jikkosoft.com Open in urlscan Pro
2606:4700:3037::6815:53e7 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://owapass.azurewebsites.net/.dial.php/jasr7Pna7Xwigginsq0Hl9yWvB8xa7XB8xr7Pm
Effective URL:
https://jikkosoft.com/wp-info.php
Submission: On March 09 via manual (March 9th 2022, 2:11:51 pm UTC) from GB — Scanned from GB

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 14 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3037::6815:53e7, located in United States and belongs to CLOUDFLARENET, US. The main domain is jikkosoft.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 27th 2022. Valid for: a year.

This is the only time jikkosoft.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Outlook Web Access (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	20.40.202.35 20.40.202.35	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2606:4700:303... 2606:4700:3037::6815:53e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	192.206.144.52 192.206.144.52	10400 (THETORONT...) (THETORONTOSTAR)
1	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
1 33	80.158.4.25 80.158.4.25	6878 (AS6878) (AS6878)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:fb:... 2a02:26f0:fb::5f64:99a9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a03:2880:f25... 2a03:2880:f257:ca:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f05... 2a03:2880:f057:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:6c0... 2a02:26f0:6c00:281::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	35.174.78.146 35.174.78.146	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
61	14

1 20.40.202.35 (Des Moines, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

owapass.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:53e7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jikkosoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.206.144.52 (Toronto, Canada)

ASN10400 (THETORONTOSTAR, CA)

webmail.torstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

logo.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 80.158.4.25 (Germany) 1 redirects

ASN6878 (AS6878, DE)
PTR: ecs-80-158-4-25.reverse.open-telekom-cloud.com

www.levc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
levc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb::5f64:99a9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f257:ca:face:b00c:0:43fe (Munich, Germany)

ASN32934 (FACEBOOK, US)

scontent-muc2-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

images1-focus-opensocial.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f057:10:face:b00c:0:3 (Munich, Germany)

ASN32934 (FACEBOOK, US)

scontent-muc2-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:281::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.174.78.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-5-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.levc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	levc.com 1 redirects www.levc.com levc.com m.levc.com	1 MB
8	cdninstagram.com scontent-muc2-1.cdninstagram.com — Cisco Umbrella Rank: 32698	2 MB
3	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4596 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5392	29 KB
3	gstatic.com fonts.gstatic.com	66 KB
3	torstar.com webmail.torstar.com	38 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 3718	4 KB
2	fbcdn.net scontent-muc2-1.xx.fbcdn.net — Cisco Umbrella Rank: 34071	76 KB
2	jikkosoft.com 1 redirects jikkosoft.com	3 KB
1	googleusercontent.com images1-focus-opensocial.googleusercontent.com — Cisco Umbrella Rank: 148224	31 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	55 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	clearbit.com logo.clearbit.com — Cisco Umbrella Rank: 24264	10 KB
1	azurewebsites.net 1 redirects owapass.azurewebsites.net	386 B
61	14

	Domain	Requested by
32	levc.com	jikkosoft.com levc.com
8	scontent-muc2-1.cdninstagram.com	levc.com
3	fonts.gstatic.com	fonts.googleapis.com
3	webmail.torstar.com	jikkosoft.com
2	www.google-analytics.com	www.googletagmanager.com
2	pi.pardot.com	levc.com pi.pardot.com
2	consentcdn.cookiebot.com	consent.cookiebot.com
2	scontent-muc2-1.xx.fbcdn.net	levc.com
2	jikkosoft.com	1 redirects
1	m.levc.com	pi.pardot.com
1	images1-focus-opensocial.googleusercontent.com	levc.com
1	consent.cookiebot.com	www.googletagmanager.com
1	www.googletagmanager.com	levc.com
1	fonts.googleapis.com	levc.com
1	www.levc.com	1 redirects
1	logo.clearbit.com	jikkosoft.com
1	owapass.azurewebsites.net	1 redirects
61	17

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-27` - `2023-02-27`	a year	crt.sh
webmail.torstar.com Trustwave Organization Validation SHA256 CA, Level 1	`2021-06-18` - `2022-07-19`	a year	crt.sh
clearbit.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
www.levc.at Trusted Secure Certificate Authority 5	`2021-03-17` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
consent.cookiebot.com DigiCert ECC Extended Validation Server CA	`2020-06-11` - `2022-06-11`	2 years	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-12-16` - `2022-03-16`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-16` - `2022-03-16`	3 months	crt.sh
*.cookiebot.com DigiCert SHA2 Secure Server CA	`2021-07-05` - `2022-07-13`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh
m.levc.com R3	`2022-01-14` - `2022-04-14`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://jikkosoft.com/wp-info.php
Frame ID: 3C99B7793F126C7012A7587A5890EDAF
Requests: 5 HTTP requests in this frame

Frame: https://levc.com/
Frame ID: DC091628A71C9A7910ACA5D43160D6AC
Requests: 55 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Frame ID: 90186B7016BE41A46B91A3BCA0D994E9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Levc Security and Quarantine Center

Page URL History Show full URLs

https://owapass.azurewebsites.net/.dial.php/jasr7Pna7Xwigginsq0Hl9yWvB8xa7XB8xr7Pm HTTP 302
https://jikkosoft.com/wp-internet.php?client-request-id=amFzb24ud2lnZ2luc0BsZXZjLmNvbQ== HTTP 302
https://jikkosoft.com/wp-info.php Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

17
Subdomains

14
IPs

3
Countries

3206 kB
Transfer

4287 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://owapass.azurewebsites.net/.dial.php/jasr7Pna7Xwigginsq0Hl9yWvB8xa7XB8xr7Pm HTTP 302
https://jikkosoft.com/wp-internet.php?client-request-id=amFzb24ud2lnZ2luc0BsZXZjLmNvbQ== HTTP 302
https://jikkosoft.com/wp-info.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.levc.com/ HTTP 301
https://levc.com/

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request wp-info.php Show response
jikkosoft.com/
Redirect Chain

https://owapass.azurewebsites.net/.dial.php/jasr7Pna7Xwigginsq0Hl9yWvB8xa7XB8xr7Pm
https://jikkosoft.com/wp-internet.php?client-request-id=amFzb24ud2lnZ2luc0BsZXZjLmNvbQ==
https://jikkosoft.com/wp-info.php

6 KB
2 KB

185ms
185ms

Document
text/html

2606:4700:3037::6815:53e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jikkosoft.com/wp-info.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:53e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a215c8d8221eec7386898f400cef94d15a4132e2b27ed002f5e8bdc3a267502

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Wed, 09 Mar 2022 14:11:43 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate public
pragma: no-cache
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpzEuf6zexNF2fW%2BBWxKkHUhrlgJnRxuQubn3k2P8UPtG4HpFt06S02pnXMZ8Afo%2BLo6E%2FmAw8Et8pChQdwDHh5xr6rCmAjDq70GDSEI0c9Plhh6ujgx%2FlcJOvmBopQtSv5eBgVMWYIl35WL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6e9466c0e82de634-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 09 Mar 2022 14:11:42 GMT
content-type: text/html; charset=UTF-8
location: wp-info.php
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate public
pragma: no-cache
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyBMx7cQ6B79T8Wi5nYA%2Bl0So3bNInQACFSVD8d%2FKTN4hywOrXWV7UzHuAH%2F7etQIbAuqHkVQbKZxmmOjE8SPIV25h1mVtn5b7RNt4%2BVRpdo2Kg1EprITiH4U1JDBfTV0Vn1QeoMiqsur09Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6e9466beee1ee634-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK CookieAuth.dll
webmail.torstar.com/ 78 KB
17 KB 739ms
137ms Stylesheet
text/css 192.206.144.52
THETORONTOSTAR

