www.levitravrd.com Open in urlscan Pro
2606:4700:3037::ac43:9363 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://canadianonlinepharmacyrgby.com/
Effective URL:
http://www.levitravrd.com/
Submission: On February 07 via api (February 7th 2022, 7:50:07 pm UTC) from CA — Scanned from CA

Summary HTTP 37 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 21 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3037::ac43:9363, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.levitravrd.com.

This is the only time www.levitravrd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::6815:5db8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3032::6815:e87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3037::6815:3120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3030::ac43:99a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3036::6815:5ba1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3030::ac43:dc16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3037::6815:2fd5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3037::ac43:9363	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:3e48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2607:f8b0:400... 2607:f8b0:4006:806::2001	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700:20:... 2606:4700:20::681a:3da	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3030::ac43:a98c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2009	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
1	146.75.32.193 146.75.32.193	54113 (FASTLY) (FASTLY)
1	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f001:b:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
37	14

1 2606:4700:3034::6815:5db8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

canadianonlinepharmacyrgby.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:e87 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.gamexslots.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:3120 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.tadalafilexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:99a4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.generictadalafil20mg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:5ba1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.creditscorecheckn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:dc16 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.plfored.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:2fd5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.sildenofil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::ac43:9363 (United States)

ASN13335 (CLOUDFLARENET, US)

www.levitravrd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:3e48 (United States)

ASN13335 (CLOUDFLARENET, US)

t24reklam.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:806::2001 (United States)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:3da (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

i.hizliresim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:a98c (United States)

ASN13335 (CLOUDFLARENET, US)

velocitycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2009 (United States)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.32.193 (Ashburn, United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f001:b:face:b00c:0:3 (Seattle, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	blogspot.com 3.bp.blogspot.com — Cisco Umbrella Rank: 10950 2.bp.blogspot.com — Cisco Umbrella Rank: 11108 1.bp.blogspot.com — Cisco Umbrella Rank: 8202 4.bp.blogspot.com — Cisco Umbrella Rank: 11201	2 MB
3	hizliresim.com 1 redirects i.hizliresim.com — Cisco Umbrella Rank: 88536	2 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293	96 KB
3	levitravrd.com www.levitravrd.com	101 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	82 KB
2	gstatic.com fonts.gstatic.com	30 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	velocitycdn.com velocitycdn.com — Cisco Umbrella Rank: 311115	14 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2427	83 KB
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 32495	1 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 5174	41 KB
1	blogger.com www.blogger.com — Cisco Umbrella Rank: 8761	56 KB
1	t24reklam.xyz t24reklam.xyz — Cisco Umbrella Rank: 809433	791 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	36 KB
1	sildenofil.com 1 redirects www.sildenofil.com	704 B
1	plfored.com 1 redirects www.plfored.com	704 B
1	creditscorecheckn.com 1 redirects www.creditscorecheckn.com — Cisco Umbrella Rank: 869567	705 B
1	generictadalafil20mg.com 1 redirects www.generictadalafil20mg.com	719 B
1	tadalafilexpress.com 1 redirects www.tadalafilexpress.com	724 B
1	gamexslots.com 1 redirects www.gamexslots.com	708 B
1	canadianonlinepharmacyrgby.com 1 redirects canadianonlinepharmacyrgby.com	720 B
37	21

	Domain	Requested by
9	1.bp.blogspot.com	www.levitravrd.com
3	i.hizliresim.com	1 redirects www.levitravrd.com
3	2.bp.blogspot.com	www.levitravrd.com
3	ajax.googleapis.com	www.levitravrd.com
3	www.levitravrd.com	www.levitravrd.com
2	connect.facebook.net	www.levitravrd.com connect.facebook.net
2	fonts.gstatic.com	www.levitravrd.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	velocitycdn.com	www.levitravrd.com velocitycdn.com
2	stackpath.bootstrapcdn.com	www.levitravrd.com stackpath.bootstrapcdn.com
1	youradexchange.com	velocitycdn.com
1	i.imgur.com	www.levitravrd.com
1	www.blogger.com	www.levitravrd.com
1	4.bp.blogspot.com	www.levitravrd.com
1	3.bp.blogspot.com	www.levitravrd.com
1	t24reklam.xyz	www.levitravrd.com
1	www.googletagmanager.com	www.levitravrd.com
1	www.sildenofil.com	1 redirects
1	www.plfored.com	1 redirects
1	www.creditscorecheckn.com	1 redirects
1	www.generictadalafil20mg.com	1 redirects
1	www.tadalafilexpress.com	1 redirects
1	www.gamexslots.com	1 redirects
1	canadianonlinepharmacyrgby.com	1 redirects
37	24

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
bit.ly
twitter.com
t.me
iptvoldhd.com
www.google.com.tr
www.dapoxetine911.com
www.creditscorecheckn.com
youradexchange.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
*.hizliresim.com E1	`2022-01-30` - `2022-04-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-17` - `2022-02-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.levitravrd.com/
Frame ID: 9A4470AAA3F133B23931A556AD31886E
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trgool TV | Canlı maç izle, Taraftarium24, Maç izle

Page URL History Show full URLs

http://canadianonlinepharmacyrgby.com/ HTTP 301
http://www.gamexslots.com/ HTTP 301
http://www.tadalafilexpress.com/ HTTP 301
http://www.generictadalafil20mg.com/ HTTP 301
http://www.creditscorecheckn.com/ HTTP 301
http://www.plfored.com/ HTTP 301
http://www.sildenofil.com/ HTTP 301
http://www.levitravrd.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

