URL: https://transfer.levelcity.xyz/
Submission: On November 21 via api from US — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 57 HTTP transactions. The main IP is 2606:4700:3037::6815:8ad, located in United States and belongs to CLOUDFLARENET, US. The main domain is transfer.levelcity.xyz.
TLS certificate: Issued by WE1 on October 17th 2024. Valid for: 3 months.
This is the only time transfer.levelcity.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
28 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
197 KB
24 levelcity.xyz
transfer.levelcity.xyz
8 MB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
19 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
31 KB
57 4
Domain Requested by
28 pagead2.googlesyndication.com transfer.levelcity.xyz
pagead2.googlesyndication.com
24 transfer.levelcity.xyz 1 redirects transfer.levelcity.xyz
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 code.jquery.com transfer.levelcity.xyz
57 5

This site contains links to these domains. Also see Links.

Domain
kantipurthemes.com
Subject Issuer Validity Valid
levelcity.xyz
WE1
2024-10-17 -
2025-01-15
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
adtrafficquality.google
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 8 frames:

Primary Page: https://transfer.levelcity.xyz/
Frame ID: 3009FE320214CB375F5C36A36AFF1573
Requests: 49 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: 97A676582A4C9BB623F1F46BB736997B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8370016326087283&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1732164484&plat=3%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Ftransfer.levelcity.xyz%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732164484752&bpp=13&bdt=105&idt=96&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=6202182683064&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756&oid=2&pvsid=129817076680958&tmod=2092026218&uas=0&nvt=1&fsapi=1&fc=1920&brdim=140%2C140%2C140%2C140%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=125
Frame ID: 67B9D405623A1E3E0FD1BF6B86D0205D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8370016326087283&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1732164484&rafmt=1&to=qs&pwprc=5495804223&format=1200x280&url=https%3A%2F%2Ftransfer.levelcity.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732164484765&bpp=1&bdt=118&idt=132&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=6202182683064&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756&oid=2&pvsid=129817076680958&tmod=2092026218&uas=0&nvt=1&fc=1920&brdim=140%2C140%2C140%2C140%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=141
Frame ID: F10936FE1716FA77BD72CE0ACAC0C693
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8370016326087283&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.697687507~rp.1&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1732164485&rafmt=1&to=qs&pwprc=5495804223&format=1200x280&url=https%3A%2F%2Ftransfer.levelcity.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732164485073&bpp=1&bdt=426&idt=-M&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eo_id_str=ID%3D1b41c586f10d0be9%3AT%3D1732164484%3ART%3D1732164484%3AS%3DAA-AfjaOEy8jBr6tsZRGEeiVl4er&prev_fmts=0x0%2C1200x280&nras=3&correlator=6202182683064&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756&oid=2&pvsid=129817076680958&tmod=2092026218&uas=0&nvt=1&fc=1920&brdim=140%2C140%2C140%2C140%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Frame ID: 506D3C583AD9B0D0E4648A21EB6BFB5F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8370016326087283&output=html&h=280&adk=1402624194&adf=1924423427&pi=t.aa~a.423021743~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1732164485&rafmt=1&to=qs&pwprc=5495804223&format=1200x280&url=https%3A%2F%2Ftransfer.levelcity.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732164485073&bpp=2&bdt=426&idt=-M&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eo_id_str=ID%3D1b41c586f10d0be9%3AT%3D1732164484%3ART%3D1732164484%3AS%3DAA-AfjaOEy8jBr6tsZRGEeiVl4er&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6202182683064&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756&oid=2&pvsid=129817076680958&tmod=2092026218&uas=0&nvt=1&fc=1920&brdim=140%2C140%2C140%2C140%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Frame ID: 7F128DB5CE291B76B26577E5BF4218F7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8370016326087283&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1732164485&rafmt=1&to=qs&pwprc=5495804223&format=1200x280&url=https%3A%2F%2Ftransfer.levelcity.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732164485073&bpp=1&bdt=426&idt=0&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eo_id_str=ID%3D1b41c586f10d0be9%3AT%3D1732164484%3ART%3D1732164484%3AS%3DAA-AfjaOEy8jBr6tsZRGEeiVl4er&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6202182683064&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4663&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756&oid=2&pvsid=129817076680958&tmod=2092026218&uas=0&nvt=1&fc=1920&brdim=140%2C140%2C140%2C140%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16
Frame ID: 7DC3A794FAA9F2576AC8AE2179D8442C
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: B891B6DC5894EA3CA1257E74BC014429
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

transfer.levelcity.xyz

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

95 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

8525 kB
Transfer

9289 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://transfer.levelcity.xyz/favicon.ico HTTP 302
  • https://transfer.levelcity.xyz/wp-includes/images/w-logo-blue-white-bg.png

57 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
transfer.levelcity.xyz/
90 KB
24 KB
Document
General
Full URL
https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b663b36821e190d7ed1abb57c1ec6922dc62d1c06c4bb0af50604e74653b49df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e5e0b9a3e4418bf-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 21 Nov 2024 04:48:04 GMT
link
<https://transfer.levelcity.xyz/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jtN7LvX2GMKT8E2DEP9nf2T4%2B3K1zszCaZ%2FPIMo3p0ulPProGhW6%2FDSdS55kOfVJGYos5jO3Rfdv2t3%2BcMcoyou0vEBoQQ5xoKnCoTkQOD%2F8X8dHRjo1lxmbOXEGwxcrATkKaHbOT5vsswcjjV04%2B321uAGC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=6527&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4135&recv_bytes=4432&delivery_rate=884&cwnd=12000&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=456&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
x-litespeed-cache
hit
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
160 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8370016326087283
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d62980f99dd49a59dab8a5557d9a8b19f6efa0fc0b680c75f013d2dde813f787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://transfer.levelcity.xyz
Referer
https://transfer.levelcity.xyz/