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.torstar.com/CookieAuth.dll?GetPic?formdir=2&image=styles_responsive.css
Requested by: Host: jikkosoft.com
URL: https://jikkosoft.com/wp-info.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 192.206.144.52 Toronto, Canada, ASN10400 (THETORONTOSTAR, CA),
Reverse DNS
Software: /
Resource Hash: e2edd1c0ce07b5199dca81995c0fb2a7d514c1ec8963c1f29c80b59c9de0e94e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://jikkosoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Cache-control: max-age=604800
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Content-Type: text/css

GET
H/1.1 200
OK CookieAuth.dll Show response
webmail.torstar.com/ 18 KB
18 KB 745ms
138ms Script
application/x-javascript 192.206.144.52
THETORONTOSTAR

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.torstar.com/CookieAuth.dll?GetPic?formdir=2&image=flogon.js
Requested by: Host: jikkosoft.com
URL: https://jikkosoft.com/wp-info.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 192.206.144.52 Toronto, Canada, ASN10400 (THETORONTOSTAR, CA),
Reverse DNS
Software: /
Resource Hash: bf9a7d642c3575e7e97964c6879f2b0df69bbe506c78524b500ab8ae1fa288da

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://jikkosoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Cache-control: max-age=604800
Connection: close
Content-Length: 18740
Content-Type: application/x-javascript

GET
H/1.1 200
OK CookieAuth.dll
webmail.torstar.com/ 2 KB
3 KB 436ms
162ms Image
image/png 192.206.144.52
THETORONTOSTAR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webmail.torstar.com/CookieAuth.dll?GetPic?formdir=2&image=olk_logo_white.png
Requested by: Host: jikkosoft.com
URL: https://jikkosoft.com/wp-info.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 192.206.144.52 Toronto, Canada, ASN10400 (THETORONTOSTAR, CA),
Reverse DNS
Software: /
Resource Hash: d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://jikkosoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection: close
Cache-control: max-age=604800
Content-Length: 2503

GET
H2 200 levc.com
logo.clearbit.com/ 9 KB
10 KB 200ms
68ms Image
image/png 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logo.clearbit.com/levc.com

Requested by

Host: jikkosoft.com
URL: https://jikkosoft.com/wp-info.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-17.fra60.r.cloudfront.net

Software

envoy /

Resource Hash

bb63e683aade2271ff4f76ea0189e3008cd044a7d3eb1c31965e9b24153c252d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://jikkosoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 09:19:06 GMT
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: envoy
age: 103958
content-security-policy-report-only: default-src: 'self'; report-uri https://o13610.ingest.sentry.io/api/6173537/security/?sentry_key=7ac906c405c04da0bad984892f88d1bb
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA60-P1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: xpuGW0GWPwtqrukSWiI553uS4-6Kj8OOSlpIvDN7KmkSxtBCazdLyg==

GET
H/1.1

200
OK

/ Show response
levc.com/ Frame DC09
Redirect Chain

https://www.levc.com/
https://levc.com/

136 KB
18 KB

1013ms
863ms

Document
text/html

80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to

Full URL

https://levc.com/

Requested by

Host: jikkosoft.com
URL: https://jikkosoft.com/wp-info.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

dd7aed030f818e510790ea5dcd27662ab34fecc9da6e8f0c432331d64541265b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://jikkosoft.com/

Response headers

Date: Wed, 09 Mar 2022 14:11:44 GMT
Server: Apache
Link: <https://levc.com/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Cache-Control: max-age=0, no-store, no-cache, must-revalidate
Content-Length: 17549
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 09 Mar 2022 14:11:44 GMT
Server: Apache
Location: https://levc.com/
Content-Length: 225
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 css2
fonts.googleapis.com/ Frame DC09 5 KB
1 KB 192ms
65ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Condensed:ital,wght@1,500;1,600&family=Barlow:wght@400;500;600&display=swap

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee17c6ddc17d6a694add5b3ff58b6aef8981f5269a726588e6086a427a9a0b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 14:11:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Mar 2022 14:11:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Mar 2022 14:11:45 GMT

GET
H/1.1 200
OK style.min.css
levc.com/wp-content/themes/main/app/frontend/dist/assets/css/ Frame DC09 87 KB
15 KB 75ms
64ms Stylesheet
text/css 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to

Full URL

https://levc.com/wp-content/themes/main/app/frontend/dist/assets/css/style.min.css?v1629554178000

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

94e4a4636e34309db84da378649112226c9272c44edd5988bdd0f39c9973c074

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Dec 2021 17:20:14 GMT
Server: Apache
ETag: "15a2e-5d346a2b21d54-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 14504

GET
H/1.1 200
OK style.min.css
levc.com/wp-includes/css/dist/block-library/ Frame DC09 79 KB
11 KB 140ms
63ms Stylesheet
text/css 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to

Full URL

https://levc.com/wp-includes/css/dist/block-library/style.min.css?ver=6dfef6b0e1debe3f8f4e6d445030871a

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Oct 2021 14:37:26 GMT
Server: Apache
ETag: "13abe-5cf56886a84a5-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 10523

GET
H/1.1 200
OK style.min.css
levc.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/ Frame DC09 908 B
711 B 189ms
62ms Stylesheet
text/css 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to

Full URL

https://levc.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Dec 2021 10:44:24 GMT
Server: Apache
ETag: "38c-5d2a02c5dcccd-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 318

GET
H/1.1 200
OK jquery.min.js Show response
levc.com/wp-content/themes/main/app/frontend/dist/assets/js/ Frame DC09 87 KB
31 KB 192ms
65ms Script
application/javascript 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to

Full URL

https://levc.com/wp-content/themes/main/app/frontend/dist/assets/js/jquery.min.js?ver=6dfef6b0e1debe3f8f4e6d445030871a

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 20:07:36 GMT
Server: Apache
ETag: "15d84-5d2bc285be0d9-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2678400, private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 30910

GET
H/1.1 200
OK xdomain-data.js Show response
levc.com/wp-content/plugins/sitepress-multilingual-cms/res/js/ Frame DC09 2 KB
1 KB 189ms
63ms Script
application/javascript 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to

Full URL

https://levc.com/wp-content/plugins/sitepress-multilingual-cms/res/js/xdomain-data.js?ver=4.5.2

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

58c87bd2b89dc90a862e4c6293f20390f52fdb1e685788d7ffe7de1636ad5020

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Dec 2021 10:42:19 GMT
Server: Apache
ETag: "8e6-5d2a024e4b537-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2678400, private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 822

GET
H/1.1 200
OK stream-id1.css
levc.com/wp-content/resources/flow-flow/css/ Frame DC09 5 KB
1 KB 176ms
61ms Stylesheet
text/css 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to

Full URL

https://levc.com/wp-content/resources/flow-flow/css/stream-id1.css?ver=1636034961

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

c263cca7dc92faa70db8ad08cab1041d2a8f5b99d0f29803393cfa10f53e288b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Nov 2021 14:09:21 GMT
Server: Apache
ETag: "1280-5cff712b31df9-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1032