73 %
HTTPS

90 %
IPv6

21
Domains

24
Subdomains

14
IPs

1
Countries

2167 kB
Transfer

2891 kB
Size

3
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Taraftarium24-Canl%C4%B1-Ma%C3%A7-%C4%B0zle-109043784180537

Search URL Search Domain Scan URL

URL: https://www.twitter.com/taraftarium24k

Search URL Search Domain Scan URL

URL: https://bit.ly/3mxYmXu

Search URL Search Domain Scan URL

URL: https://twitter.com/taraftaryum24
Title: twitter

Search URL Search Domain Scan URL

URL: http://t.me/taraftarium24
Title: telegram

Search URL Search Domain Scan URL

URL: http://iptvoldhd.com/

Search URL Search Domain Scan URL

URL: https://www.google.com.tr/
Title: Google

Search URL Search Domain Scan URL

URL: http://www.dapoxetine911.com/
Title: Taraftarium24

Search URL Search Domain Scan URL

URL: http://www.creditscorecheckn.com/
Title: Trgool

Search URL Search Domain Scan URL

URL: http://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://canadianonlinepharmacyrgby.com/ HTTP 301
http://www.gamexslots.com/ HTTP 301
http://www.tadalafilexpress.com/ HTTP 301
http://www.generictadalafil20mg.com/ HTTP 301
http://www.creditscorecheckn.com/ HTTP 301
http://www.plfored.com/ HTTP 301
http://www.sildenofil.com/ HTTP 301
http://www.levitravrd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://i.hizliresim.com/gA73WQ.gif HTTP 301
https://i.hizliresim.com/gA73WQ.gif

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.levitravrd.com/
Redirect Chain

http://canadianonlinepharmacyrgby.com/
http://www.gamexslots.com/
http://www.tadalafilexpress.com/
http://www.generictadalafil20mg.com/
http://www.creditscorecheckn.com/
http://www.plfored.com/
http://www.sildenofil.com/
http://www.levitravrd.com/

156 KB
36 KB

521ms
483ms

Document
text/html

2606:4700:3037::ac43:9363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.levitravrd.com/

Protocol

HTTP/1.1

Server

2606:4700:3037::ac43:9363 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2bad62f8f795fa6cd9e587128109934a13938fa06b9bb5d1700643854088f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Date: Mon, 07 Feb 2022 19:50:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
expires: Mon, 07 Feb 2022 19:50:01 GMT
cache-control: private, max-age=0
last-modified: Mon, 07 Feb 2022 16:31:25 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoL1TTnTsvfhenassO1DIFmUdJJrLmfZKZgiWpV3n2oebWe4uYYM6fdkAiiBxNRKI%2BrSq0Gf%2BlIxlCMaMLJGi83MriF%2B2VmezSK6%2F9qy0y6YFlXCZlFkf%2F3CodVrAp5Zl4B5KsWqclS70%2BlxxvF0lnY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6d9f25125a624bb8-YUL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Mon, 07 Feb 2022 19:50:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 07 Feb 2022 20:50:01 GMT
Location: http://www.levitravrd.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFmpe3xwFoRQ500ObL2GVE%2FEu1eXMnIArqY2pO7l7JskK7qrysYl6BQmFAreSbaPmfNspwadBct9r15FWoQ9AHpRHxQS0n%2B20OYydTdBOdC9mFg0CW99XDYBHkwJLykF4enq%2Bv%2BWlKQYj1Bz9mvTSDI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6d9f2511ecd37150-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 99ms
50ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129743549-5

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed416dc7602740079f4fd4a83bc61a063f465ac52cb3e37414fcb27a1fa6af5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:50:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35988
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Feb 2022 19:50:01 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 70ms
27ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:50:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617
age: 9952540
cdn-cachedat: 2021-06-08 14:35:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8e03a0f40ac23c08b1fbc5b05ccb27fd
cdn-requestcountrycode: US
cf-ray: 6d9f2515ddec4bd0-YUL
cdn-cache: HIT
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 73ms
21ms Script
text/javascript 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 05:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Feb 2023 05:04:41 GMT

GET
H/1.1 200
OK gizle.css
t24reklam.xyz/trgool/ 28 B
791 B 235ms
200ms Stylesheet
text/css 2606:4700:3037::6815:3e48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://t24reklam.xyz/trgool/gizle.css
Requested by: Host: www.levitravrd.com
URL: http://www.levitravrd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:3e48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4be390ba764557e705bc0dd328e1b686bc9aef39e569037093975b8f2658e4c3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 19:50:02 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 28
last-modified: Mon, 07 Feb 2022 05:40:50 GMT
Server: cloudflare
etag: "6200b0e2-1c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gyWfXtjs3xfdyiZ9fxEQS4uV1ifkz7jxmDaouYR%2FC9s81odPS0DB5fZiWVFNvy1OhRvu%2FoGbI0OCMJQq6CxPygXFUX59Rn1auWGtKZ3JaudWS2CHG6MHhWE%2FQune9JpUsKZhf7ECJGPUivS"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
access-control-allow-origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d9f2515db9cecf2-YUL

