levitrares.com Open in urlscan Pro
34.110.138.177 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://levitrares.com/
Effective URL:
https://levitrares.com/
Submission: On August 31 via manual (August 31st 2022, 2:40:04 pm UTC) from PK — Scanned from DE

Summary HTTP 107 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 18 domains to perform 107 HTTP transactions. The main IP is 34.110.138.177, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is levitrares.com. The Cisco Umbrella rank of the primary domain is 771477.
TLS certificate: Issued by R3 on August 4th 2022. Valid for: 3 months.

This is the only time levitrares.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	34.110.138.177 34.110.138.177	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
17	2606:4700:303... 2606:4700:3031::ac43:8776	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e0:... 2606:4700:e0::ac40:6a09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
8	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
2	192.243.61.225 192.243.61.225	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
4	192.99.8.28 192.99.8.28	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
107	21

13 34.110.138.177 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 177.138.110.34.bc.googleusercontent.com

levitrares.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.maskoding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3031::ac43:8776 (United States)

ASN13335 (CLOUDFLARENET, US)

hargadepo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6a09 (United States)

ASN13335 (CLOUDFLARENET, US)

nodejs-2e7.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

a.levitrares.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

calumnylightlyspider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)

odong.eduzone.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.99.8.28 (Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 112 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	357 KB
20	levitrares.com 1 redirects levitrares.com — Cisco Umbrella Rank: 771477 a.levitrares.com	218 KB
17	hargadepo.com hargadepo.com	1 MB
9	gstatic.com fonts.gstatic.com www.gstatic.com	130 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	72 KB
6	histats.com s10.histats.com — Cisco Umbrella Rank: 18276 s4.histats.com — Cisco Umbrella Rank: 15820	11 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	3 KB
3	eduzone.my.id odong.eduzone.my.id	53 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	88 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3463	363 B
2	calumnylightlyspider.com calumnylightlyspider.com
2	google.de adservice.google.de — Cisco Umbrella Rank: 9270	914 B
1	maskoding.com ads.maskoding.com	254 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	72 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 872	644 B
1	pages.dev nodejs-2e7.pages.dev	1 KB
0	Failed function sub() { [native code] }. Failed
107	18

	Domain	Requested by
17	hargadepo.com	levitrares.com hargadepo.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	levitrares.com	1 redirects levitrares.com
9	pagead2.googlesyndication.com	levitrares.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	a.levitrares.com	nodejs-2e7.pages.dev
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	fonts.gstatic.com	levitrares.com fonts.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	s4.histats.com	s10.histats.com
4	www.google.com	1 redirects levitrares.com tpc.googlesyndication.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	odong.eduzone.my.id	a.levitrares.com levitrares.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	calumnylightlyspider.com	levitrares.com
2	s10.histats.com	levitrares.com s10.histats.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	ads.maskoding.com	a.levitrares.com
1	www.googletagmanager.com	levitrares.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	nodejs-2e7.pages.dev	levitrares.com
0	a.levitrares.comback-button.js Failed	nodejs-2e7.pages.dev
107	23

This site contains links to these domains. Also see Links.

Domain
t.co

Subject Issuer	Validity	Valid
levitrares.com R3	`2022-08-04` - `2022-11-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.nodejs-2e7.pages.dev E1	`2022-07-18` - `2022-10-16`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
a.levitrares.com R3	`2022-07-26` - `2022-10-24`	3 months	crt.sh
histats.com R3	`2022-07-11` - `2022-10-09`	3 months	crt.sh
calumnylightlyspider.com R3	`2022-07-03` - `2022-10-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
ads.maskoding.com R3	`2022-07-10` - `2022-10-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
odong.eduzone.my.id R3	`2022-08-03` - `2022-11-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://levitrares.com/
Frame ID: 0B03E06C7698AF11579628DFE7C68671
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html
Frame ID: FA02873B58628A4B4BB611013274F64E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&adk=1812271804&adf=3025194257&lmt=1661956797&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flevitrares.com%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661956797166&bpp=9&bdt=367&idt=186&shv=r20220829&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6780957671790&frm=20&pv=2&ga_vid=762529065.1661956797&ga_sid=1661956797&ga_hid=1524983091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31069250%2C44772922&oid=2&pvsid=635269597083374&tmod=89183124&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211
Frame ID: CD9556C388D2EBFEBEE3E517057241ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1661956797&rafmt=1&to=qs&pwprc=7179978295&psa=0&format=1200x280&url=https%3A%2F%2Flevitrares.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661956797175&bpp=4&bdt=376&idt=206&shv=r20220829&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6780957671790&frm=20&pv=1&ga_vid=762529065.1661956797&ga_sid=1661956797&ga_hid=1524983091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31069250%2C44772922&oid=2&pvsid=635269597083374&tmod=89183124&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tzyB16IqwH&p=https%3A//levitrares.com&dtd=214
Frame ID: BAC007A4FC758CFBACC18AAE09E36DB3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1
Frame ID: 98305D5F344EDFD6DC4DECFB88EFA427
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C8F28A898CC8E7C5595EC537CB53302A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BF56C36693404CE5B10229D6FDCE1A92
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js
Frame ID: 6B77DB4C506979FFCB926E2893E595A3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7093D695182AB409426C1B1BC30846C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7C4A1CAE811E1261EDFF3F216296ED10
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HargaDepo - Daftar Harga Di Depo Bangunan