Response headers

content-encoding
br
etag
5584575610997849857
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 04:48:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 21 Nov 2024 04:48:04 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53722
x-xss-protection
0
server
cafe
4ca405ebedf5fdb8e3b5706ea634c341.css
transfer.levelcity.xyz/wp-content/fonts/
6 KB
1 KB
Stylesheet
General
Full URL
https://transfer.levelcity.xyz/wp-content/fonts/4ca405ebedf5fdb8e3b5706ea634c341.css
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0981f0d17ec07b3c22d5ac768ae99f9ff5f04dd26b67b69ca9641332df72dcbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"166c-6735ca41-418f07;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uaQloBCDkee7FZnZQJtynqVCOHQZnlIBcXJgW9gMexLF%2B%2BYhZC8CcqP5QSPcUem1Q%2BB0lPTsptyq5LkNdAulmoeooqaLDBpbqrzsl8olIDOsEnCHlI5S9Ez8qJlF0FQ9YL9pOb5gVOU0Nol0FjQpCDq%2BFNc2"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5e0b9d281918bf-FRA
expires
Thu, 28 Nov 2024 04:48:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6426&sent=52&recv=35&lost=0&retrans=0&sent_bytes=47793&recv_bytes=9534&delivery_rate=7731&cwnd=22800&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=806&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:04 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 10:00:33 GMT
vary
Accept-Encoding
server
cloudflare
style.min.css
transfer.levelcity.xyz/wp-includes/css/dist/block-library/
112 KB
17 KB
Stylesheet
General
Full URL
https://transfer.levelcity.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.7
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"1c012-6735a7a4-41555b;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YaeAoDWcKORMWf1b6klLLercQi8QNpYzjMTSqTt1eJ2hkPuXlldbjZIHf%2FJdoNIqwPd3k8EnBxfM2qyoFUgpMlLBxmQqn0qyA%2FW3KcoORrq%2BHBCRVyyWaGv%2BlL%2BsBO7%2Bar97zp2KXFD8rFjqjoJ5ZZZkpT2W"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5e0b9d281a18bf-FRA
expires
Thu, 28 Nov 2024 04:48:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8313&sent=57&recv=42&lost=0&retrans=0&sent_bytes=51493&recv_bytes=9835&delivery_rate=50111&cwnd=22800&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=815&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:04 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 07:32:52 GMT
vary
Accept-Encoding
server
cloudflare
blocks.css
transfer.levelcity.xyz/wp-content/themes/cube-blog/assets/css/
9 KB
3 KB
Stylesheet
General
Full URL
https://transfer.levelcity.xyz/wp-content/themes/cube-blog/assets/css/blocks.css?ver=6.7
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03e725558adcb575480f50837d552366cb2321290b682834cba93644dd0e75b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"24e2-6735ca09-418ceb;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S42MxFqLfCQT1L%2B8r%2FUA7xbYJ6AmeX3msK9PhObTb4b5EeOFuvoOPxLze%2FFHtd9m%2ByIVstNe4z9s2iTPo79H6Jot6GnG1xCbTeJMULqQTgTaVGyENk14UjRVHKGAtCV33cgZgndED7pKEQ1CveGEq48tu1mi"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5e0b9d281b18bf-FRA
expires
Thu, 28 Nov 2024 04:48:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6487&sent=35&recv=34&lost=0&retrans=0&sent_bytes=29685&recv_bytes=9491&delivery_rate=2178178&cwnd=22800&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=794&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:04 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 09:59:37 GMT
vary
Accept-Encoding
server
cloudflare
slick-theme.css
transfer.levelcity.xyz/wp-content/themes/cube-blog/assets/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://transfer.levelcity.xyz/wp-content/themes/cube-blog/assets/css/slick-theme.css?ver=6.7
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b3e28e452d1c6755558a8b7133735ccfb9760591c1f6be7322dd0c452c94b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"c55-6735ca09-418cef;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yf03XEnMPWAQM%2FH%2B5PpLEd3y6gtuC6i5TMIwQMKIhbvRDb1MzRUAMLvqMO7Dei39z2%2F35Dt9rBCSWbcm%2F1efFC47KwyoNH0uBmJEpEUK5KaPkAJjGDw9ityyycmsDqLI9ZmEXxbpYqyu7gefvIC%2Ft4XOiSCu"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5e0b9d281c18bf-FRA
expires
Thu, 28 Nov 2024 04:48:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8342&sent=67&recv=43&lost=0&retrans=0&sent_bytes=63493&recv_bytes=9878&delivery_rate=54177&cwnd=22800&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=815&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:04 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 09:59:37 GMT
vary
Accept-Encoding
server
cloudflare
slick.css
transfer.levelcity.xyz/wp-content/themes/cube-blog/assets/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://transfer.levelcity.xyz/wp-content/themes/cube-blog/assets/css/slick.css?ver=6.7
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"6f0-6735ca09-418cf0;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BdlYSCZ4SoRAhoGSZ3kPwBCn2a%2BoNChTt4z96Li%2FZLlNOP5NBdF%2BGdApMWbmFJMZYhi3bGmQuhhQXi3mghlHN0bbdq7pTzc5xE2aHIv3I863k9ogMD2JBiWrTo%2FQu3Bghmoiayd3POz5h3ndaYBa21sbPf9a"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5e0b9d281e18bf-FRA
expires
Thu, 28 Nov 2024 04:48:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6368&sent=54&recv=36&lost=0&retrans=0&sent_bytes=49019&recv_bytes=9577&delivery_rate=5882&cwnd=22800&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=810&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:04 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 09:59:37 GMT
vary
Accept-Encoding
server
cloudflare
style.css
transfer.levelcity.xyz/wp-content/themes/cube-blog/
57 KB
13 KB
Stylesheet
General
Full URL
https://transfer.levelcity.xyz/wp-content/themes/cube-blog/style.css?ver=6.7
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef9f30d039dfc1089d4b5a9c840c5cf86f599c9d7643fc3826da8c52db86a67d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"e5e0-6735ca09-418d12;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ktuSR%2B7T48%2BDYK9odJuKUfE78uck%2Be7Aoj%2FdJozC9EecqoM3I7Jx%2F3fArMyEXwDodkOYvgLBE7h2ABB6UK32Fsx%2BWznNL2B8FHpZpBszIk7Ns8FhfM5s1FosnD0q9QaKalz1oG9cxWfl2nEwlujOa7XY8xfO"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5e0b9d281f18bf-FRA
expires
Thu, 28 Nov 2024 04:48:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6426&sent=40&recv=35&lost=0&retrans=0&sent_bytes=34524&recv_bytes=9534&delivery_rate=7731&cwnd=22800&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=804&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:04 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 09:59:37 GMT
vary
Accept-Encoding
server
cloudflare
featured-image-1731578929-1.png
transfer.levelcity.xyz/wp-content/uploads/2024/11/
1 MB
1 MB
Image
General
Full URL
https://transfer.levelcity.xyz/wp-content/uploads/2024/11/featured-image-1731578929-1.png
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96796099bab6b693060fd20c42450337cd2569b6214a02e81e7f9342d860b666