GET
H2 200 3e2589866bb824f48d1018009ea27f31.png
3.bp.blogspot.com/-uO-cBaYmy0E/YDUxnrA9vZI/AAAAAAAAA9I/gE_-ioTjkXITVaf22FVBMRZFcR-vNkPdwCK4BGAYYCw/s1600/ 22 KB
22 KB 101ms
44ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-uO-cBaYmy0E/YDUxnrA9vZI/AAAAAAAAA9I/gE_-ioTjkXITVaf22FVBMRZFcR-vNkPdwCK4BGAYYCw/s1600/3e2589866bb824f48d1018009ea27f31.png

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c9cbc5047776a92b4b58e5a7e95f6e1f9f54b16407e22238652a429a157a1f8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:50:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="3e2589866bb824f48d1018009ea27f31.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22314
x-xss-protection: 0
server: fife
etag: "v3d3"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 29 Jan 2022 14:54:48 GMT

GET
H2 200 mobile.png
2.bp.blogspot.com/-YnTz6RQTYKE/Xudi7MFI0TI/AAAAAAAAAnQ/7cMCPfLMEOwFjcRm7mHtcwLE7Ke7Tt_zACK4BGAYYCw/s150/ 4 KB
4 KB 77ms
21ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-YnTz6RQTYKE/Xudi7MFI0TI/AAAAAAAAAnQ/7cMCPfLMEOwFjcRm7mHtcwLE7Ke7Tt_zACK4BGAYYCw/s150/mobile.png

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

863e0522f767a610615e951bceaae184b4d586a603f9032dc7899f1a509ab30d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:34:44 GMT
x-content-type-options: nosniff
age: 11718
content-disposition: inline;filename="mobile.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4082
x-xss-protection: 0
server: fife
etag: "v275"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 00:33:54 GMT

GET
H2 200 1000X50savoy.gif
1.bp.blogspot.com/-7ofbMUgg0HQ/YI1bMjr20CI/AAAAAAAAA_g/NUbjvuWkVJ4YUtLAzODfQf_Bnlnv6TTBACLcBGAsYHQ/s0/ 568 KB
568 KB 77ms
22ms Image
image/gif 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-7ofbMUgg0HQ/YI1bMjr20CI/AAAAAAAAA_g/NUbjvuWkVJ4YUtLAzODfQf_Bnlnv6TTBACLcBGAsYHQ/s0/1000X50savoy.gif

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

885cb7fbc64c680658eab2e83b97a37af98ed10e983640306be027a14e13d763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:34:44 GMT
x-content-type-options: nosniff
age: 11718
content-disposition: inline;filename="1000X50savoy.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581394
x-xss-protection: 0
server: fife
etag: "v3f9"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 19:27:59 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
32 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 08:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Feb 2023 08:00:39 GMT

GET
H2

200

gA73WQ.gif
i.hizliresim.com/
Redirect Chain

http://i.hizliresim.com/gA73WQ.gif
https://i.hizliresim.com/gA73WQ.gif

34 B
517 B

193ms
138ms

Image
image/webp

2606:4700:20::681a:3da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.hizliresim.com/gA73WQ.gif
Requested by: Host: www.levitravrd.com
URL: http://www.levitravrd.com/
Protocol: H2
Server: 2606:4700:20::681a:3da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:50:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8CEAF2FFE7495355
cf-polished: origFmt=gif, origSize=64
content-disposition: inline; filename="gA73WQ.webp"
content-length: 34
x-amz-id-2: ggKoZCvrKWHXsfK5U3rjPW8nMMfet0BBhHRUbietQE/uWdCdElZUch7HjjzLPHfxkl3MOCZeRBtQ
last-modified: Thu, 06 Sep 2018 04:20:11 GMT
server: cloudflare
etag: "8bff1882bc3d32bba33f375d25904f04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BQ%2F3w37az2FesQFjrt73C9jBLee6I7%2Fd4HR0P4DZ3nyKbcEBcSfvp4ojuw443CBgMck%2BYij%2BHnwUfYxEorQcDVxHtkLgkJqLYjYlQ4sBtktXP8ANABfBdMJjsJbzXQAkdloijYG1JVbpybFfEI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d9f25182de07138-YUL
cf-bgj: imgq:100,h2pri

Redirect headers

Date: Mon, 07 Feb 2022 19:50:02 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4cTpHNjOpfQkN7wHBrIv1ECgaYySkGHgg%2F2Xvqb%2FzO6fiUIvQKwpisa48wBO2SCEokjdYGGpTWCgr1CwZ2pChnvh78nRmRZHxaxSgckjjStieEVyYSiHyAnyq3t3ZkTMALCTgl9SUeWuk40Zrs%3D"}],"group":"cf-nel","max_age":604800}
Location: https://i.hizliresim.com/gA73WQ.gif
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d9f25175fc2ecf6-YUL
Expires: Mon, 07 Feb 2022 20:50:02 GMT

GET
H2 200 468X60.gif
1.bp.blogspot.com/-NQauXWk1khA/YI6SIuHGrtI/AAAAAAAAADM/3Tr1rwNIeIUohD06QbII_ZOZnl25By_6wCNcBGAsYHQ/s16000/ 746 KB
746 KB 98ms
44ms Image
image/gif 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-NQauXWk1khA/YI6SIuHGrtI/AAAAAAAAADM/3Tr1rwNIeIUohD06QbII_ZOZnl25By_6wCNcBGAsYHQ/s16000/468X60.gif