Page URL History Show full URLs

http://levitrares.com/ HTTP 308
https://levitrares.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js

Page Statistics

107
Requests

96 %
HTTPS

80 %
IPv6

18
Domains

23
Subdomains

21
IPs

4
Countries

2460 kB
Transfer

3880 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://t.co/1N8JEjuhql

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://levitrares.com/ HTTP 308
https://levitrares.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

107 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
levitrares.com/
Redirect Chain

http://levitrares.com/
https://levitrares.com/

45 KB
8 KB

6172ms
6023ms

Document
text/html

34.110.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://levitrares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.138.177 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 177.138.110.34.bc.googleusercontent.com
Software: /
Resource Hash: f097b0225fe610d9cf60811335f0ef1bb4409db641c0851a6e5c99e580ffd971

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 14:39:49 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker

Redirect headers

Content-Length: 59
Content-Type: text/html; charset=utf-8
Date: Wed, 31 Aug 2022 14:39:43 GMT
Location: https://levitrares.com/
Replit-Cluster: hacker
Via: 1.1 google

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 147ms
104ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e760854d9366cc138dd013bc6c00c7fb1ae9d74fdbc05d21d17f4a2b1af0a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51636
x-xss-protection: 0
server: cafe
etag: 2656074429234686982
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 31 Aug 2022 14:39:49 GMT

GET
H2 200 style.min.css
hargadepo.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 109ms
34ms Stylesheet
text/css 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hargadepo.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3893
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Jul 2022 00:27:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"62ce1175-15b64"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNfFh3h%2FmvmE4%2B%2BRnS5nhSdcz1NoD5J6QyUJc%2B3wlR85TPvjAJb3szcPGFU%2ByX48VTzy86f%2B5%2Bu%2F7paTay0NvHawWold%2Bj3Uc4AQo4BOoS92adUdC3u%2FH1QI4IZfU0Z%2BgqjT66XtBiTNJ9c%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 743684911a5bbbe9-FRA
expires: Thu, 31 Aug 2023 13:34:56 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
hargadepo.com/wp-includes/js/mediaelement/ 11 KB
3 KB 104ms
29ms Stylesheet
text/css 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hargadepo.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82392
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Dec 2020 16:36:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5fd24e9c-2bf8"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEv5qP%2Fo9sfwipcthhjLvM8fJn6wSNVMK7JR%2FkM%2FE%2Fd3J9PlUVbhTH228x9lsRkAd6oMzWunMV9AzfSDf1G9vidQdCNhWvgdwE%2FH4%2BsdekcaIag68Iz8hhdK5C7habHdi1b1xk5lDVNgRIac"}],"group":"cf-nel","max_age":604800}
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 743684911a5cbbe9-FRA
expires: Wed, 30 Aug 2023 15:46:37 GMT

GET
H2 200 wp-mediaelement.min.css
hargadepo.com/wp-includes/js/mediaelement/ 4 KB
1 KB 106ms
32ms Stylesheet
text/css 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hargadepo.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3893
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Dec 2019 04:31:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5deb2b14-105a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99mjk0c2MAsJ8MRDGEoEUNaQYeWcFKStKk1UySysb7fJ7GxAxUgTlXldZ3v4bYc7A%2BpHDXgMXmy4x8HCipyGKAzB5guEtc2t0FdrXhQRljI3bFIOAmSuGRxFrse%2Fo%2FDIfgsk6v2WPKsmrijJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 743684911a5dbbe9-FRA
expires: Thu, 31 Aug 2023 13:34:56 GMT