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cf-cache-status
MISS
etag
"1341ff-6735cc31-4193f4;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3K3pxUyvEoEXU8UF%2BfHxKJOICy3tVbqBzhGrHrlSsLsakmcmtWzHq17gEo7ixqEPH34HrT20UZBkOcVrOdfU3W%2Fm0SDPSoHYnI3RbvaoScGC1HHGsrrWEDS4cbEgSDgiSFvIgE1mqrB%2FMTvObCOM3yCUIQLy"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 04:48:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7465&sent=124&recv=77&lost=0&retrans=0&sent_bytes=122871&recv_bytes=14090&delivery_rate=179196&cwnd=34800&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=1051&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:05 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 10:08:49 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5e0b9d282118bf-FRA
accept-ranges
bytes
content-length
1262079
server
cloudflare
featured-image-1731578910-1.png
transfer.levelcity.xyz/wp-content/uploads/2024/11/
2 MB
2 MB
Image
General
Full URL
https://transfer.levelcity.xyz/wp-content/uploads/2024/11/featured-image-1731578910-1.png
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d276196108be79b6c90cc21bb8cae52e3900dd5f2e8d1153843e5e20af6be9f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cf-cache-status
MISS
etag
"192958-6735cc1e-4193d2;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67pLBGQwkqQTU6PqL7CymjR%2BfJqevNTdrhXO%2FL4mWgjyLcbFZbAVKlqQanFhGUS1sZ%2FN1ReJG3CVPLTKUORnPSIVRGsjfqolyI6rbcYzC%2BR0nEG8RlO90%2BKuLu1e0W27jBMTcpVetEG%2FlxXOFNS%2BpRpyv0RB"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 04:48:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7465&sent=151&recv=77&lost=0&retrans=0&sent_bytes=154726&recv_bytes=14090&delivery_rate=179196&cwnd=34800&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=1053&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:05 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 10:08:30 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5e0b9d282218bf-FRA
accept-ranges
bytes
content-length
1648984
server
cloudflare
featured-image-1731578887-1.png
transfer.levelcity.xyz/wp-content/uploads/2024/11/
1 MB
1 MB
Image
General
Full URL
https://transfer.levelcity.xyz/wp-content/uploads/2024/11/featured-image-1731578887-1.png
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f7e80659e2b25683a0e952eda781f400de7b25a6dd9b212aaf96f8311b76b62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cf-cache-status
MISS
etag
"150e37-6735cc07-4193b8;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Byk%2FQMZVBBQ5JQGD1ihsTkabutl5TRqnViP9fLw6FfwYw5l9Zx%2BOPZLRa4W7rtMFj7uQkVsLI0uuAgMbedEkSrfUdWqfGFlohy7Oosl15g11jKXvL1L4PLKRhnUHOBd9xSi%2BC%2FbFoKBMfY1hjdLIs3aR0W7R"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 04:48:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7660&sent=97&recv=71&lost=0&retrans=0&sent_bytes=91013&recv_bytes=13825&delivery_rate=276704&cwnd=34800&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=1037&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:05 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 10:08:07 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5e0b9d282318bf-FRA
accept-ranges
bytes
content-length
1379895
server
cloudflare
jquery-3.6.0.min.js
code.jquery.com/
87 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15d9d"
age
2146811
x-cache
HIT, HIT
date
Thu, 21 Nov 2024 04:48:04 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
8, 837768
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230109-FRA
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1732164485.685942,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30875
server
nginx
slick.js
transfer.levelcity.xyz/wp-content/themes/cube-blog/assets/js/
87 KB
17 KB
Script
General
Full URL
https://transfer.levelcity.xyz/wp-content/themes/cube-blog/assets/js/slick.js?ver=2017417
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d673c6a5c22109dec56f96b5698f5a4eceaec4c721ebc32b78e437871a26cbb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"15c5b-6735ca09-418cfa;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MsUuDPwI1zI76TPy%2FTphVDUjFSr4lz5hgQgAC0Ke5hTFf74hXtfU4rmi%2BigfsNczGaQFngQGYpBDjtB94zqAoZAZ9vd88D2pLUAx1QKSDF4lV8jA30dkFKQeMxongngpwgKQA8fy4fsLx4bsM1glLh84gIy6"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5e0b9d282418bf-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8342&sent=74&recv=43&lost=0&retrans=0&sent_bytes=71027&recv_bytes=9878&delivery_rate=54177&cwnd=22800&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=816&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:04 GMT
content-type
text/javascript
last-modified
Thu, 14 Nov 2024 09:59:37 GMT
vary
Accept-Encoding
server
cloudflare
skip-link-focus-fix.js
transfer.levelcity.xyz/wp-content/themes/cube-blog/assets/js/
716 B
1 KB
Script
General
Full URL
https://transfer.levelcity.xyz/wp-content/themes/cube-blog/assets/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93c964e1bd5719c525c73073cf64f4c2b03dd6d4fa846d5bce3142596b3f1e97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"2cc-6735ca09-418cf9;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nBEewgFsCNymaVbmWBVZFdlOxMYqAaTdXhL%2BnScOLjtRlPdBH8pwA8Qb%2FPUxqrHFDUbtd7Dt8Tayaor7xMznZ2%2Fu%2BR6oryRmmSj9sQ5gW2wKTHBlXkDsF1ow5vTSa7LYLkLGW7kqUfsXuGx%2FpsnyCrpQkvZT"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5e0b9d282518bf-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8313&sent=56&recv=42&lost=0&retrans=0&sent_bytes=50366&recv_bytes=9835&delivery_rate=50111&cwnd=22800&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=812&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:04 GMT
content-type
text/javascript
last-modified
Thu, 14 Nov 2024 09:59:37 GMT
vary
Accept-Encoding
server
cloudflare
navigation.js
transfer.levelcity.xyz/wp-content/themes/cube-blog/assets/js/
4 KB
2 KB
Script
General
Full URL
https://transfer.levelcity.xyz/wp-content/themes/cube-blog/assets/js/navigation.js?ver=1.0
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9b229590dbd80a133d2be442d85c28a79f4905094bde2f55ee72873445b6a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"e76-6735ca09-418cf8;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8yBh%2Bs0mJCbLos%2BPInDYLmFvRU6VQoNyio%2BMZ2gRUaZ6%2BfEcFzsQ3Le4oxR7azRlsNUV%2F3w9yvWYG9NqKZaE%2FbuSRILLWqQGd8Qc%2BEUb4wMCk9cKEwYKj9Ei2NSwAeuQ6N2lWokPQK8OqlLURF7g6VAyBKHy"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5e0b9d282618bf-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7733&sent=92&recv=62&lost=0&retrans=0&sent_bytes=88960&recv_bytes=10711&delivery_rate=3441470&cwnd=34800&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=835&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:05 GMT
content-type
text/javascript
last-modified
Thu, 14 Nov 2024 09:59:37 GMT
vary
Accept-Encoding
server
cloudflare
custom.js
transfer.levelcity.xyz/wp-content/themes/cube-blog/assets/js/
3 KB
2 KB
Script
General
Full URL
https://transfer.levelcity.xyz/wp-content/themes/cube-blog/assets/js/custom.js?ver=20151215
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea149c3555eba392640309c0959b2d4a13d85b5ae447d5e06a1320353c3cd5aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"cf3-6735ca09-418cf5;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0GBePA%2F6EhiKeQH6EGaee%2BL2TyhvEmqTcbyt0JIZgK0ATGMaryCneOlpl5r0OjKdrrB%2BBNLYe%2BTCHmm83t%2FCTUfqaS1a1t3b8m5bIr7kfhQPrEpcsK9Kk3MErs9fVY0aAMu8K%2FsXj2AhAIEqfWWVDx%2F3YEr5"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5e0b9d282718bf-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6426&sent=38&recv=35&lost=0&retrans=0&sent_bytes=32721&recv_bytes=9534&delivery_rate=7731&cwnd=22800&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=801&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:04 GMT
content-type
text/javascript
last-modified
Thu, 14 Nov 2024 09:59:37 GMT
vary
Accept-Encoding
server
cloudflare
f39935ef-fa36-469a-825e-673b142de4c1
https://transfer.levelcity.xyz/ Frame
0
0