GET
H/1.1 200
OK underscore.min.js Show response
levc.com/wp-includes/js/ Frame DC09 19 KB
8 KB 178ms
63ms Script
application/javascript 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to

Full URL

https://levc.com/wp-includes/js/underscore.min.js?ver=1.13.1

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Oct 2021 14:36:06 GMT
Server: Apache
ETag: "4a84-5cf5683a0af45-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2678400, private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7319

GET
H/1.1 200
OK jquery.min.js Show response
levc.com/wp-content/themes/main/app/frontend/dist/assets/js/ Frame DC09 87 KB
31 KB 195ms
65ms Script
application/javascript 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to

Full URL

https://levc.com/wp-content/themes/main/app/frontend/dist/assets/js/jquery.min.js?ver=v1629554178000

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 20:07:36 GMT
Server: Apache
ETag: "15d84-5d2bc285be0d9-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2678400, private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 30910

GET
H/1.1 200
OK vendor.min.js Show response
levc.com/wp-content/themes/main/app/frontend/dist/assets/js/ Frame DC09 354 KB
106 KB 254ms
71ms Script
application/javascript 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to

Full URL

https://levc.com/wp-content/themes/main/app/frontend/dist/assets/js/vendor.min.js?ver=v1629554178000

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

ec6693b047cc1608435ab531177863bf291369b6c4bbb382aaadcd9ac3b4d5ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 20:07:36 GMT
Server: Apache
ETag: "58771-5d2bc285fd879-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2678400, private
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK main.js Show response
levc.com/wp-content/themes/main/app/frontend/dist/assets/js/ Frame DC09 18 KB
6 KB 246ms
62ms Script
application/javascript 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to

Full URL

https://levc.com/wp-content/themes/main/app/frontend/dist/assets/js/main.js?ver=v1629554178000

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

b23254caa13f2ab0b5efce1a91a5938dc79fd4bead158acb5133382d6a1dd317

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 20:07:36 GMT
Server: Apache
ETag: "4755-5d2bc285c4e39-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2678400, private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5353

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame DC09 152 KB
55 KB 198ms
76ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TV5SFGZ

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b4011b86e70d2c5446ceff03fb0ca8c69aa7c0ad57d5030aa1d56f6e5d50b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 14:11:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56049
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Mar 2022 14:11:45 GMT

GET
H2 200 HTxyL3I-JCGChYJ8VI-L6OO_au7B6xTrB3Xmu4kG.woff2
fonts.gstatic.com/s/barlowcondensed/v11/ Frame DC09 22 KB
23 KB 263ms
132ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v11/HTxyL3I-JCGChYJ8VI-L6OO_au7B6xTrB3Xmu4kG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:ital,wght@1,500;1,600&family=Barlow:wght@400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e020fe384e6b7ca4629d67540ea087125f55bd43864f3caf2263e889a33d9203

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://levc.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 00:57:06 GMT
x-content-type-options: nosniff
age: 566079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22972
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:04:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 03 Mar 2023 00:57:06 GMT

GET
H2 200 HTxyL3I-JCGChYJ8VI-L6OO_au7B6xTrK3Lmu4kG.woff2
fonts.gstatic.com/s/barlowcondensed/v11/ Frame DC09 22 KB
23 KB 225ms
103ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v11/HTxyL3I-JCGChYJ8VI-L6OO_au7B6xTrK3Lmu4kG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:ital,wght@1,500;1,600&family=Barlow:wght@400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3086a32053f79b6871eec001790b9bf29ef8440a87e339cc33dbd71409ea5cc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://levc.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 00:18:23 GMT
x-content-type-options: nosniff
age: 568402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23020
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:04:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 03 Mar 2023 00:18:23 GMT

GET
H/1.1 200
OK logo.svg
levc.com/wp-content/themes/main/app/frontend/dist/assets/img/ui/ Frame DC09 8 KB
4 KB 62ms
61ms Image
image/svg+xml 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/themes/main/app/frontend/dist/assets/img/ui/logo.svg

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

97ae4c70e082c4be03d41789e8ac9496b0911c8c456844576cade5c6070d9627

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 20:08:10 GMT
Server: Apache
ETag: "1e6f-5d2bc2a619477-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3547

GET
H/1.1 200
OK uk.jpg
levc.com/wp-content/uploads/flags/ Frame DC09 9 KB
9 KB 62ms
61ms Image
image/jpeg 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/uploads/flags/uk.jpg

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

84a08d3164157b2331bb874dce14fd50a93c591e6e0aeb766a72d96b2e0f03cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Oct 2021 16:58:34 GMT
Server: Apache
ETag: "22ab-5cf5881264f75"
Content-Type: image/jpeg
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8875

GET
H/1.1 200
OK Germany.jpg
levc.com/wp-content/uploads/flags/ Frame DC09 4 KB
4 KB 62ms
62ms Image
image/jpeg 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/uploads/flags/Germany.jpg

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

aaf5c9d54cb740e15bf0bb31b89f687da4ebbd6e9ec99c776a690286369e9c97

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 08:36:01 GMT
Server: Apache
ETag: "f28-5d2b27f182851"
Content-Type: image/jpeg
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3880

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v11/ Frame DC09 21 KB
21 KB 159ms
56ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v11/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:ital,wght@1,500;1,600&family=Barlow:wght@400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://levc.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:52:05 GMT
x-content-type-options: nosniff
age: 584380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21144
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:06:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:52:05 GMT

GET
H/1.1 200
OK Greece.jpg
levc.com/wp-content/uploads/flags/ Frame DC09 19 KB
19 KB 63ms
62ms Image
image/jpeg 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/uploads/flags/Greece.jpg

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

912336b3c4d93cec86b3570a6aa99ada061a5120b6b494d34e8a7ce8dc2b0fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 08:36:47 GMT
Server: Apache
ETag: "4b9b-5d2b281d360e0"
Content-Type: image/jpeg
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19355

GET
H/1.1 200
OK Austria.jpg
levc.com/wp-content/uploads/flags/ Frame DC09 18 KB
18 KB 63ms
63ms Image
image/jpeg 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/uploads/flags/Austria.jpg

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

5f6f4742147cf363c38bf5baa7dcbc057c3abb4a34b195837e1aaf611c166313

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 20:04:56 GMT
Server: Apache
ETag: "476d-5d2bc1ed05425"
Content-Type: image/jpeg
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18285

GET
H/1.1 200
OK Belgium.jpg
levc.com/wp-content/uploads/flags/ Frame DC09 17 KB
18 KB 62ms
62ms Image
image/jpeg 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/uploads/flags/Belgium.jpg

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

cb39e2e9178e102fdfa9e8c3ab3abf57ee6bee6f35389536f7e6bfd1b454a76e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 19:41:10 GMT
Server: Apache
ETag: "4566-5d2bbc9daa097"
Content-Type: image/jpeg
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 17766

GET
H/1.1 200
OK belgium.jpg
levc.com/wp-content/themes/main/app/frontend/dist/assets/img/ui/flags/ Frame DC09 17 KB
18 KB 62ms
61ms Image
image/jpeg 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/themes/main/app/frontend/dist/assets/img/ui/flags/belgium.jpg