GET
H2 200 styles.css
hargadepo.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 111ms
37ms Stylesheet
text/css 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hargadepo.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3893
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Aug 2022 05:37:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6305b8fc-aab"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sih6xRwoIYOs5to57Yy17T%2BMU3sE0awsItK9IIYdA9V3zWe8%2BonoXG9yhOMD6E9%2B0fExjAgo40aB5ItHzrX1SPzPVyeqmXeQ3KK8McqYqA%2FfOmCZBh9Sgx4DZDkWSmFmXFytUgFxsT5V2Mhm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 743684911a5fbbe9-FRA
expires: Thu, 31 Aug 2023 13:34:56 GMT

GET
H2 200 todo-widget.css
hargadepo.com/wp-content/plugins/dashboard-to-do-list/public/assets/ 1 KB
1 KB 112ms
38ms Stylesheet
text/css 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hargadepo.com/wp-content/plugins/dashboard-to-do-list/public/assets/todo-widget.css?ver=1.2.0

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8118a6ea4212c3668430a1af26add843ecd7f0a238ce2014d90909cc66b21093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82392
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Oct 2020 08:23:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f992a8b-46e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ch%2BBVUnXEKHbP606VFF8nZgSMLWITCdLtb0kAmtYhTLOMWffeeZKUHsDhYE%2F%2B3aj6logpo3VZvfnKFc5l5gSgMxuhGbtBxZ40qIPETQ5r2c7umH1M4hYmb%2B0bE%2B7KbUX1nZPWscR9LzmRncv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 743684911a60bbe9-FRA
expires: Wed, 30 Aug 2023 15:46:37 GMT

GET
H2 200 widget-options.css
hargadepo.com/wp-content/plugins/widget-options/assets/css/ 1 KB
603 B 124ms
50ms Stylesheet
text/css 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hargadepo.com/wp-content/plugins/widget-options/assets/css/widget-options.css

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3893
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Mar 2022 17:41:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6220fdca-416"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WnYltv3%2BxT%2BfRyQdLCWbKxGMjc%2FJysWj4tPwObepWPI6QnlRzmKVrc4%2Fc06f5S5fDknwGzTxAEquKfmxcGlIMIhTPNCFlwoo2KE4wSA6qjArbS3OuP8syPQsh2Hncg7bFDID3Qyqxt7iLQy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 743684911a61bbe9-FRA
expires: Thu, 31 Aug 2023 13:34:56 GMT

GET
H2 200 css
levitrares.com/host-https-fonts.googleapis.com/ 990 B
1 KB 636ms
636ms Stylesheet
text/css 34.110.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://levitrares.com/host-https-fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
Requested by: Host: levitrares.com
URL: https://levitrares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.138.177 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 177.138.110.34.bc.googleusercontent.com
Software: /
Resource Hash: 065ea5dc22496e49af5e1eaec97826adeab5bd2efbd69be3c0fff5f6826c675e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:50 GMT
cache-control: private, max-age=86400
replit-cluster: hacker
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type: text/css; charset=utf-8

GET
H2 200 style.css
hargadepo.com/wp-content/themes/mudra/ 46 KB
11 KB 106ms
33ms Stylesheet
text/css 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hargadepo.com/wp-content/themes/mudra/style.css?ver=1.3

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7cefc114dc01ba0aa512a33782150637475395b8afaced5145ecedac353af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82392
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Oct 2020 08:27:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f992b62-b8f1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NC4cWPT3OaIUuSC3YD6ZuJvRBdeue50fSkFUtdNcEUITn%2FWvxeSJY2jw%2FnXMesJR%2FuP6k8ToYUGoUFJyiFsD3B6DfV7bi4DfufjjcfYGf0fyn%2Bd7qXWrNrulBVJL0fwrzbVdhUZ2tY4YWnv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 743684911a6abbe9-FRA
expires: Wed, 30 Aug 2023 15:46:38 GMT

GET
H2 200 font-awesome.min.css
hargadepo.com/wp-content/themes/mudra/assets/css/ 30 KB
7 KB 103ms
30ms Stylesheet
text/css 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hargadepo.com/wp-content/themes/mudra/assets/css/font-awesome.min.css?ver=4.7.0

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82392
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Oct 2020 08:27:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f992b62-7918"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMRQttUPe79jG70zZ7%2F8wCTPAf332PUCKX%2FBqP4wvceo7T4Fb4xkSt7L62RJQhH%2BcPh%2BQN402wygmjtyAFBA3TQbl%2FreQBlTjIyR6t4S%2FJeEUO9DHkMvgU%2FTpum91aR5g7vdZn1VbcqMptye"}],"group":"cf-nel","max_age":604800}
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 743684911a6bbbe9-FRA
expires: Wed, 30 Aug 2023 15:46:38 GMT