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

48e0ab0fd569039b938083f082857af58b4622dcbe6e61920cebaf7d09e739da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:34:44 GMT
x-content-type-options: nosniff
age: 11718
content-disposition: inline;filename="468X60.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 763480
x-xss-protection: 0
server: fife
etag: "v34"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 17:30:26 GMT

GET
H2 200 jestyayin_izle.jpg
1.bp.blogspot.com/-nqEFRvoIVRQ/XlraOzIWC-I/AAAAAAAAAfQ/y-JZYXcgUU8JSfxrk4IFrZo1or_aaDQUwCLcBGAsYHQ/w680/ 31 KB
31 KB 174ms
121ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-nqEFRvoIVRQ/XlraOzIWC-I/AAAAAAAAAfQ/y-JZYXcgUU8JSfxrk4IFrZo1or_aaDQUwCLcBGAsYHQ/w680/jestyayin_izle.jpg

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b4eed171d41cbbf254994112170ad7d3c6e09f0d6c9b90be4dcc9dcf66a5cb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:50:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="jestyayin_izle.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32044
x-xss-protection: 0
server: fife
etag: "v1f5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 29 Jan 2022 23:21:45 GMT

GET
H2 200 trgool_tv_izle.jpg
1.bp.blogspot.com/-yW2IcMIQpM4/XlrXOU-o8cI/AAAAAAAAAfE/fTQl8V3PCacVnqwPRE4wwn9evq_2rGq7QCLcBGAsYHQ/w680/ 24 KB
24 KB 174ms
122ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-yW2IcMIQpM4/XlrXOU-o8cI/AAAAAAAAAfE/fTQl8V3PCacVnqwPRE4wwn9evq_2rGq7QCLcBGAsYHQ/w680/trgool_tv_izle.jpg

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

95726bf49ae5a40a17fe6fe62dc660f9079ab21a6293fc59be526471f3c060ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:50:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="trgool_tv_izle.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24069
x-xss-protection: 0
server: fife
etag: "v1f2"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 30 Jan 2022 05:06:18 GMT

GET
H2 200 kacak_mac_izle.jpg
1.bp.blogspot.com/-Upf0_9nNvLs/XlrVLk5ueKI/AAAAAAAAAe4/Ba2aL-kRWtwiXIkNUWjIb2iCT5FqKXp8ACLcBGAsYHQ/w680/ 30 KB
31 KB 170ms
119ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Upf0_9nNvLs/XlrVLk5ueKI/AAAAAAAAAe4/Ba2aL-kRWtwiXIkNUWjIb2iCT5FqKXp8ACLcBGAsYHQ/w680/kacak_mac_izle.jpg

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5e008386f2201a801835557867c1ba60a3c6c606f3a92c5792cc0903c2142307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:50:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="kacak_mac_izle.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31135
x-xss-protection: 0
server: fife
etag: "v1ef"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 30 Jan 2022 05:06:18 GMT

GET
H2 200 jtv_izle.jpg
1.bp.blogspot.com/-YNdjwOgXXGM/XlrTKpFmHyI/AAAAAAAAAes/8TsA7gpp5sIyiHlYq59Aab820-SfXlLygCLcBGAsYHQ/w680/ 10 KB
10 KB 169ms
118ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-YNdjwOgXXGM/XlrTKpFmHyI/AAAAAAAAAes/8TsA7gpp5sIyiHlYq59Aab820-SfXlLygCLcBGAsYHQ/w680/jtv_izle.jpg

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6a5c5f105334528e0b8476b0983bef83035ae7f869ecaa8ddeb67326663dd65c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:50:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="jtv_izle.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10305
x-xss-protection: 0
server: fife
etag: "v1ec"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 30 Jan 2022 05:06:18 GMT

GET
H2 200 chat.jpg
1.bp.blogspot.com/-gNdCkA4MWrQ/YIVFBXlDNgI/AAAAAAAAADE/o8mJh9_TEFImrrBJL0qi-0Tar_9rRvLswCNcBGAsYHQ/w200-h27/ 3 KB
3 KB 135ms
132ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-gNdCkA4MWrQ/YIVFBXlDNgI/AAAAAAAAADE/o8mJh9_TEFImrrBJL0qi-0Tar_9rRvLswCNcBGAsYHQ/w200-h27/chat.jpg

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

da0853468dec93ee93784a9edfae83dad004fed3089cd489f1e4d84c72c6814b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:50:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="chat.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2639
x-xss-protection: 0
server: fife
etag: "v32"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 30 Jan 2022 11:17:53 GMT

GET
H2 200 oldiptv%2B%25281%2529.jpg
1.bp.blogspot.com/-E06ZzPMrZ88/X932ANGMLqI/AAAAAAAAA6s/bd9M0HQSnS8CZCcLqv6LaIL3axfHz4C8gCLcBGAsYHQ/s0/ 46 KB
46 KB 104ms
102ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-E06ZzPMrZ88/X932ANGMLqI/AAAAAAAAA6s/bd9M0HQSnS8CZCcLqv6LaIL3axfHz4C8gCLcBGAsYHQ/s0/oldiptv%2B%25281%2529.jpg

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

30385444f2e3a8311bf5774fcc58a866aad84eddbf64bbcfcca45525e40b37c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:49:32 GMT
x-content-type-options: nosniff
age: 30
content-disposition: inline;filename="oldiptv (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47351
x-xss-protection: 0
server: fife
etag: "v3ac"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 18:12:24 GMT

