid for: 3 months.

This is the only time share.levi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	34.204.165.186 34.204.165.186	14618 (AMAZON-AES) (AMAZON-AES)
5	2a02:26f0:350... 2a02:26f0:3500:58d::10f5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2

2 34.204.165.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-165-186.compute-1.amazonaws.com

share.levi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:58d::10f5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

origin.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origin-4.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	xtlo.net origin.xtlo.net — Cisco Umbrella Rank: 31709 origin-4.xtlo.net — Cisco Umbrella Rank: 62243	97 KB
2	levi.com share.levi.com	20 KB
7	2

	Domain	Requested by
4	origin.xtlo.net	share.levi.com origin.xtlo.net
2	share.levi.com	share.levi.com
1	origin-4.xtlo.net	share.levi.com
7	3

This site contains links to these domains. Also see Links.

Domain
www.levi.com

Subject Issuer	Validity	Valid
share.levi.com R3	`2023-03-24` - `2023-06-22`	3 months	crt.sh
media.extole.com GeoTrust RSA CA 2018	`2022-07-25` - `2023-07-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://share.levi.com/zone/optout?journey.campaign_id=7207586515249097828&unsubscribe_type=advocate&unsubscribe_email=g8ddhhredciijb55icknr0gl8lpqpvkmwxhsrjnhqrq%3d
Frame ID: D2E7712F52A61BB21EF269E37584E202
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Levi's® Unsubscribe

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

116 kB
Transfer

161 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.levi.com/US/en_US/

Search URL Search Domain Scan URL

URL: https://www.levi.com/US/en_US/legal/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request optout Show response
share.levi.com/zone/ 11 KB
4 KB 518ms
182ms Document
text/html 34.204.165.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://share.levi.com/zone/optout?journey.campaign_id=7207586515249097828&unsubscribe_type=advocate&unsubscribe_email=g8ddhhredciijb55icknr0gl8lpqpvkmwxhsrjnhqrq%3d

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

34.204.165.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-165-186.compute-1.amazonaws.com

Software

Extole /

Resource Hash

47fd2fcae2899e9f2bbadd1c3b51582cc197058421f6ee59d2ca4a3171a83f70

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.extole.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM https://*.extole.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-expose-headers: X-Extole-Token
cache-control: no-cache
content-encoding: gzip
content-length: 2909
content-security-policy: frame-ancestors https://*.extole.com
content-type: text/html;charset=UTF-8
date: Sat, 29 Apr 2023 05:14:10 GMT
expires: Sat, 29 Apr 2023 05:14:09 GMT
p3p: CP="Please see our privacy policy"
server: Extole
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Accept-Encoding
x-extole-token: I5H90167DS6ROOVBTCNA66QJDC
x-frame-options: ALLOW-FROM https://*.extole.com

GET
H/1.1 200
OK fonts.css
origin.xtlo.net/type=core:clientId=353590424:coreAssetsVersion=103/media/ 3 KB
699 B 54ms
7ms Stylesheet
text/css 2a02:26f0:3500:58d::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.xtlo.net/type=core:clientId=353590424:coreAssetsVersion=103/media/fonts.css
Requested by: Host: share.levi.com
URL: https://share.levi.com/zone/optout?journey.campaign_id=7207586515249097828&unsubscribe_type=advocate&unsubscribe_email=g8ddhhredciijb55icknr0gl8lpqpvkmwxhsrjnhqrq%3d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58d::10f5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: a59ddb5522e173378c060b24d28b15ff8926a631df3e603d205f8a8225a5145c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.levi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 29 Apr 2023 05:14:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 05:06:32 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2591999
Connection: keep-alive
Content-Length: 354

GET
H/1.1 200
OK Levi_s_1661529585068_1664215572983.jpeg
origin.xtlo.net/type=creativeArchive:clientId=353590424:creativeArchiveId=7150772922231778592:version=2:coreAssetsVersion=92/images/ 9 KB
9 KB 54ms
7ms Image
image/jpeg 2a02:26f0:3500:58d::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.xtlo.net/type=creativeArchive:clientId=353590424:creativeArchiveId=7150772922231778592:version=2:coreAssetsVersion=92/images/Levi_s_1661529585068_1664215572983.jpeg
Requested by: Host: share.levi.com
URL: https://share.levi.com/zone/optout?journey.campaign_id=7207586515249097828&unsubscribe_type=advocate&unsubscribe_email=g8ddhhredciijb55icknr0gl8lpqpvkmwxhsrjnhqrq%3d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58d::10f5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: ea7add7d9ba8a0a08fd152858846f5bd6b9817650180c986b18ddff4e58aad7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.levi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 29 Apr 2023 05:14:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 05:14:09 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2591999
Connection: keep-alive
Content-Length: 9268

GET
H2 200 core.js Show response
share.levi.com/ 50 KB
16 KB 109ms
109ms Script
application/javascript 34.204.165.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://share.levi.com/core.js