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

cb39e2e9178e102fdfa9e8c3ab3abf57ee6bee6f35389536f7e6bfd1b454a76e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 20:08:48 GMT
Server: Apache
ETag: "4566-5d2bc2ca88742"
Content-Type: image/jpeg
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 17766

GET
H/1.1 200
OK malta.jpg
levc.com/wp-content/themes/main/app/frontend/dist/assets/img/ui/flags/ Frame DC09 17 KB
18 KB 62ms
62ms Image
image/jpeg 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/themes/main/app/frontend/dist/assets/img/ui/flags/malta.jpg

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

4493416e79510d70f7126227417d64a9eecb8f12b925bb2ebbc7bb62643a9ca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 20:08:48 GMT
Server: Apache
ETag: "44be-5d2bc2cad4a03"
Content-Type: image/jpeg
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 17598

GET
H/1.1 200
OK egypt.jpg
levc.com/wp-content/themes/main/app/frontend/dist/assets/img/ui/flags/ Frame DC09 3 KB
3 KB 61ms
61ms Image
image/jpeg 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/themes/main/app/frontend/dist/assets/img/ui/flags/egypt.jpg

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

c6777c8b1656f42b103fca3d868b8dab3db7ce04597ba3877a6e8df9d16b264d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 20:08:48 GMT
Server: Apache
ETag: "ab3-5d2bc2cab84e3"
Content-Type: image/jpeg
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2739

GET
H/1.1 200
OK israel.jpg
levc.com/wp-content/themes/main/app/frontend/dist/assets/img/ui/flags/ Frame DC09 18 KB
18 KB 62ms
61ms Image
image/jpeg 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/themes/main/app/frontend/dist/assets/img/ui/flags/israel.jpg

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

0cf9dc1fde0cc87d471eeb293700e7488967fa876929ea8e15005976c53ad437

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 20:08:48 GMT
Server: Apache
ETag: "480e-5d2bc2caba423"
Content-Type: image/jpeg
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 18446

GET
H/1.1 200
OK VN5-Location-Shoot_2400x1601px-1920x1281.jpg.webp
levc.com/wp-content/uploads/ Frame DC09 187 KB
188 KB 72ms
62ms Image
image/webp 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/uploads/VN5-Location-Shoot_2400x1601px-1920x1281.jpg.webp

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

28ad0601899ef52974c293e92bfd824476f3552912e234c00960942d11779fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 01 Dec 2021 17:11:18 GMT
Server: Apache
ETag: "2ece0-5d218c327342a"
Content-Type: image/webp
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 191712

GET
H/1.1 200
OK public.js Show response
levc.com/wp-content/plugins/flow-flow/js/ Frame DC09 159 KB
46 KB 67ms
67ms Script
application/javascript 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to

Full URL

https://levc.com/wp-content/plugins/flow-flow/js/public.js?ver=4.8.6

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

12ecd5d2c7c044730560598d5b441e2aef8737e94a89c982e250ea59ca0e4460

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Oct 2021 14:42:46 GMT
Server: Apache
ETag: "27b22-5cf569b82a7bb-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2678400, private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 46851

GET
H/1.1 200
OK public.css
levc.com/wp-content/plugins/flow-flow/css/ Frame DC09 83 KB
15 KB 72ms
65ms Stylesheet
text/css 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to

Full URL

https://levc.com/wp-content/plugins/flow-flow/css/public.css?ver=4.8.6

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

90f1f0cdf85c481c641807bac089335e35f5696de6e57647bc696f04bdc66c17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Oct 2021 14:42:46 GMT
Server: Apache
ETag: "14c4a-5cf569b77ca79-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 15418

GET
H/1.1 200
OK admin-ajax.php Show response
levc.com/wp-admin/ Frame DC09 22 KB
22 KB 239ms
218ms XHR
application/json 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to

Full URL

https://levc.com/wp-admin/admin-ajax.php?shop=levc.com&action=fetch_posts&stream-id=1&disable-cache=&hash=1646824558.763a38ddf50166092a4169f137e1d0a350505d0c9d9d2b538386b5f63cd1910b85612a4bc329445d1e9d86a0f64bdfb9&page=0&preview=0&token=&boosted=0

Requested by

Host: levc.com
URL: https://levc.com/wp-content/themes/main/app/frontend/dist/assets/js/jquery.min.js?ver=v1629554178000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

2c7deb12dd82c851c24560be2ab2fc70fe5c35cd7efff03eaa1c9851a1a9751c

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://levc.com/
X-Requested-With: XMLHttpRequest
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:45 GMT
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Cache-Control: no-cache, must-revalidate, max-age=0, max-age=0, no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=97
X-Content-Type-Options: nosniff, nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 uc.js Show response
consent.cookiebot.com/ Frame DC09 90 KB
28 KB 295ms
59ms Script
application/javascript 2a02:26f0:fb::5f64:99a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=b2a27827-869a-4bbd-a3ee-918ea24bf0bb
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV5SFGZ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb::5f64:99a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6da249cfb9cea57b5c1c44f5bdd47a70f717611e9242b3d1620ca9a69f99991b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 14:11:46 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 13:16:17 GMT
etag: "5c601dcb733d81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=785
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges: bytes
content-length: 27854
expires: Wed, 09 Mar 2022 14:24:51 GMT

GET
H2 200 275402678_162145976160789_8697952123321650497_n.jpg
scontent-muc2-1.cdninstagram.com/v/t51.29350-15/ Frame DC09 296 KB
296 KB 203ms
67ms Image
image/jpeg 2a03:2880:f257:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-muc2-1.cdninstagram.com/v/t51.29350-15/275402678_162145976160789_8697952123321650497_n.jpg?_nc_cat=104&ccb=1-5&_nc_sid=8ae9d6&_nc_ohc=yNVuUR8LNBQAX_f9NxW&_nc_ht=scontent-muc2-1.cdninstagram.com&edm=AL-3X8kEAAAA&oh=00_AT8DE692F93IAAWS0wBkdtjxQ-Cew5gRM-9efVSNhTCoFg&oe=622D4F1F
Requested by: Host: levc.com
URL: https://levc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f257:ca:face:b00c:0:43fe Munich, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fc8b92fb7ac5d8c8a66154a29abe93aad6fd7ceaa21fa5b0a71213f8e8c167df

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 1122300778
date: Wed, 09 Mar 2022 14:11:46 GMT
x-fb-trip-id: 1679558926
last-modified: Tue, 08 Mar 2022 18:16:32 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=383942548
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 383942548
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 302734

GET
H2 200 275322805_332173648937599_878667267390747551_n.jpg
scontent-muc2-1.cdninstagram.com/v/t51.29350-15/ Frame DC09 410 KB
410 KB 203ms
67ms Image
image/jpeg 2a03:2880:f257:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-muc2-1.cdninstagram.com/v/t51.29350-15/275322805_332173648937599_878667267390747551_n.jpg?_nc_cat=100&ccb=1-5&_nc_sid=8ae9d6&_nc_ohc=oHoN6Ph99OgAX_vUeYV&_nc_ht=scontent-muc2-1.cdninstagram.com&edm=AL-3X8kEAAAA&oh=00_AT8rDZ4D75s0qSd_4hGy6XUt3qU7qV_CYLIDQh1ieYg8mQ&oe=622D6445
Requested by: Host: levc.com
URL: https://levc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f257:ca:face:b00c:0:43fe Munich, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 58569b6945a01123032741b2cf0652da670655f3830d215acbc130380b220355