GET
H2 200 public.css
hargadepo.com/wp-content/plugins/recent-posts-widget-with-thumbnails/ 1 KB
780 B 108ms
35ms Stylesheet
text/css 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hargadepo.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f81af49b9e273ea507982f870dabfa439eb2f9845a7f2cacdb473631aa10de18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82392
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 01:26:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61035561-43a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6NBCW6Ao6Vb7lTTtxBDCyWiHiUfmPlTf%2B%2Fopb3iISy3HbdPnsDkOj0mMYILU74CCFqaL9%2BKubWTwTic8xD5PB8lMylnAr%2FlWcX%2BdxkXyaMrt2zi92HBXJZdPiRtd0CUo7VrTJfXxjDrWY91"}],"group":"cf-nel","max_age":604800}
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 743684911a62bbe9-FRA
expires: Wed, 30 Aug 2023 15:46:38 GMT

GET
H2 200 jetpack.css
hargadepo.com/wp-content/plugins/jetpack/css/ 84 KB
17 KB 111ms
39ms Stylesheet
text/css 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hargadepo.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.2

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48fdcad6248cad75d16876289b4543334d70d7aab6c06f79160034568468f813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82392
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Aug 2022 03:51:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"62eb4226-14eba"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2v%2B67kR0cXEDKK7cKk4X5jWC3ISSR84U2zowGdghI7wxM3wnOIMOp7shaZ76fBMy5s7LqZ%2B%2BCwofS7KFpK%2BbAaf6uOzr4NnWohrCaKCyMUocmJ05qE8K4ulFpg%2FMcguVjz1qR40Qi31LTHkQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 743684911a64bbe9-FRA
expires: Wed, 30 Aug 2023 15:46:38 GMT

GET
H2 200 app.js Show response
nodejs-2e7.pages.dev/ 1 KB
1 KB 112ms
45ms Script
application/javascript 2606:4700:e0::ac40:6a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nodejs-2e7.pages.dev/app.js

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b121c96898449bc5491418331102250943130cfaa0ba2dbb00b70cb6d3b1fda6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:49 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c7718879d665db12918d8e70b498bd8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVI6KlTDdufNMDiFe4%2BxClz0%2BQF6s8K4tpesg7Pj8x%2F%2Bf9D3AGKE0HODUkQqfby1xgft3aqLzVq9fIZl3rhbjUq0PRtBOs5nHaHgI9y27ht8p7%2BZC8v7hvuDd6DJa4tOcC8%2Bae0f3J2SgoJV362L5fNv%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 743684910bc78ffb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options: nosniff

GET
H2 200 inject.js Show response
levitrares.com/assets/ 10 KB
10 KB 455ms
454ms Script
application/javascript 34.110.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://levitrares.com/assets/inject.js
Requested by: Host: levitrares.com
URL: https://levitrares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.138.177 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 177.138.110.34.bc.googleusercontent.com
Software: /
Resource Hash: 619d55d392e0262b83bf1d5a30f1068733ed49d167ade1310c944cb5e6a0421a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:50 GMT
replit-cluster: hacker
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type: application/javascript

GET fontawesome-webfont.woff2
hargadepo.com/wp-content/themes/mudra/assets/fonts/ 0
0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/ 343 KB
121 KB 90ms
73ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com&bust=31069250

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

296b4b2d9b6795531fdfac83b14aed57bf951b23f1d47441aec8de57f9b7b71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123678
x-xss-protection: 0
server: cafe
etag: 5322069918978226654
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Aug 2022 14:39:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/ Frame FA02 10 KB
5 KB 36ms
12ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://levitrares.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 11:27:18 GMT
etag: 8616628553774171045
expires: Wed, 14 Sep 2022 11:27:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
644 B 41ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=levitrares.com&callback=_gfp_s_&client=ca-pub-9887368211019467