show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/
434 KB
144 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8370016326087283&plah=transfer.levelcity.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8370016326087283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86cccba7bbc5b224fdd6ecffd78cc29d16531eb82651587caf405a2f516d9982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

content-encoding
br
etag
16648912489518321352
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 04:48:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 21 Nov 2024 04:48:04 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147668
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1047726828869073&num=0&dvc=0&eid=42533202%2C31088727%2C95344787
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241120/r20190131/ Frame 97A6
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8370016326087283&plah=transfer.levelcity.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://transfer.levelcity.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
33998
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 19:21:26 GMT
etag
17661348622971093804
expires
Wed, 04 Dec 2024 19:21:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 67B9
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8370016326087283&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1732164484&plat=3%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Ftransfer.levelcity.xyz%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732164484752&bpp=13&bdt=105&idt=96&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=6202182683064&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756&oid=2&pvsid=129817076680958&tmod=2092026218&uas=0&nvt=1&fsapi=1&fc=1920&brdim=140%2C140%2C140%2C140%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=125
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8370016326087283&plah=transfer.levelcity.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://transfer.levelcity.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
5516
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 04:48:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame F109
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8370016326087283&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1732164484&rafmt=1&to=qs&pwprc=5495804223&format=1200x280&url=https%3A%2F%2Ftransfer.levelcity.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732164484765&bpp=1&bdt=118&idt=132&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=6202182683064&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756&oid=2&pvsid=129817076680958&tmod=2092026218&uas=0&nvt=1&fc=1920&brdim=140%2C140%2C140%2C140%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=141
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8370016326087283&plah=transfer.levelcity.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://transfer.levelcity.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
300
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 04:48:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
92zatBhPNqw73oTd4g.woff2
transfer.levelcity.xyz/wp-content/fonts/jost/
26 KB
27 KB
Font
General
Full URL
https://transfer.levelcity.xyz/wp-content/fonts/jost/92zatBhPNqw73oTd4g.woff2
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/wp-content/fonts/4ca405ebedf5fdb8e3b5706ea634c341.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7726a5cd6f3c0e876c028ea2a643d45f7aad4b0f164b70966c669f4a4668f4b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://transfer.levelcity.xyz
Referer
https://transfer.levelcity.xyz/wp-content/fonts/4ca405ebedf5fdb8e3b5706ea634c341.css