GET
H/1.1 200
OK suv4.js Show response
velocitycdn.com/script/ 25 KB
9 KB 84ms
51ms Script
text/javascript 2606:4700:3030::ac43:a98c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://velocitycdn.com/script/suv4.js
Requested by: Host: www.levitravrd.com
URL: http://www.levitravrd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:a98c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 314f3228df2bf5a810714bc58d112483ae3ff32b68e35f6c235d7f298cce1b85

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=0kdGXw==, md5=6JAxf0lTq6f/Ttxj80T/RQ==
Date: Mon, 07 Feb 2022 19:50:02 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdtrE37fjFJnoXd5TjTcbd7AM-ltPhMf3tnPMr_r3I8wt_O0-Hr8HD5PZDxeqIyekclUsPev8MLPbUcIaL4JaB8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Feb 2022 13:32:16 GMT
Server: cloudflare
etag: W/"e890317f4953aba7ff4edc63f344ff45"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFYlbLmvAYPxTU2Rd3YseW7j5DpaiYt9d5xwmw3eagTiZFC3zTqLHopQFf3Pv9QYfJU0nZNL0mjMA2zLoExnzD0ATwtSr28EYWw8h8HWx%2BOoge03IZkitye8FSYj%2F%2FsnDmoQNzrC3agrTp8%2F4HM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1644240736927994
access-control-allow-origin: *
Content-Type: text/javascript
cache-control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 25433
CF-RAY: 6d9f2516d92cca47-YUL
expires: Mon, 07 Feb 2022 20:47:00 GMT

GET
H2 200 tivibusporizle.jpg
1.bp.blogspot.com/-_MbEgRE_eCE/XZCJ6a4_fiI/AAAAAAAAAQE/gYySiZe4V7smZnH7HxEiP2fpGzfL0sZPQCLcBGAsYHQ/w680/ 7 KB
7 KB 138ms
135ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-_MbEgRE_eCE/XZCJ6a4_fiI/AAAAAAAAAQE/gYySiZe4V7smZnH7HxEiP2fpGzfL0sZPQCLcBGAsYHQ/w680/tivibusporizle.jpg

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c4c9b01cd53fa2c4e96d9b9d814a6682933bf5b98b83b7e304062d61f6fe3f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:50:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="tivibusporizle.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7149
x-xss-protection: 0
server: fife
etag: "v102"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 29 Jan 2022 14:54:48 GMT

GET
H2 200 unknown.jpg
4.bp.blogspot.com/-0aSa-ufNdxw/X0PzLdodTTI/AAAAAAAAArk/nEuVkznC9rY44QoKlbY2GijMykHc1qkhwCLcBGAsYHQ/s200/ 45 KB
45 KB 94ms
46ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-0aSa-ufNdxw/X0PzLdodTTI/AAAAAAAAArk/nEuVkznC9rY44QoKlbY2GijMykHc1qkhwCLcBGAsYHQ/s200/unknown.jpg

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

912d05000bf72981793bd35136521eb67ad5358ae92c1512ae3c5a98e108e825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:50:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unknown.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45999
x-xss-protection: 0
server: fife
etag: "v2ba"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 19:00:35 GMT

GET
H2 200 taraftarium.jpg
2.bp.blogspot.com/-V4OiC2NCnLs/XAz54WwTQqI/AAAAAAAAAC4/OgWPvvtnT_0J8Qf9bVtttJMXIR4LtCEEQCLcBGAs/w680/ 42 KB
42 KB 47ms
44ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-V4OiC2NCnLs/XAz54WwTQqI/AAAAAAAAAC4/OgWPvvtnT_0J8Qf9bVtttJMXIR4LtCEEQCLcBGAs/w680/taraftarium.jpg

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0fd4443ea8a65543d4c7305997fa7f99a442774d5a38e9f5aae162f067a168d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:50:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="taraftarium.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42607
x-xss-protection: 0
server: fife
etag: "v30"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 29 Jan 2022 13:57:33 GMT

GET
H2 200 bein-sports-logo_tem8tks9zexo1wcor7mq0yv7p.jpg
2.bp.blogspot.com/-xpBSq6t2Vos/XKnhkCUdPOI/AAAAAAAAAHM/HIwpejxMoeog1hXvEpIfycCvCokvc5ixgCLcBGAs/w680/ 23 KB
23 KB 23ms
21ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-xpBSq6t2Vos/XKnhkCUdPOI/AAAAAAAAAHM/HIwpejxMoeog1hXvEpIfycCvCokvc5ixgCLcBGAs/w680/bein-sports-logo_tem8tks9zexo1wcor7mq0yv7p.jpg

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c9d52a6b83b6862039be6f7d5aef549c7a5338bf62f6746110cd79e90f95fd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:57:51 GMT
x-content-type-options: nosniff
age: 10331
content-disposition: inline;filename="bein-sports-logo_tem8tks9zexo1wcor7mq0yv7p.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23853
x-xss-protection: 0
server: fife
etag: "v74"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 29 Jan 2022 13:57:33 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 04:48:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Feb 2023 04:48:49 GMT

GET
H2 200 1596290430-widgets.js Show response
www.blogger.com/static/v1/widgets/ 155 KB
56 KB 93ms
22ms Script
text/javascript 2607:f8b0:4006:81e::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1596290430-widgets.js