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 2180670869
date: Wed, 09 Mar 2022 14:11:46 GMT
x-fb-trip-id: 1679558926
last-modified: Tue, 08 Mar 2022 18:15:50 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1607648017
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1607648017
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 419559

GET
H2 200 275436087_1833398306870619_4472896377417014121_n.jpg
scontent-muc2-1.cdninstagram.com/v/t51.29350-15/ Frame DC09 372 KB
373 KB 201ms
65ms Image
image/jpeg 2a03:2880:f257:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-muc2-1.cdninstagram.com/v/t51.29350-15/275436087_1833398306870619_4472896377417014121_n.jpg?_nc_cat=104&ccb=1-5&_nc_sid=8ae9d6&_nc_ohc=aTUivtWj3N4AX-RAkwO&_nc_ht=scontent-muc2-1.cdninstagram.com&edm=AL-3X8kEAAAA&oh=00_AT8cRMw-GTv0EIrEsGaji0k6KP5-0uMN6Mc7iCH0qy-Pog&oe=622D3A6C
Requested by: Host: levc.com
URL: https://levc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f257:ca:face:b00c:0:43fe Munich, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1e456732101a211bab26bbc00ef1b1b1c46e206be34e57d4239a21d15a0f0b82

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 1203508007
date: Wed, 09 Mar 2022 14:11:46 GMT
x-fb-trip-id: 1679558926
last-modified: Tue, 08 Mar 2022 18:15:22 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1709534307
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1709534307
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 381265

GET
H2 200 275426871_1291312214713569_1417982343444478402_n.jpg
scontent-muc2-1.cdninstagram.com/v/t51.2885-15/ Frame DC09 173 KB
173 KB 201ms
66ms Image
image/jpeg 2a03:2880:f257:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-muc2-1.cdninstagram.com/v/t51.2885-15/275426871_1291312214713569_1417982343444478402_n.jpg?_nc_cat=101&ccb=1-5&_nc_sid=8ae9d6&_nc_ohc=aWNHFqDrQegAX_e_tzB&_nc_ht=scontent-muc2-1.cdninstagram.com&edm=AL-3X8kEAAAA&oh=00_AT_DjA_NI_FXIk1yyDgzhKX6aRwOkmlYFU7A1kLWtLfaZg&oe=622C9846
Requested by: Host: levc.com
URL: https://levc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f257:ca:face:b00c:0:43fe Munich, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d3f899c8bb1966f1c827d6ca1349beb6688c8aa8922ddae332f750b806822c17

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 52207903
date: Wed, 09 Mar 2022 14:11:46 GMT
x-fb-trip-id: 1679558926
last-modified: Tue, 08 Mar 2022 13:40:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2436332369
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2436332369
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 177379

GET
H2 200 275325491_1179303769568938_1507716618865038369_n.jpg
scontent-muc2-1.cdninstagram.com/v/t51.2885-15/ Frame DC09 151 KB
151 KB 203ms
68ms Image
image/jpeg 2a03:2880:f257:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-muc2-1.cdninstagram.com/v/t51.2885-15/275325491_1179303769568938_1507716618865038369_n.jpg?_nc_cat=105&ccb=1-5&_nc_sid=8ae9d6&_nc_ohc=0dx0wAeZML4AX9F7lmI&_nc_ht=scontent-muc2-1.cdninstagram.com&edm=AL-3X8kEAAAA&oh=00_AT-jbjYubAjf9Cza73ZWiIsGzI24bIIf7THdD3wW4ACuxA&oe=622C8BB0
Requested by: Host: levc.com
URL: https://levc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f257:ca:face:b00c:0:43fe Munich, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 17cc74c2735a6831df5b74484d2af95a46c1ce06d69992f8cd9d355cb0bb6fc9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 2659137463
date: Wed, 09 Mar 2022 14:11:46 GMT
x-fb-trip-id: 1679558926
last-modified: Tue, 08 Mar 2022 13:35:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3371007335
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3371007335
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 154592

GET
H2 200 proxy
images1-focus-opensocial.googleusercontent.com/gadgets/ Frame DC09 31 KB
31 KB 205ms
60ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images1-focus-opensocial.googleusercontent.com/gadgets/proxy?container=focus&resize_w=230&refresh=86400&url=https%3A%2F%2Fscontent.cdninstagram.com%2Fv%2Ft51.2885-15%2F275327461_523436559200870_6189878367476646075_n.jpg%3Fstp%3Ddst-jpg_e35_p480x480%26_nc_ht%3Dscontent.cdninstagram.com%26_nc_cat%3D102%26_nc_ohc%3DR9H8GqarDXkAX_FhQrO%26edm%3DAMO9-JQAAAAA%26ccb%3D7-4%26oh%3D00_AT9-iO1ud9x-wIrYmeMf9vPBsSswgGHUhpP8w0sUVXyoYQ%26oe%3D62291197%26_nc_sid%3Db9f2ee

Requested by

Host: levc.com
URL: https://levc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d06f73fa9720e93096ac4efc07485d0f09aaf3535950241af139eea0b7dd11fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
age: 9184
content-digest: adler32=989415937
cross-origin-resource-policy: cross-origin
content-disposition: attachment;filename=p.txt
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31364
x-xss-protection: 1; mode=block
server: GSE
date: Wed, 09 Mar 2022 11:38:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg; charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=86400
timing-allow-origin: *
expires: Thu, 10 Mar 2022 11:38:42 GMT

GET
H2 200 275061137_688924908954959_438295655896133530_n.jpg
scontent-muc2-1.cdninstagram.com/v/t51.29350-15/ Frame DC09 100 KB
101 KB 204ms
69ms Image
image/jpeg 2a03:2880:f257:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-muc2-1.cdninstagram.com/v/t51.29350-15/275061137_688924908954959_438295655896133530_n.jpg?_nc_cat=103&ccb=1-5&_nc_sid=8ae9d6&_nc_ohc=-c8OEaVdCIYAX-OrI47&_nc_ht=scontent-muc2-1.cdninstagram.com&edm=AL-3X8kEAAAA&oh=00_AT8hD3JS8MK_6T56tiTubxYrSLWVIJWBNuyT4-3HYVDqMw&oe=622D03AE
Requested by: Host: levc.com
URL: https://levc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f257:ca:face:b00c:0:43fe Munich, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a9f34d713e98770e7571fcb746a80448d221d850b50c414a7f5834f37c627be5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 1220891637
date: Wed, 09 Mar 2022 14:11:46 GMT
x-fb-trip-id: 1679558926
last-modified: Fri, 04 Mar 2022 12:49:13 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=93080979
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 93080979
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 102781

GET
H3 200 275045699_634641667817363_4822107684123146660_n.jpg
scontent-muc2-1.cdninstagram.com/v/t51.2885-15/ Frame DC09 142 KB
142 KB 129ms
64ms Image
image/jpeg 2a03:2880:f257:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-muc2-1.cdninstagram.com/v/t51.2885-15/275045699_634641667817363_4822107684123146660_n.jpg?_nc_cat=106&ccb=1-5&_nc_sid=8ae9d6&_nc_ohc=-a-RnKPKxM4AX8R67GB&_nc_ht=scontent-muc2-1.cdninstagram.com&edm=AL-3X8kEAAAA&oh=00_AT_IAObD0qHxMvxh8B2SJmx2ZhJ-TqEiEEwdTJiKvQ0g1A&oe=622E3573
Requested by: Host: levc.com
URL: https://levc.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f257:ca:face:b00c:0:43fe Munich, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 837a1089d1c35f12b1a83a6aefc90a130b7d469a1681173ef6e42bb8bf445fa5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 3265964426
date: Wed, 09 Mar 2022 14:11:46 GMT
last-modified: Fri, 04 Mar 2022 12:10:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3730723876
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3730723876
content-length: 145750
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
priority: u=3,i