Response headers

cf-cache-status
MISS
etag
"67d0-6735ca41-114f43;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=atO4Sdlqo9c6N0cp4maGLR7HCMQ5YGvn8%2Fw1oAwRAdUgxFV%2B9icCRMW5DxqEAISdPuF3fZgwZQzc%2FUq6Zx8GhJv20GaeHVe00NWwF7PFaabdMvXei1JZteTIl8nmlV1QKHFglaYw3xx9d5ZC%2FzxQArmgj%2BEI"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 04:48:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6729&sent=1062&recv=176&lost=0&retrans=0&sent_bytes=1231537&recv_bytes=18573&delivery_rate=11195385&cwnd=136800&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=1289&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:05 GMT
content-type
font/woff2
last-modified
Thu, 14 Nov 2024 10:00:33 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5e0b9f896818bf-FRA
accept-ranges
bytes
content-length
26576
server
cloudflare
featured-image-1731578865-1-768x768.png
transfer.levelcity.xyz/wp-content/uploads/2024/11/
686 KB
687 KB
Image
General
Full URL
https://transfer.levelcity.xyz/wp-content/uploads/2024/11/featured-image-1731578865-1-768x768.png
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d20aefff326ab28ca79cc8f49f0d9eb129fdade4ac05a2ff57210614e2ac791b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cf-cache-status
MISS
etag
"ab7ba-6735cbf4-419399;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rc4fUGk6wq1lldZVOCIrZLZ%2FWES8D%2BA%2FOzblD8LMhOe81tN5twa4JPhbvZNTOnN%2BphkPkiktyaxvpLD4GHdHd7gWAs6eF0QAusRSNJI4jA9zzYhCzrMUYJ02KpAi9RdOVBvg3RXe9%2B%2BPBPjd2k6D8mDttDIx"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 04:48:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6812&sent=3007&recv=370&lost=81&retrans=81&sent_bytes=3526664&recv_bytes=27462&delivery_rate=15788829&cwnd=148575&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=1433&x=1", cfHdrFlush;dur=2
date
Thu, 21 Nov 2024 04:48:05 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 10:07:48 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5e0b9f997418bf-FRA
accept-ranges
bytes
content-length
702394
server
cloudflare
featured-image-1731578847-1-768x768.png
transfer.levelcity.xyz/wp-content/uploads/2024/11/
594 KB
595 KB
Image
General
Full URL
https://transfer.levelcity.xyz/wp-content/uploads/2024/11/featured-image-1731578847-1-768x768.png
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cae5476fe8a77667130fd942554889471048b6029d4cf1652c02627c560657d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cf-cache-status
MISS
etag
"949ab-6735cbe2-41937e;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AfrN%2BgU1mBusoXA1hLIrJhd8HbJAlxgcINr3KeetKlMBgmQ%2FeFX2YmnXZthuy4Fom8UiY5E3LvOxRYPT2u7sA%2BmzEJn7kE%2FJegNv87LSYtmDwcN%2FAKSupM5kkDl8aLdGttHImKNMfvTu6KErJVWGj%2B6pDhWB"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 04:48:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6871&sent=3389&recv=410&lost=81&retrans=81&sent_bytes=3969739&recv_bytes=29299&delivery_rate=19577098&cwnd=150975&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=1454&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:05 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 10:07:30 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5e0b9f997518bf-FRA
accept-ranges
bytes
content-length
608683
server
cloudflare
featured-image-1731578824-1-768x768.png
transfer.levelcity.xyz/wp-content/uploads/2024/11/
756 KB
757 KB
Image
General
Full URL
https://transfer.levelcity.xyz/wp-content/uploads/2024/11/featured-image-1731578824-1-768x768.png
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d5413e7ed48ee2e03ebac6eeddd1158c7aa551de684a7b539cdde78eb6a056