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8687dc4e9499d7c7348ace8f698a38368c4333a833468c4042b691f966b6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 23:02:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57166
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 16:52:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 03 Feb 2023 23:02:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 108ms
20ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129743549-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5146
date: Mon, 07 Feb 2022 18:24:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 07 Feb 2022 20:24:16 GMT

GET
H/1.1 200
OK /
www.levitravrd.com/ 62 KB
62 KB 139ms
138ms Image
text/html 2606:4700:3037::ac43:9363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.levitravrd.com/

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

HTTP/1.1

Server

2606:4700:3037::ac43:9363 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 19:50:02 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Feb 2022 16:31:25 GMT
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70zs1NQLJkXfX2dtzwym%2BGrPW08PJ9TVvO7voj%2FovwCczIk6s2Xs%2B48Xoa%2BW8slLwzfx8lMEZJEFPuBWdOLKe3tiOnnISflqnuiSwGrUGG3p59LGgXROaKj05nA3DOhG450uNOOMndUlNnvTthsim4Q%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
cache-control: private, max-age=0
CF-RAY: 6d9f251759354bb8-YUL
expires: Mon, 07 Feb 2022 19:50:02 GMT

GET
H3 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 156ms
129ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://www.levitravrd.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:50:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 674, 617, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 13:49:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d308befec5cbca47a98aa97151bcdb51
accept-ranges: bytes
cf-ray: 6d9f25175b257157-YUL
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 16 KB
17 KB 39ms
20ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

HTTP/1.1

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.levitravrd.com/
Origin: http://www.levitravrd.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 19:23:39 GMT
X-Content-Type-Options: nosniff
Age: 260783
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 16692
X-XSS-Protection: 0
Last-Modified: Thu, 28 Oct 2021 00:32:10 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Sat, 04 Feb 2023 19:23:39 GMT

GET
H/1.1 200
OK memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
fonts.gstatic.com/s/opensans/v27/ 13 KB
13 KB 43ms
21ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

HTTP/1.1

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41eca038a89407c0b40c67b7140642ab8994df016e11179016278bd7ad76564c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.levitravrd.com/
Origin: http://www.levitravrd.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 16:21:09 GMT
X-Content-Type-Options: nosniff
Age: 444533
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 12956
X-XSS-Protection: 0
Last-Modified: Thu, 28 Oct 2021 00:30:41 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Thu, 02 Feb 2023 16:21:09 GMT

GET
H2 200 rcjOUqU.png
i.imgur.com/ 40 KB
41 KB 114ms
27ms Image
image/png 146.75.32.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/rcjOUqU.png

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

b31e1c4da5699c8b7432f585d46a43a5d534afe18fc46f01a1fbfbba9de51d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:50:02 GMT
x-content-type-options: nosniff
age: 253320
x-cache: HIT
content-length: 41398
x-served-by: cache-iad-kjyo7100117-IAD
last-modified: Wed, 12 May 2021 16:02:18 GMT
server: cat factory 1.0
x-timer: S1644263402.291522,VS0,VE1
etag: "8e22c6e53662f2a98631699c2c66ff51"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 HwXzl8.jpg
i.hizliresim.com/ 360 B
1 KB 106ms
34ms Image
image/webp 2606:4700:20::681a:3da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.hizliresim.com/HwXzl8.jpg
Requested by: Host: www.levitravrd.com
URL: http://www.levitravrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8983069f9cd89c9d4234039d1fa6d008a64c9c5a229cc7e1a49612b679541af4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 19:50:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 205542
cf-polished: origFmt=jpeg, origSize=553
content-disposition: inline; filename="HwXzl8.webp"
x-amz-request-id: 9A266BD208BBF213
x-amz-id-2: 8nKrKcH/Fwiwc02ttD/zv7yygnQKTzTTlaP+IERzvMVl9HE7qVjZBJQyet9tnFIBEx5nWPs2WNrz
last-modified: Thu, 18 Feb 2021 11:38:44 GMT
server: cloudflare
etag: W/"3f880f9304a0358e257dd87b337c5c91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdHvGCFq%2Brky7pGaOXTkHI93%2FdUkdwer5pZkfhiGq%2FMPH8kncheKqiy6EcFAWhwJlK0sYnKeAlUSTArv5Z8OdwNaq1alrFGXAheXH%2BuGBlhfdA8A14txPU%2Bs2OsjHQ7h7kgwuJbIM%2F%2BDez3xfBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 11 Feb 2022 11:10:02 GMT
cache-control: max-age=604800
cf-ray: 6d9f25182ddf7138-YUL
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK ut.js Show response
velocitycdn.com/script/ 15 KB
6 KB 55ms
55ms Script
text/javascript 2606:4700:3030::ac43:a98c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://velocitycdn.com/script/ut.js?cb=1644263402198
Requested by: Host: velocitycdn.com
URL: http://velocitycdn.com/script/suv4.js
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:a98c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c082f814dd75ad08dae22b237414d4b789dab5248c6b50953e1a60ad106c814