GET
H3 200 275160727_365067498958988_1411282192957667601_n.jpg
scontent-muc2-1.cdninstagram.com/v/t51.2885-15/ Frame DC09 128 KB
128 KB 129ms
64ms Image
image/jpeg 2a03:2880:f257:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-muc2-1.cdninstagram.com/v/t51.2885-15/275160727_365067498958988_1411282192957667601_n.jpg?_nc_cat=100&ccb=1-5&_nc_sid=8ae9d6&_nc_ohc=4ZO1amZ2fhMAX--2npa&_nc_ht=scontent-muc2-1.cdninstagram.com&edm=AL-3X8kEAAAA&oh=00_AT-zwtoElclpvTwKvDKyef1-0uOUHQ-93OWDdR26jX-TBw&oe=622DA9BA
Requested by: Host: levc.com
URL: https://levc.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f257:ca:face:b00c:0:43fe Munich, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7e25796886304a03374ede4d181edfb7182420a6ef96cde52dd7194a917fe2e9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 352724198
date: Wed, 09 Mar 2022 14:11:46 GMT
last-modified: Fri, 04 Mar 2022 12:01:13 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3294169974
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3294169974
content-length: 131373
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
priority: u=3,i

GET
H/1.1 200
OK oval.svg
levc.com/wp-content/plugins/flow-flow/assets/ Frame DC09 694 B
736 B 62ms
62ms Image
image/svg+xml 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/plugins/flow-flow/assets/oval.svg

Requested by

Host: levc.com
URL: https://levc.com/wp-content/plugins/flow-flow/css/public.css?ver=4.8.6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/wp-content/plugins/flow-flow/css/public.css?ver=4.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Oct 2021 14:42:51 GMT
Server: Apache
ETag: "2b6-5cf569bc8d889-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 379

GET
H/1.1 200
OK carousel.png
levc.com/wp-content/plugins/flow-flow/assets/ Frame DC09 1 KB
2 KB 61ms
61ms Image
image/png 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/plugins/flow-flow/assets/carousel.png

Requested by

Host: levc.com
URL: https://levc.com/wp-content/plugins/flow-flow/css/public.css?ver=4.8.6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

c28cadafd44273bdd92841d8980f1939158c615cda611f9bdfe66a1773c1b932

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/wp-content/plugins/flow-flow/css/public.css?ver=4.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Oct 2021 14:42:56 GMT
Server: Apache
ETag: "4bc-5cf569c1a53f8"
Content-Type: image/png
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1212

GET
H/1.1 200
OK video.png
levc.com/wp-content/plugins/flow-flow/assets/ Frame DC09 2 KB
2 KB 62ms
61ms Image
image/png 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/plugins/flow-flow/assets/video.png

Requested by

Host: levc.com
URL: https://levc.com/wp-content/plugins/flow-flow/css/public.css?ver=4.8.6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

4848215f9d3165c51b9d329ae152b2aadeb88492b334996dfc30aec5013803c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/wp-content/plugins/flow-flow/css/public.css?ver=4.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Oct 2021 14:42:56 GMT
Server: Apache
ETag: "811-5cf569c164cb7"
Content-Type: image/png
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2065

GET
H2 200 235868273_590350269004345_3470853387497580800_n.jpg
scontent-muc2-1.xx.fbcdn.net/v/t51.2885-15/ Frame DC09 76 KB
76 KB 209ms
65ms Image
image/jpeg 2a03:2880:f057:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-muc2-1.xx.fbcdn.net/v/t51.2885-15/235868273_590350269004345_3470853387497580800_n.jpg?_nc_cat=110&ccb=1-5&_nc_sid=86c713&_nc_ohc=m6fREali6goAX__Drhg&_nc_ht=scontent-muc2-1.xx&edm=AL-3X8kEAAAA&oh=00_AT9Vvr7Zd76kW6Bulqee06hzPc4ubEJLabm5ewNRyNNL-A&oe=622E7A29
Requested by: Host: levc.com
URL: https://levc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f057:10:face:b00c:0:3 Munich, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 9a9adb349b2cbcd9821566e674eabed471c9f3425192e8fa95e29e0c699f215c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 2174471515
date: Wed, 09 Mar 2022 14:11:46 GMT
x-fb-trip-id: 1679558926
last-modified: Wed, 11 Aug 2021 14:39:11 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=742361244
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 742361244
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 77483

GET
H2 403 235868273_590350269004345_3470853387497580800_n.jpg
scontent-muc2-1.xx.fbcdn.net/v/t51.2885-15/ Frame DC09 21 B
21 B 147ms
64ms Image
text/plain 2a03:2880:f057:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-muc2-1.xx.fbcdn.net/v/t51.2885-15/235868273_590350269004345_3470853387497580800_n.jpg?_nc_cat=110&ccb=1-5&_nc_sid=86c713&_nc_ohc=X8-mBS2EwEQAX-svtSS&_nc_ht=scontent-muc2-1.xx&edm=AL-3X8kEAAAA&oh=00_AT8cB1zvNJDMT3zDMkqLwtMFFniWutDkXzLT9AW7508Exg&oe=62288B69
Requested by: Host: levc.com
URL: https://levc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f057:10:face:b00c:0:3 Munich, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 14:11:46 GMT
x-fb-trip-id: 1679558926
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 21
proxy-status: http_request_error; e_fb_vipaddr="AcJ1YOySWbxU8Hy1eUxKIKFTbA4hECaVl_mEc34UJ7RQOjNWq2IU3XJm2ohkorH1PpTf1Zpkkmeyejf8reJaqJ1PA396ls5b3g"; e_clientaddr="AcL-l_hfh2H2XnOZaOiopneUedA7mMp_DBKlThcqWXPx5wKbnFu9CeitOkyo8ZtyVZNcsjWhHNlxW5IoN4WDCg"; e_fb_builduser="AcJxW1AhZX98oHPY40EK7_AkBxnhfw20e5jHjx--j3rTYJ8-exssg5kCZcK2645_sHA"; e_proxy="AcJT4Ia4UqENFtfNLIswO5J-rdbx906dh78BHkc0cX6gqIGCwm8PvyZBFmo0fKXgTBldjQcF0ZVItV4"; e_fb_binaryversion="AcJUdGOBm8lYoN6reb09nUX3nJpokhA9ahCoOyKzEa8kBN9IsHy9L2AX-1ayL2NcmMWoJCoUHG0nsUKMLT5O31c934bJoa_E764"

GET
H/1.1 200
OK flaticon.woff
levc.com/wp-content/plugins/flow-flow/assets/fonts/ Frame DC09 66 KB
66 KB 61ms
61ms Font
font/woff 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to