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cf-cache-status
MISS
etag
"bce92-6735cbca-41934c;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yPmLIuwssMJjv5%2Bz2%2BLINqwqqF2ZW%2BYqn1nEG%2BuKgLqXPGkin73qTKDoz46oeML6jT%2BeymCZaGBYhLcjNRtOeVRCZtq0DP0ivlZYcSWgaQXa%2FiAEGIZCnSOpJC1b88TxpsNmkamusUl365Yfb1blWNWYg%2FLO"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 04:48:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6756&sent=3167&recv=386&lost=81&retrans=81&sent_bytes=3710797&recv_bytes=28213&delivery_rate=21321852&cwnd=149775&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=1443&x=1", cfHdrFlush;dur=1
date
Thu, 21 Nov 2024 04:48:05 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 10:07:06 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5e0b9f997618bf-FRA
accept-ranges
bytes
content-length
773778
server
cloudflare
featured-image-1731578802-1-768x768.png
transfer.levelcity.xyz/wp-content/uploads/2024/11/
557 KB
558 KB
Image
General
Full URL
https://transfer.levelcity.xyz/wp-content/uploads/2024/11/featured-image-1731578802-1-768x768.png
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c328f85bc5974d7a652e4bb1bdd8e43e4cc3f4e5fb80a7da954fc4f78141f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cf-cache-status
MISS
etag
"8b36f-6735cbb7-419331;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=becQPM3h4dZYeXhG%2B5of9zsLtK5OxdlT16Sh%2BVJ%2BjzWLlDz9LZ6zRfL72KcMYGqmBNddm9U1M0o9660RY1hd6FZ%2F2sZ8QNJL8PRQG7YNDBQ%2By2T9%2FjBwG24Cno%2FMJscRfbq4b84t3fIoZIzToYlpWcDtNowO"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 04:48:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6812&sent=3007&recv=370&lost=81&retrans=81&sent_bytes=3526664&recv_bytes=27462&delivery_rate=15788829&cwnd=148575&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=1434&x=1", cfHdrFlush;dur=1
date
Thu, 21 Nov 2024 04:48:05 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 10:06:47 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5e0b9f997718bf-FRA
accept-ranges
bytes
content-length
570223
server
cloudflare
featured-image-1731578781-1-768x768.png
transfer.levelcity.xyz/wp-content/uploads/2024/11/
688 KB
689 KB
Image
General
Full URL
https://transfer.levelcity.xyz/wp-content/uploads/2024/11/featured-image-1731578781-1-768x768.png
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b72fd6e68ad454e3908cea8d6f0d7ac24eb62aae06d5a8df8544b1541e75322

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cf-cache-status
MISS
etag
"ac0fa-6735cb9f-419311;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ATmNE9Vy3FJbXKBezR%2FYYRn7RlGn3E%2FOW1kp1ewedW54NN3nb9F%2BARgQTFN%2F1Qtb0IEZmI4i22MR6mPoHixX3ixtnpeKdkLAl81fVSIm%2BWknOUHzcygi5T%2BttnuzqTzwVnp3goO4kgQOutx%2F8aujPa47o0g"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 04:48:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7313&sent=3261&recv=397&lost=81&retrans=81&sent_bytes=3821007&recv_bytes=28713&delivery_rate=18027387&cwnd=149775&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=1447&x=1", cfHdrFlush;dur=1
date
Thu, 21 Nov 2024 04:48:05 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 10:06:23 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5e0b9f997818bf-FRA
accept-ranges
bytes
content-length
704762
server
cloudflare
featured-image-1731578760-1-768x768.png
transfer.levelcity.xyz/wp-content/uploads/2024/11/
679 KB
680 KB
Image
General
Full URL
https://transfer.levelcity.xyz/wp-content/uploads/2024/11/featured-image-1731578760-1-768x768.png
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
522b0a0e42ac018089fbeb9c9e9f61d2236c2b5eb7d656041866e2073a6d787e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cf-cache-status
MISS
etag
"a9c42-6735cb8b-4192f1;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TU3%2BktrIqAxNxiiDvcYJDHeZ0mUbS5pRJFaIWYDkg%2Fa3FtxatIEV6Zcqofc3GYiBU8j8t676Bn9gT7%2BAD5xxaYOxdNPKK6vI4hHCJ9vFuKZbulZn5EmQDc9uu9WD9%2BJcb6mf1VACzG6eBY56egN51OmPiCyZ"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 04:48:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7854&sent=2911&recv=363&lost=6&retrans=6&sent_bytes=3412826&recv_bytes=27125&delivery_rate=15739833&cwnd=212250&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=1429&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:05 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 10:06:03 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5e0b9f997a18bf-FRA
accept-ranges
bytes
content-length
695362
server
cloudflare
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2500837364381391&num=0&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2500837364381391&num=1&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2500837364381391&num=2&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2500837364381391&num=3&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2500837364381391&num=4&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2500837364381391&num=5&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2500837364381391&num=6&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2500837364381391&num=7&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=51575274664568&num=0&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=51575274664568&num=1&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=51575274664568&num=2&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=51575274664568&num=3&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=51575274664568&num=4&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4319168080486956&num=0&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4319168080486956&num=1&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4319168080486956&num=2&dvc=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
pagead2.googlesyndication.com/pagead/ Frame 506D
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8370016326087283&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.697687507~rp.1&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1732164485&rafmt=1&to=qs&pwprc=5495804223&format=1200x280&url=https%3A%2F%2Ftransfer.levelcity.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732164485073&bpp=1&bdt=426&idt=-M&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eo_id_str=ID%3D1b41c586f10d0be9%3AT%3D1732164484%3ART%3D1732164484%3AS%3DAA-AfjaOEy8jBr6tsZRGEeiVl4er&prev_fmts=0x0%2C1200x280&nras=3&correlator=6202182683064&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756&oid=2&pvsid=129817076680958&tmod=2092026218&uas=0&nvt=1&fc=1920&brdim=140%2C140%2C140%2C140%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8370016326087283&plah=transfer.levelcity.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://transfer.levelcity.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
207
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 04:48:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 7F12
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8370016326087283&output=html&h=280&adk=1402624194&adf=1924423427&pi=t.aa~a.423021743~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1732164485&rafmt=1&to=qs&pwprc=5495804223&format=1200x280&url=https%3A%2F%2Ftransfer.levelcity.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732164485073&bpp=2&bdt=426&idt=-M&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eo_id_str=ID%3D1b41c586f10d0be9%3AT%3D1732164484%3ART%3D1732164484%3AS%3DAA-AfjaOEy8jBr6tsZRGEeiVl4er&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6202182683064&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756&oid=2&pvsid=129817076680958&tmod=2092026218&uas=0&nvt=1&fc=1920&brdim=140%2C140%2C140%2C140%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8370016326087283&plah=transfer.levelcity.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://transfer.levelcity.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
207
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 04:48:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 7DC3
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8370016326087283&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1732164485&rafmt=1&to=qs&pwprc=5495804223&format=1200x280&url=https%3A%2F%2Ftransfer.levelcity.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732164485073&bpp=1&bdt=426&idt=0&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eo_id_str=ID%3D1b41c586f10d0be9%3AT%3D1732164484%3ART%3D1732164484%3AS%3DAA-AfjaOEy8jBr6tsZRGEeiVl4er&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6202182683064&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4663&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756&oid=2&pvsid=129817076680958&tmod=2092026218&uas=0&nvt=1&fc=1920&brdim=140%2C140%2C140%2C140%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8370016326087283&plah=transfer.levelcity.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://transfer.levelcity.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 04:48:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=4&wpc=ca-pub-8370016326087283&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20241117_093500&sat=1731937173616&afm=0%2C1&as_count=0&d_count=0&ng_count=0&am_count=4&atf_count=1&mdns=0&alldns=0.226&allp=13&fd=(0%2C13%2C8)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=4953&abl=false&rr=n&su=transfer.levelcity.xyz&pvc=129817076680958&r=0.1&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=42533202%2C31088727%2C95344787%2C95345967%2C95347756&hl=en&pvc=129817076680958
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 04:48:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
wp-emoji-release.min.js
transfer.levelcity.xyz/wp-includes/js/
18 KB
6 KB
Script
General
Full URL
https://transfer.levelcity.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.7
Requested by
Host: transfer.levelcity.xyz
URL: https://transfer.levelcity.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"4926-6735a7a4-414911;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IBkVyKKIKc6LUko0aTuaiGF0eq%2BuBKYQD%2Fy53qBDM80%2FyITTXoNRvGaKg1ialxqbL4uLmYuFaOKa%2BDtXp%2FGNsGo%2BlZeN6RvA9b4Uha9qMe%2F%2FrmPx2Ml7qnQ9jhJp32yrw3P7B985xaO5y5bJIQ6b%2BGG%2BDYie"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5e0ba019bc18bf-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10733&sent=943&recv=157&lost=0&retrans=0&sent_bytes=1091376&recv_bytes=17710&delivery_rate=9131812&cwnd=136800&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=1276&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:05 GMT
content-type
text/javascript
last-modified
Thu, 14 Nov 2024 07:32:52 GMT
vary
Accept-Encoding
server
cloudflare
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8370016326087283&plah=transfer.levelcity.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://transfer.levelcity.xyz/