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=8Wv/4w==, md5=Hj4bfYjY+F0xXJcYSiVveQ==
Date: Mon, 07 Feb 2022 19:50:02 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdtOtsq1J1FyjE1HS19bLI97kLdg_H4ug4WXu4sNrxEu8Xmjb1K6rOrXpWC6FfACdt3Fmc0WRpa7QYpD5obOqIk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Feb 2022 12:22:51 GMT
Server: cloudflare
etag: W/"1e3e1b7d88d8f85d315c97184a256f79"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtGGypnXHh1hLY0jdmCbTivavRE3%2FY7Bme9uNin%2B83lnrdQhBsmwXocrrD1PL3CGSSW0021nGkRZc4Y3qh9nO%2Bx5mY5bs6pNAfcXG90So%2FPe4sxuaRab2F%2BmRZeyTsg74T5zttay6j0mCzQGTMQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1643890971548728
access-control-allow-origin: *
Content-Type: text/javascript
cache-control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 15378
CF-RAY: 6d9f2517da2aca47-YUL
expires: Mon, 07 Feb 2022 20:06:49 GMT

GET
H/1.1 200
OK suurl4.php Show response
youradexchange.com/script/ 1 KB
1 KB 131ms
109ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://youradexchange.com/script/suurl4.php?r=2618807&cbur=0.7905365020780035&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Trgool%20TV%20%7C%20Canl%C4%B1%20ma%C3%A7%20izle%2C%20Taraftarium24%2C%20Ma%C3%A7%20izle&cbpage=http%3A%2F%2Fwww.levitravrd.com%2F&cbref=&cbdescription=Trgool%20canl%C4%B1%20ma%C3%A7%20izlemek%20isteyenler%20i%C3%A7in%20canl%C4%B1%20ma%C3%A7%20izle%20hizmeti%20vermektedir.%20Taraftarium24%2C%20taraftarium%20izle%2C%20taraftarium%20tv.%20Trgool%20tv%20ma%C3%A7%20izle&cbkeywords=&cbcdn=velocitycdn.com&aggr=0
Requested by: Host: velocitycdn.com
URL: http://velocitycdn.com/script/suv4.js
Protocol: HTTP/1.1
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 356602629a298d4f53a99cb89afca3218cdff38090efb2fe04275b8e6040dfb9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 07 Feb 2022 19:50:02 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: openresty
Via: 1.1 google
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK summary Show response
www.levitravrd.com/feeds/posts/ 4 KB
2 KB 328ms
309ms Script
text/javascript 2606:4700:3037::ac43:9363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.levitravrd.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=dataFeed

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

HTTP/1.1

Server

2606:4700:3037::ac43:9363 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8344cefd9875d932e67eac21a6601f57f47e00f198cf6d3bf09cb974e32f510a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 19:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1486
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 16:31:25 GMT
Server: cloudflare
etag: W/"7c26ce7f3a54c0167f9ecf214c4403968516bf1470334158979c9b9c8c2ba5a1"
x-frame-options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXms4wFNo9egPhwOEoL7M%2BdbOdeWN25U2nHRVYDq5Hv6ypayVn8TDdjd8NQ9AgNWdinkg7Naota8QK%2B7Snql1ySQufP5%2F8dip0DU4YeNtvnN1LjFfUCaqefHj%2BA5cLiMNRQYewrINglzFCsvqMxk6xY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
CF-RAY: 6d9f25187b32ca5f-YUL
expires: Mon, 07 Feb 2022 19:50:03 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 63ms
35ms XHR
text/plain 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1386077002&t=pageview&_s=1&dl=http%3A%2F%2Fwww.levitravrd.com%2F&ul=en-us&de=UTF-8&dt=Trgool%20TV%20%7C%20Canl%C4%B1%20ma%C3%A7%20izle%2C%20Taraftarium24%2C%20Ma%C3%A7%20izle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1173706605&gjid=302104843&cid=1553507445.1644263402&tid=UA-129743549-5&_gid=726420625.1644263402&_r=1&gtm=2ou220&z=1570146708

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.levitravrd.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 19:50:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.levitravrd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 235ms
77ms Script
application/x-javascript 2a03:2880:f001:b:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.levitravrd.com
URL: http://www.levitravrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f001:b:face:b00c:0:3 Seattle, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