Full URL

https://levc.com/wp-content/plugins/flow-flow/assets/fonts/flaticon.woff

Requested by

Host: levc.com
URL: https://levc.com/wp-content/plugins/flow-flow/css/public.css?ver=4.8.6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

ca7cb21ef66763818458394f8ebfa7b981b6f637f6e77ce724eb84b79686c4ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://levc.com/wp-content/plugins/flow-flow/css/public.css?ver=4.8.6
Origin: https://levc.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Oct 2021 14:46:35 GMT
Server: Apache
ETag: "10898-5cf56a9203334"
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 67736

GET
H2 200 bc-v3.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 9018 2 KB
1 KB 219ms
57ms Document
text/html 2a02:26f0:6c00:281::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=b2a27827-869a-4bbd-a3ee-918ea24bf0bb
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:281::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "b10de1f5f615a79259ac9e34f470ce1d:1615283706.572935"
last-modified: Tue, 09 Mar 2021 09:55:06 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=21316133
expires: Fri, 11 Nov 2022 07:20:39 GMT
date: Wed, 09 Mar 2022 14:11:46 GMT
content-length: 895
server-timing: cdn-cache; desc=HIT edge; dur=1

GET
H/1.1 200
OK play.png
levc.com/wp-content/plugins/flow-flow/assets/ Frame DC09 3 KB
3 KB 62ms
62ms Image
image/png 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/plugins/flow-flow/assets/play.png

Requested by

Host: levc.com
URL: https://levc.com/wp-content/plugins/flow-flow/css/public.css?ver=4.8.6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

b9033bca2516ec2317e5c11c85a8a088e5858d8819af6402a1b88cf024b8978a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/wp-content/plugins/flow-flow/css/public.css?ver=4.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Oct 2021 14:42:57 GMT
Server: Apache
ETag: "bcf-5cf569c204f39"
Content-Type: image/png
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 3023

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ Frame DC09 5 KB
2 KB 579ms
134ms Script
application/javascript 35.174.78.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: levc.com
URL: https://levc.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-5-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 14:11:47 GMT
content-encoding: gzip
X-Pardot-Route: 8f46b7608980401223b1d0300f1fdf0e
X-Pardot-LB: d3d7f55bb0643f40d338b3c1e133d5c5
last-modified: Tue, 08 Mar 2022 05:17:03 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=63072000
accept-ranges: bytes
content-length: 1950
expires: Fri, 08 Mar 2024 14:11:47 GMT

GET
H/1.1 200
OK TX-Taxi-Black_3_RT_RGB_72dpi.jpg.webp
levc.com/wp-content/uploads/ Frame DC09 325 KB
326 KB 62ms
62ms Image
image/webp 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/uploads/TX-Taxi-Black_3_RT_RGB_72dpi.jpg.webp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

4f3e3ccaa9b9906853ced0aeea38ec660125d3be45c4606f7b2a8c43c902f1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 30 Nov 2021 15:45:22 GMT
Server: Apache
ETag: "515d2-5d20371fbd752"
Content-Type: image/webp
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 333266

GET
H/1.1 200
OK TX-Shuttle-7-1-1920x1279.jpg.webp
levc.com/wp-content/uploads/ Frame DC09 71 KB
71 KB 62ms
62ms Image
image/webp 80.158.4.25
AS6878

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levc.com/wp-content/uploads/TX-Shuttle-7-1-1920x1279.jpg.webp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.158.4.25 , Germany, ASN6878 (AS6878, DE),

Reverse DNS

ecs-80-158-4-25.reverse.open-telekom-cloud.com

Software

Apache /

Resource Hash

5146bdd2eb066cbb7ef33da5bbd2c709a5680f9458fa5eca503512d99d1e0453

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 14:11:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 01 Dec 2021 17:38:44 GMT
Server: Apache
ETag: "11b8c-5d2192544c59b"
Content-Type: image/webp
Cache-Control: max-age=2678400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 72588

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame DC09 49 KB
20 KB 174ms
54ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV5SFGZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2214
date: Wed, 09 Mar 2022 13:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 09 Mar 2022 15:34:53 GMT

GET
H2 200 state.js Show response
consentcdn.cookiebot.com/consentconfig/b2a27827-869a-4bbd-a3ee-918ea24bf0bb/ Frame DC09 30 B
327 B 71ms
71ms Script
application/x-javascript 2a02:26f0:6c00:281::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/consentconfig/b2a27827-869a-4bbd-a3ee-918ea24bf0bb/state.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=b2a27827-869a-4bbd-a3ee-918ea24bf0bb
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:281::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b97bab9bf4fca8d386ef5fc83cd58b492f2132e2d28053ade2f212a8b151b0c4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 14:11:47 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 14:09:21 GMT
server: AkamaiNetStorage
etag: "8fabfd3bb9b067b11ad664181b30fa66:1612966161.053145"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=53225
server-timing: cdn-cache; desc=HIT, edge; dur=15
accept-ranges: bytes
content-length: 50
expires: Thu, 10 Mar 2022 04:58:52 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame DC09 35 B
55 B 115ms
53ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1584033988&t=pageview&_s=1&dl=https%3A%2F%2Flevc.com%2F&dr=https%3A%2F%2Fjikkosoft.com%2F&ul=en-us&de=UTF-8&dt=LEVC%20%7C%20London%20Electric%20Vehicle%20Company&sd=24-bit&sr=1600x1200&vp=1600x60&je=0&_u=YEAAAAAB~&cid=1298021365.1646835110&tid=UA-203316973-10&_gid=1908319804.1646835110&gtm=2wg370TV5SFGZ&gcs=G100&z=1272976160

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 06:15:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28602
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ Frame DC09 1 KB
2 KB 647ms
647ms Script
text/javascript 35.174.78.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=43726&account_id=944083&title=LEVC%20%7C%20London%20Electric%20Vehicle%20Company&url=https%3A%2F%2Flevc.com%2F&referrer=https%3A%2F%2Fjikkosoft.com%2F