Response headers

sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8370016326087283&plah=transfer.levelcity.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba2278f9831805a7f7dc3b5447c5142a1f8f3161db27145bf0bdbb040bb6d2f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12866
date
Thu, 21 Nov 2024 04:48:06 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
w-logo-blue-white-bg.png
transfer.levelcity.xyz/wp-includes/images/
Redirect Chain
  • https://transfer.levelcity.xyz/favicon.ico
  • https://transfer.levelcity.xyz/wp-includes/images/w-logo-blue-white-bg.png
4 KB
5 KB
Other
General
Full URL
https://transfer.levelcity.xyz/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H3
Server
2606:4700:3037::6815:8ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

cf-cache-status
MISS
etag
"1017-6735a7a4-415009;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6n5846Pq%2FiutxvZ7MgWRjdqTwOAGGrdF7C1sWpD4D7Jkv8PrVUg35c8cYm9bwfg0tRKfH%2FkXka2J%2F%2FeH%2BbwejiM%2FHyWgA2SN%2BgagyxxZja7i0U7dwr6nVwlD5uIbfDMVXqsc7UrhB8r8P%2Btode9s2mn7bkeo"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 04:48:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6339&sent=7494&recv=866&lost=95&retrans=95&sent_bytes=8784046&recv_bytes=50782&delivery_rate=674&cwnd=158175&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=3613&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:07 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 07:32:52 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5e0baeb9cc18bf-FRA
accept-ranges
bytes
content-length
4119
server
cloudflare