312768352eb8490d654f2d1d02f7ebf61b4b274b7692e3d6a299b6c2795667c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.levitravrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3t/2hpzV794fKbf0dFheEg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: gf9l/LsLPl1t9mwD7s9tse/o41vS1MFVo0OGv93io1HMXJybALW+ZaKlZYCkr5dpv+R+UgyIMwiIQnjkTmvOSA==
x-fb-trip-id: 2050670934
x-fb-content-md5: dd3e6c4c59a9c7e426ef1175bd17ffbd
x-frame-options: DENY
date: Mon, 07 Feb 2022 19:50:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0fee507d5a19f9cdc3fdead629c98660"
timing-allow-origin: *
expires: Mon, 07 Feb 2022 20:08:06 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 151ms
75ms Script
application/x-javascript 2a03:2880:f001:b:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6b38708e5a301d0c35c3c75e07043e5d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f001:b:face:b00c:0:3 Seattle, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee0fe037f91c438f9f98cfd4dfae9f47e8988aed2269d85a836491dee6cac659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.levitravrd.com/
Origin: http://www.levitravrd.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: k85TiPWqjjeSL47n/OWkKQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 07 Feb 2023 19:08:04 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82044
x-fb-rlafr: 0
x-fb-debug: TzXJJ3XMENBVnrvVX2xVhRvUP030lKo/9lzq6KZuc68o0vrYdm78eJoqP1TU3bJuiymSmAfcC7mqsRiy7oLpEg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4986f6a1cee95f63faf0f550422ed88e
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Feb 2022 19:50:02 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "799d3397f194da8523c1990bdb4cc7dc"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.levitravrd.com/	1970-01-20 18:15:35	Name: _ga Value: GA1.2.1553507445.1644263402
.levitravrd.com/	1970-01-20 00:45:49	Name: _gid Value: GA1.2.726420625.1644263402
.levitravrd.com/	1970-01-20 00:44:23	Name: _gat_gtag_UA_129743549_5 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
ajax.googleapis.com
canadianonlinepharmacyrgby.com
connect.facebook.net
fonts.gstatic.com
i.hizliresim.com
i.imgur.com
stackpath.bootstrapcdn.com
t24reklam.xyz
velocitycdn.com
www.blogger.com
www.creditscorecheckn.com
www.gamexslots.com
www.generictadalafil20mg.com
www.google-analytics.com
www.googletagmanager.com
www.levitravrd.com
www.plfored.com
www.sildenofil.com
www.tadalafilexpress.com
youradexchange.com
146.75.32.193
2606:4700:20::681a:3da
2606:4700:3030::ac43:99a4
2606:4700:3030::ac43:a98c
2606:4700:3030::ac43:dc16
2606:4700:3032::6815:e87
2606:4700:3034::6815:5db8
2606:4700:3036::6815:5ba1
2606:4700:3037::6815:2fd5
2606:4700:3037::6815:3120
2606:4700:3037::6815:3e48
2606:4700:3037::ac43:9363
2606:4700::6812:acf
2607:f8b0:4006:806::2001
2607:f8b0:4006:80c::200e
2607:f8b0:4006:81e::2009
2607:f8b0:4006:823::2008
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::2003
2a03:2880:f001:b:face:b00c:0:3
35.190.41.116
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0fd4443ea8a65543d4c7305997fa7f99a442774d5a38e9f5aae162f067a168d6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30385444f2e3a8311bf5774fcc58a866aad84eddbf64bbcfcca45525e40b37c8
312768352eb8490d654f2d1d02f7ebf61b4b274b7692e3d6a299b6c2795667c9
314f3228df2bf5a810714bc58d112483ae3ff32b68e35f6c235d7f298cce1b85
356602629a298d4f53a99cb89afca3218cdff38090efb2fe04275b8e6040dfb9
3c082f814dd75ad08dae22b237414d4b789dab5248c6b50953e1a60ad106c814
3c4c9b01cd53fa2c4e96d9b9d814a6682933bf5b98b83b7e304062d61f6fe3f5
41eca038a89407c0b40c67b7140642ab8994df016e11179016278bd7ad76564c
48e0ab0fd569039b938083f082857af58b4622dcbe6e61920cebaf7d09e739da
4be390ba764557e705bc0dd328e1b686bc9aef39e569037093975b8f2658e4c3
5e008386f2201a801835557867c1ba60a3c6c606f3a92c5792cc0903c2142307
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a5c5f105334528e0b8476b0983bef83035ae7f869ecaa8ddeb67326663dd65c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8344cefd9875d932e67eac21a6601f57f47e00f198cf6d3bf09cb974e32f510a
863e0522f767a610615e951bceaae184b4d586a603f9032dc7899f1a509ab30d
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
885cb7fbc64c680658eab2e83b97a37af98ed10e983640306be027a14e13d763
8983069f9cd89c9d4234039d1fa6d008a64c9c5a229cc7e1a49612b679541af4
912d05000bf72981793bd35136521eb67ad5358ae92c1512ae3c5a98e108e825
95726bf49ae5a40a17fe6fe62dc660f9079ab21a6293fc59be526471f3c060ab
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b31e1c4da5699c8b7432f585d46a43a5d534afe18fc46f01a1fbfbba9de51d2b
b4eed171d41cbbf254994112170ad7d3c6e09f0d6c9b90be4dcc9dcf66a5cb1c
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c9cbc5047776a92b4b58e5a7e95f6e1f9f54b16407e22238652a429a157a1f8b
c9d52a6b83b6862039be6f7d5aef549c7a5338bf62f6746110cd79e90f95fd6e
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
da0853468dec93ee93784a9edfae83dad004fed3089cd489f1e4d84c72c6814b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed416dc7602740079f4fd4a83bc61a063f465ac52cb3e37414fcb27a1fa6af5e
ee0fe037f91c438f9f98cfd4dfae9f47e8988aed2269d85a836491dee6cac659
f2bad62f8f795fa6cd9e587128109934a13938fa06b9bb5d1700643854088f7e
f8687dc4e9499d7c7348ace8f698a38368c4333a833468c4042b691f966b6909

www.levitravrd.com Open in urlscan Pro 2606:4700:3037::ac43:9363 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

73 %HTTPS

90 %IPv6

21 Domains

24 Subdomains

14 IPs

1 Countries

2167 kBTransfer

2891 kBSize

3 Cookies

10 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.levitravrd.com Open in urlscan Pro
2606:4700:3037::ac43:9363 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

73 %
HTTPS

90 %
IPv6

21
Domains

24
Subdomains

14
IPs

1
Countries

2167 kB
Transfer

2891 kB
Size

3
Cookies

37 HTTP transactions
0 data transactions