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

pi0-lba1-5-ue1.aws.pardot.com

Software

PardotServer /

Resource Hash

36c0df967f570cb648aea84e9000e37724d9d95fcaefdd70043e57f8b373994c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 14:11:47 GMT
content-encoding: gzip
X-Pardot-Route: 403edde838d926b2f64a33ea88db7473
X-Pardot-LB: d3d7f55bb0643f40d338b3c1e133d5c5
x-pardot-rsp: 0/0/1
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 533
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK analytics Show response
m.levc.com/ Frame DC09 50 B
1 KB 664ms
219ms Script
text/javascript 35.174.78.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://m.levc.com/analytics?conly=true&visitor_id=110413894&visitor_id_sign=7942d152c3b0a61028a87727745f149a9772bd6594b2de31ab31e81e5b6ea0b448a9c520060b9bb588ad60ec9fb631a3b8405aef&pi_opt_in=&campaign_id=43726&account_id=944083&title=LEVC%20|%20London%20Electric%20Vehicle%20Company&url=https://levc.com/&referrer=https://jikkosoft.com/
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=43726&account_id=944083&title=LEVC%20%7C%20London%20Electric%20Vehicle%20Company&url=https%3A%2F%2Flevc.com%2F&referrer=https%3A%2F%2Fjikkosoft.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-5-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://levc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 14:11:48 GMT
X-Pardot-Route: eb06fc631066edc75188604bf4f20e9d
X-Pardot-LB: d3d7f55bb0643f40d338b3c1e133d5c5
x-pardot-rsp: 0/0/1
vary: User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript; charset=utf-8
content-length: 50
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Outlook Web Access (Online)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.owapass.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinity Value: a6e48b9e9d2653435be7b61998d8624b44115214104213d6c8b8c526cc56dc70
.owapass.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: a6e48b9e9d2653435be7b61998d8624b44115214104213d6c8b8c526cc56dc70
jikkosoft.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4d49f793bb0f3cd54b361d19f58cec84
jikkosoft.com/	1970-01-20 01:27:15	Name: cookieTest Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://scontent-muc2-1.xx.fbcdn.net/v/t51.2885-15/235868273_590350269004345_3470853387497580800_n.jpg?_nc_cat=110&ccb=1-5&_nc_sid=86c713&_nc_ohc=X8-mBS2EwEQAX-svtSS&_nc_ht=scontent-muc2-1.xx&edm=AL-3X8kEAAAA&oh=00_AT8cB1zvNJDMT3zDMkqLwtMFFniWutDkXzLT9AW7508Exg&oe=62288B69 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent.cookiebot.com
consentcdn.cookiebot.com
fonts.googleapis.com
fonts.gstatic.com
images1-focus-opensocial.googleusercontent.com
jikkosoft.com
levc.com
logo.clearbit.com
m.levc.com
owapass.azurewebsites.net
pi.pardot.com
scontent-muc2-1.cdninstagram.com
scontent-muc2-1.xx.fbcdn.net
webmail.torstar.com
www.google-analytics.com
www.googletagmanager.com
www.levc.com
13.32.121.17
192.206.144.52
20.40.202.35
2606:4700:3037::6815:53e7
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2001
2a02:26f0:6c00:281::f09
2a02:26f0:fb::5f64:99a9
2a03:2880:f057:10:face:b00c:0:3
2a03:2880:f257:ca:face:b00c:0:43fe
35.174.78.146
80.158.4.25
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75
0cf9dc1fde0cc87d471eeb293700e7488967fa876929ea8e15005976c53ad437
12ecd5d2c7c044730560598d5b441e2aef8737e94a89c982e250ea59ca0e4460
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
17cc74c2735a6831df5b74484d2af95a46c1ce06d69992f8cd9d355cb0bb6fc9
1e456732101a211bab26bbc00ef1b1b1c46e206be34e57d4239a21d15a0f0b82
22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50
28ad0601899ef52974c293e92bfd824476f3552912e234c00960942d11779fec
2b4011b86e70d2c5446ceff03fb0ca8c69aa7c0ad57d5030aa1d56f6e5d50b27
2c7deb12dd82c851c24560be2ab2fc70fe5c35cd7efff03eaa1c9851a1a9751c
3086a32053f79b6871eec001790b9bf29ef8440a87e339cc33dbd71409ea5cc5
36c0df967f570cb648aea84e9000e37724d9d95fcaefdd70043e57f8b373994c
4493416e79510d70f7126227417d64a9eecb8f12b925bb2ebbc7bb62643a9ca9
4848215f9d3165c51b9d329ae152b2aadeb88492b334996dfc30aec5013803c9
4f3e3ccaa9b9906853ced0aeea38ec660125d3be45c4606f7b2a8c43c902f1c5
5146bdd2eb066cbb7ef33da5bbd2c709a5680f9458fa5eca503512d99d1e0453
58569b6945a01123032741b2cf0652da670655f3830d215acbc130380b220355
58c87bd2b89dc90a862e4c6293f20390f52fdb1e685788d7ffe7de1636ad5020
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5f6f4742147cf363c38bf5baa7dcbc057c3abb4a34b195837e1aaf611c166313
6da249cfb9cea57b5c1c44f5bdd47a70f717611e9242b3d1620ca9a69f99991b
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7e25796886304a03374ede4d181edfb7182420a6ef96cde52dd7194a917fe2e9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837a1089d1c35f12b1a83a6aefc90a130b7d469a1681173ef6e42bb8bf445fa5
84a08d3164157b2331bb874dce14fd50a93c591e6e0aeb766a72d96b2e0f03cd
8a215c8d8221eec7386898f400cef94d15a4132e2b27ed002f5e8bdc3a267502
90f1f0cdf85c481c641807bac089335e35f5696de6e57647bc696f04bdc66c17
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
912336b3c4d93cec86b3570a6aa99ada061a5120b6b494d34e8a7ce8dc2b0fc5
94e4a4636e34309db84da378649112226c9272c44edd5988bdd0f39c9973c074
97ae4c70e082c4be03d41789e8ac9496b0911c8c456844576cade5c6070d9627
9a9adb349b2cbcd9821566e674eabed471c9f3425192e8fa95e29e0c699f215c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9f34d713e98770e7571fcb746a80448d221d850b50c414a7f5834f37c627be5
aaf5c9d54cb740e15bf0bb31b89f687da4ebbd6e9ec99c776a690286369e9c97
b23254caa13f2ab0b5efce1a91a5938dc79fd4bead158acb5133382d6a1dd317
b9033bca2516ec2317e5c11c85a8a088e5858d8819af6402a1b88cf024b8978a
b97bab9bf4fca8d386ef5fc83cd58b492f2132e2d28053ade2f212a8b151b0c4
bb63e683aade2271ff4f76ea0189e3008cd044a7d3eb1c31965e9b24153c252d
bf9a7d642c3575e7e97964c6879f2b0df69bbe506c78524b500ab8ae1fa288da
c263cca7dc92faa70db8ad08cab1041d2a8f5b99d0f29803393cfa10f53e288b
c28cadafd44273bdd92841d8980f1939158c615cda611f9bdfe66a1773c1b932
c6777c8b1656f42b103fca3d868b8dab3db7ce04597ba3877a6e8df9d16b264d
ca7cb21ef66763818458394f8ebfa7b981b6f637f6e77ce724eb84b79686c4ae
cb39e2e9178e102fdfa9e8c3ab3abf57ee6bee6f35389536f7e6bfd1b454a76e
d06f73fa9720e93096ac4efc07485d0f09aaf3535950241af139eea0b7dd11fc
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
d3f899c8bb1966f1c827d6ca1349beb6688c8aa8922ddae332f750b806822c17
d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dd7aed030f818e510790ea5dcd27662ab34fecc9da6e8f0c432331d64541265b
e020fe384e6b7ca4629d67540ea087125f55bd43864f3caf2263e889a33d9203
e2edd1c0ce07b5199dca81995c0fb2a7d514c1ec8963c1f29c80b59c9de0e94e
ec6693b047cc1608435ab531177863bf291369b6c4bbb382aaadcd9ac3b4d5ef
ee17c6ddc17d6a694add5b3ff58b6aef8981f5269a726588e6086a427a9a0b77
eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc8b92fb7ac5d8c8a66154a29abe93aad6fd7ceaa21fa5b0a71213f8e8c167df

jikkosoft.com Open in urlscan Pro 2606:4700:3037::6815:53e7 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

67 %IPv6

14 Domains

17 Subdomains

14 IPs

3 Countries

3206 kBTransfer

4287 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

jikkosoft.com Open in urlscan Pro
2606:4700:3037::6815:53e7 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

17
Subdomains

14
IPs

3
Countries

3206 kB
Transfer

4287 kB
Size

4
Cookies

61 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!