Requested by

Host: share.levi.com
URL: https://share.levi.com/zone/optout?journey.campaign_id=7207586515249097828&unsubscribe_type=advocate&unsubscribe_email=g8ddhhredciijb55icknr0gl8lpqpvkmwxhsrjnhqrq%3d

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

34.204.165.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-165-186.compute-1.amazonaws.com

Software

Extole /

Resource Hash

e9ac46931311e42b0083a8d536ac4e96d585239253fda4e11950ddc9aaeafb23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.levi.com/zone/optout?journey.campaign_id=7207586515249097828&unsubscribe_type=advocate&unsubscribe_email=g8ddhhredciijb55icknr0gl8lpqpvkmwxhsrjnhqrq%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 05:14:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: Extole
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/javascript
p3p: CP="Please see our privacy policy"
access-control-expose-headers: X-Extole-Token
cache-control: no-transform, max-age=3600
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE

GET
H/1.1 200
OK interstatelevis-black.woff2
origin.xtlo.net/type=core:clientId=353590424:coreAssetsVersion=103/media/ 48 KB
49 KB 31ms
11ms Font
application/octet-stream 2a02:26f0:3500:58d::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.xtlo.net/type=core:clientId=353590424:coreAssetsVersion=103/media/interstatelevis-black.woff2
Requested by: Host: origin.xtlo.net
URL: https://origin.xtlo.net/type=core:clientId=353590424:coreAssetsVersion=103/media/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58d::10f5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: e410cddc369689e0df83d78860810186b78cff295ecc77bf3c12e0174b6dfbab

Request headers

Referer: https://origin.xtlo.net/type=core:clientId=353590424:coreAssetsVersion=103/media/fonts.css
Origin: https://share.levi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 29 Apr 2023 05:14:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 05:14:09 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2591999
Connection: keep-alive
Content-Length: 49386

GET
H/1.1 200
OK interstatewgl-regular.woff2
origin.xtlo.net/type=core:clientId=353590424:coreAssetsVersion=103/media/ 36 KB
36 KB 27ms
7ms Font
application/octet-stream 2a02:26f0:3500:58d::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.xtlo.net/type=core:clientId=353590424:coreAssetsVersion=103/media/interstatewgl-regular.woff2
Requested by: Host: origin.xtlo.net
URL: https://origin.xtlo.net/type=core:clientId=353590424:coreAssetsVersion=103/media/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58d::10f5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: 3dfe2533a710d18155f48a387b9b6aa515e0cd9bc9dee68408978d0ab2acb8e7

Request headers

Referer: https://origin.xtlo.net/type=core:clientId=353590424:coreAssetsVersion=103/media/fonts.css
Origin: https://share.levi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 29 Apr 2023 05:14:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 05:14:09 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2591999
Connection: keep-alive
Content-Length: 36680

GET
H/1.1 200
OK api.js Show response
origin-4.xtlo.net/type=core:clientId=353590424:coreAssetsVersion=103/common/ 4 KB
2 KB 42ms
9ms Script
application/javascript 2a02:26f0:3500:58d::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-4.xtlo.net/type=core:clientId=353590424:coreAssetsVersion=103/common/api.js?site=share.levi.com
Requested by: Host: share.levi.com
URL: https://share.levi.com/core.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58d::10f5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: 004b209f1508a5ad859fa860ac325fb85ed8743ebddef8b32f568b73e2470143

Request headers

Referer: https://share.levi.com/
Origin: https://share.levi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 29 Apr 2023 05:14:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 05:14:09 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2591999
Connection: keep-alive
Content-Length: 1412

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| extole

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.share.levi.com/	1970-01-20 20:11:21	Name: access_token Value: I5H90167DS6ROOVBTCNA66QJDC
			.share.levi.com/	1970-01-20 20:11:21	Name: xtl_bid Value: 7227335817221908087

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://*.extole.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM https://*.extole.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

origin-4.xtlo.net
origin.xtlo.net
share.levi.com
2a02:26f0:3500:58d::10f5
34.204.165.186
004b209f1508a5ad859fa860ac325fb85ed8743ebddef8b32f568b73e2470143
3dfe2533a710d18155f48a387b9b6aa515e0cd9bc9dee68408978d0ab2acb8e7
47fd2fcae2899e9f2bbadd1c3b51582cc197058421f6ee59d2ca4a3171a83f70
a59ddb5522e173378c060b24d28b15ff8926a631df3e603d205f8a8225a5145c
e410cddc369689e0df83d78860810186b78cff295ecc77bf3c12e0174b6dfbab
e9ac46931311e42b0083a8d536ac4e96d585239253fda4e11950ddc9aaeafb23
ea7add7d9ba8a0a08fd152858846f5bd6b9817650180c986b18ddff4e58aad7a

share.levi.com Open in urlscan Pro 34.204.165.186 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

50 %IPv6

2 Domains

3 Subdomains

2 IPs

2 Countries

116 kBTransfer

161 kBSize

2 Cookies

2 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

share.levi.com Open in urlscan Pro
34.204.165.186 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

116 kB
Transfer

161 kB
Size

2
Cookies

7 HTTP transactions
0 data transactions