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com&bust=31069250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15a111f76d24379ceaa3ce64ec466243185fd92626a3f8f86b5392b6a629611f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 120ms
18ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=levitrares.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 62ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=levitrares.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Flevitrares.com%2F&tn=A&cls=back-to-top&ign=true&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 14:39:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD95 136 KB
33 KB 284ms
263ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&adk=1812271804&adf=3025194257&lmt=1661956797&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flevitrares.com%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661956797166&bpp=9&bdt=367&idt=186&shv=r20220829&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6780957671790&frm=20&pv=2&ga_vid=762529065.1661956797&ga_sid=1661956797&ga_hid=1524983091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31069250%2C44772922&oid=2&pvsid=635269597083374&tmod=89183124&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6168c05ec69fef27e8540e68131c36d7c12a0d5bbc99f7a831b5b06fedab374e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://levitrares.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34271
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 14:39:50 GMT
expires: Wed, 31 Aug 2022 14:39:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BAC0 83 KB
29 KB 377ms
366ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1661956797&rafmt=1&to=qs&pwprc=7179978295&psa=0&format=1200x280&url=https%3A%2F%2Flevitrares.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661956797175&bpp=4&bdt=376&idt=206&shv=r20220829&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6780957671790&frm=20&pv=1&ga_vid=762529065.1661956797&ga_sid=1661956797&ga_hid=1524983091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31069250%2C44772922&oid=2&pvsid=635269597083374&tmod=89183124&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tzyB16IqwH&p=https%3A//levitrares.com&dtd=214

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

959bededca11122a899abbce442e78d9f5410ada412ffd788e1cbe7056f45701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://levitrares.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29865
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 14:39:50 GMT
expires: Wed, 31 Aug 2022 14:39:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 43 KB
28 KB 47ms
18ms Font
font/ttf 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVc.ttf

Requested by

Host: levitrares.com
URL: https://levitrares.com/host-https-fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f21f888c15e38433d68956a83c5f0f83aad6ed3768cf03c10402eb06ef206ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://levitrares.com/
Origin: https://levitrares.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 06:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28240
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 06:49:04 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 43 KB
27 KB 36ms
10ms Font
font/ttf 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVc.ttf

Requested by

Host: levitrares.com
URL: https://levitrares.com/host-https-fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9d39c03d322319f16ebe0a5c6edc98d74a1461b2c1f0e9efee61fc73777d9ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://levitrares.com/
Origin: https://levitrares.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 13:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27380
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:12:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 13:03:12 GMT

GET
H3 200 Cara-Menghitung-Berat-Besi-Beton.png
hargadepo.com/wp-content/uploads/2017/07/ 352 KB
352 KB 986ms
969ms Image
image/png 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hargadepo.com/wp-content/uploads/2017/07/Cara-Menghitung-Berat-Besi-Beton.png

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8844c1122f04668ccf736bf2024b2f067dbf6f52c7e5912ebd4b2d10fe13c3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 08 Jul 2017 03:38:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"596053a1-57e51"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnZM8wb%2B7XaO4O3ZNSthsDFin1JIc07g71R5wOjODOsnDR5XK0f1JwlDmjhy5Xqu33Z89%2Bn%2FHJmQ9UPsasIbPJrJ7sXlYKiiTFxIggpZcNER1gcXrAsclm%2FAlhZz0TuBrXVpLfCEVhWVZNJf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 74368494de535b74-FRA
expires: Thu, 31 Aug 2023 14:39:51 GMT

GET
H3 200 Harga-Beton-Cor-Terbaru.png
hargadepo.com/wp-content/uploads/2017/07/ 447 KB
448 KB 971ms
956ms Image
image/png 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hargadepo.com/wp-content/uploads/2017/07/Harga-Beton-Cor-Terbaru.png

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e0511b4f7c9bd214faec34044198e116971bd2f4bff025013fea5743bfeafcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 08 Jul 2017 04:34:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"596060e7-6fbe7"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vdLsKIV%2FgF7kZU8EhyO09gYvObYvEH31ciAwK3X3sXxg68EA%2BC43IfIl%2FslIYsg7D4JE3JZVwYe%2FacNm2QghjLj89s4yh3oKT%2FcJYtIuqgQXA3kVAHV18LC2l008tfO53wO6kXgW32EVvlt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 74368494de525b74-FRA
expires: Thu, 31 Aug 2023 14:39:51 GMT

GET
H3 200 Harga-Borongan-Rumah-Per-m2-Di-Jakarta.png
hargadepo.com/wp-content/uploads/2017/07/ 456 KB
457 KB 974ms
959ms Image
image/png 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hargadepo.com/wp-content/uploads/2017/07/Harga-Borongan-Rumah-Per-m2-Di-Jakarta.png