Redirect headers

x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
ad6_HTTP.200,ad6_HTTP.302,ad6_default,ad6_URL.b54ff2eddcb0060bcd786ce388d8d4d7,ad6_
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mw7KrwVifraE%2B4it%2FP8hhoSR8r11hnUY71%2BWmDYsl7bff%2BNxeKB%2FvsS1K8wigg1tnw7DV2JrpkZZIowOzGDizS6M8hjmKozagGbl%2FbN8lEIBPezBURON8BrjFkccVlLHAEsm%2B33NIoGI2BoKpAc%2FyV8zyxKm"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6365&sent=7492&recv=864&lost=95&retrans=95&sent_bytes=8783122&recv_bytes=50292&delivery_rate=23272882&cwnd=158175&unsent_bytes=0&cid=422bb9f3da1bd22b&ts=3285&x=1", cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 04:48:07 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-redirect-by
WordPress
link
<https://transfer.levelcity.xyz/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://transfer.levelcity.xyz/wp-includes/images/w-logo-blue-white-bg.png
cf-ray
8e5e0ba6dd4218bf-FRA
x-litespeed-cache
miss
server
cloudflare
sodar2.js
ep2.adtrafficquality.google/sodar/
18 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8370016326087283&plah=transfer.levelcity.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://transfer.levelcity.xyz/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 04:48:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 04:48:06 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame B891
0
0
Document
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://transfer.levelcity.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2953
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 03:58:53 GMT
expires
Thu, 21 Nov 2024 04:48:53 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
transfer.levelcity.xyz
URL
blob:https://transfer.levelcity.xyz/f39935ef-fa36-469a-825e-673b142de4c1
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241120&jk=129817076680958&bg=!iYqlisXNAAaIaF9IqGg7ADQBe5WfOBWeZZ5miBLx190NLYFkEssT5L7otdgAN5wqwlCbkuRais3QODJeTrUCE13OPha4AgAAAFJSAAAAAmgBB34ANtbFJxvbaGqlcyIJEufNvs_bqWpDph3_TtTjAKfE-VsctiiC6So6NzFognvAwqoLi-WuBjgm6ZkCowjZTkqFW2ikPMSw7Ao63fhgLU_A_BHuLQ8qzA6W1tPRBrGRVSI7bnOITxRiwj3n3UkcxoTAFNi8We24DM-eVYp6qEBUkBUJPDGftohSaUvpbEDk0RuMXmCvqwZDczEtZ0_-xbfipEC96O288E2345rl42_dupO_-dLKXGMSULslbjsQMAM-e7OnfcaaQ3TYs5f_dfcLNwY1rA-t3dcZiZmTU3MJKU-U5wrbKSnyLdnW422rOe7WSmXDZOJogTtGpc07gSzQsoO3oqxA9suFgIjsCmFU0UdtrfxH8yeb9oQWJZijQ7n4F9OlfGcJcc8a198VvjeLMVYCgasRAqG0sHFWBUAcxSfKbXSO57B-LLaZkTiCCaVBOiUy9VKml9kV1My3IAv_KyC7PMZr3vPPlha6br-ciba7d0X0INFZcwW-5j0D7jhrmq2tonhArPMNLnwTARtgoH2JmzkOKFqDKCdmAFMZykL8nSQCWQlIU4BtCnA-EJscc_8c5djNr_WOhrTcRtqOhTCD_wypXukyAGMSV9tDtRfPryVY7Q8yWi0htyBgcj3B6MHCYxs6ZYJocQIb8T8arpbX_4QIcU__0Yw9m7Gq6bQZfcjr56SQatW8PLSNSvEuR5nANrbP8VJeLQAUqSpgmDhkN9FVGEQPLE5ljmWf2V_yXA3NeqewuQhogbEzcnT3qERM6otvN5frDRHeBh_Gn7p_1ptOpTlreLSHHYTm0KxlwnkhYdiBEiB59El1Xy-dQw4f3b587XM-GlUZj6gZgVsXbrlfCMbZ9JhGGo5AAq4nfi-1Rp8LPgZgX-Jww1x-gZtVN-zLfDW_1Qvlcoa8oOU8EinD4b3LK_j4dOcqOMWHR5vUrApxHQVPEqD5SlOUFqkQT_wDnt8XtedWVQ

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state object| google_image_requests function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googTempStyleOverrideInfo object| googNavStack function| $ function| jQuery object| cube_blog_l10n object| twemoji object| wp object| GoogleGcLKhOms

1 Cookies

Domain/Path Name / Value
.levelcity.xyz/ Name: __eoi
Value: ID=1b41c586f10d0be9:T=1732164484:RT=1732164484:S=AA-AfjaOEy8jBr6tsZRGEeiVl4er

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
pagead2.googlesyndication.com
transfer.levelcity.xyz
ep1.adtrafficquality.google
transfer.levelcity.xyz
2606:4700:3037::6815:8ad
2a00:1450:4001:812::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a04:4e42:200::649
03e725558adcb575480f50837d552366cb2321290b682834cba93644dd0e75b5
0981f0d17ec07b3c22d5ac768ae99f9ff5f04dd26b67b69ca9641332df72dcbf
0b9b229590dbd80a133d2be442d85c28a79f4905094bde2f55ee72873445b6a0
3b72fd6e68ad454e3908cea8d6f0d7ac24eb62aae06d5a8df8544b1541e75322
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3f7e80659e2b25683a0e952eda781f400de7b25a6dd9b212aaf96f8311b76b62
49b3e28e452d1c6755558a8b7133735ccfb9760591c1f6be7322dd0c452c94b0
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
522b0a0e42ac018089fbeb9c9e9f61d2236c2b5eb7d656041866e2073a6d787e
5cae5476fe8a77667130fd942554889471048b6029d4cf1652c02627c560657d
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
7726a5cd6f3c0e876c028ea2a643d45f7aad4b0f164b70966c669f4a4668f4b9
86cccba7bbc5b224fdd6ecffd78cc29d16531eb82651587caf405a2f516d9982
93c964e1bd5719c525c73073cf64f4c2b03dd6d4fa846d5bce3142596b3f1e97
96796099bab6b693060fd20c42450337cd2569b6214a02e81e7f9342d860b666
b663b36821e190d7ed1abb57c1ec6922dc62d1c06c4bb0af50604e74653b49df
ba2278f9831805a7f7dc3b5447c5142a1f8f3161db27145bf0bdbb040bb6d2f3
d20aefff326ab28ca79cc8f49f0d9eb129fdade4ac05a2ff57210614e2ac791b
d276196108be79b6c90cc21bb8cae52e3900dd5f2e8d1153843e5e20af6be9f6
d2d5413e7ed48ee2e03ebac6eeddd1158c7aa551de684a7b539cdde78eb6a056
d62980f99dd49a59dab8a5557d9a8b19f6efa0fc0b680c75f013d2dde813f787
d673c6a5c22109dec56f96b5698f5a4eceaec4c721ebc32b78e437871a26cbb1
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea149c3555eba392640309c0959b2d4a13d85b5ae447d5e06a1320353c3cd5aa
ef9f30d039dfc1089d4b5a9c840c5cf86f599c9d7643fc3826da8c52db86a67d
f3c328f85bc5974d7a652e4bb1bdd8e43e4cc3f4e5fb80a7da954fc4f78141f4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99