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e745cb882282dd9b39f3f065db4bce0a2d145bcccd2a30d3ed36e8119a816203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 08 Jul 2017 05:23:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"59606c39-72182"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IUNK1WpW5POzbtNt0ZAJwj7PNcB9Wx5i%2BAPSwaXIQF1N2WR6fOaDuEhCBwBDkNdXTkoeSOvlK6C8jI8Lw6JUhaCfMQoAtIO62zZq0Ctqs7pNichl7ElFCo2HEPWRJp%2BD9UO%2BrWnfUg7DzQy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 74368494de505b74-FRA
expires: Thu, 31 Aug 2023 14:39:51 GMT

GET
H3 200 Kawat-Las-Harga.jpg
hargadepo.com/wp-content/uploads/2017/07/ 53 KB
54 KB 957ms
942ms Image
image/jpeg 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hargadepo.com/wp-content/uploads/2017/07/Kawat-Las-Harga.jpg

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9812f5669f5e5afa4dc48e50d50eff5af0310b7ce7cc4ccfea0c4989f9c5a9a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jul 2017 15:35:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"59639ebc-d4d2"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PP2ktn1KqaRKDc0DHDfvoRZwr6l9GKIIn%2BZQxbowoMR7t6vOvE3HXmN7mCabd5u1A%2B1vHc8EcqurDEeFaUd46EGThI8LvWXRKOWTajH6AyBQsUI6uQxxbxrbwlCFtUyvqAMAsjPsP9dfRcqV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 74368494de4c5b74-FRA
expires: Thu, 31 Aug 2023 14:39:51 GMT

GET
H3 200 Pasang-AC.jpg
hargadepo.com/wp-content/uploads/2017/07/ 25 KB
26 KB 849ms
835ms Image
image/jpeg 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hargadepo.com/wp-content/uploads/2017/07/Pasang-AC.jpg

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d85376e8ae607236a463a14dc4a003aac1326e7b6fbf1c294c86404f7d0f5b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jul 2017 15:52:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5963a2ba-6594"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzoUKotsCmZe4pu%2BPT%2F%2ForQKxweLjMdl8n%2F8Va8CaobMTyHs9iANnPZA5ezod4nl6IYoT22KeSmpq1kKxmwIC2seIDVVi91rik3sri3nVm6J9a3SKoo7bBwn1BC4y1Pn2cLbnGQ%2Bk7f0GMCd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 74368494de4a5b74-FRA
expires: Thu, 31 Aug 2023 14:39:51 GMT

GET
H2 200 Cara-Menghitung-Berat-Besi-Beton-150x150.png
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/07/ 57 KB
57 KB 2118ms
2108ms Image
image/png 34.110.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/07/Cara-Menghitung-Berat-Besi-Beton-150x150.png

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.138.177 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.110.34.bc.googleusercontent.com

Software

cloudflare /

Resource Hash

494b75ba5483e93b0842e4977c2e0b642377fc857d3e2e54d58073599a4bc83b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
replit-cluster: hacker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 08 Jul 2017 03:38:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"596053a2-e370"
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kls9mxnx5wetfr%2Fz3s3Lw6J9GpwcFyPizvcvD7G9lyY19cUBIHgHUlcJMaR5%2BDV8POa%2F6kuwVmvkCbYH0ohNYFAcg2byRxWds8YHOyuMFkH0CwcaqCtRWszf96cgXrOE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
cf-ray: 743684a15e96efe9-EWR
expires: Thu, 31 Aug 2023 14:39:51 GMT

GET
H2 200 Harga-Beton-Cor-Terbaru-150x150.png
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/07/ 55 KB
56 KB 844ms
834ms Image
image/png 34.110.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/07/Harga-Beton-Cor-Terbaru-150x150.png

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.138.177 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.110.34.bc.googleusercontent.com

Software

cloudflare /

Resource Hash

0610d2c01db70605caabb09d411f5cb387248f08391f8dfcd3c39a938213961f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93713
strict-transport-security: max-age=31536000; includeSubDomains; preload
replit-cluster: hacker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 08 Jul 2017 04:34:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"596060e7-ddaf"
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjlNIFiOqVSOG3K8hXUO0yagtt19OHtjlGtl7cJ5M2kPGB3b1cQ8ifMlYuEEPouf1nSEISMnKNefeMdaaAYaKeHBVRJYhOOSj5PauxN1aFMtA76fSQUMvKjaKnOOaJ%2Bu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
cf-ray: 743684996f748280-IAD
expires: Wed, 30 Aug 2023 12:37:58 GMT

GET
H2 200 Harga-Borongan-Rumah-Per-m2-Di-Jakarta-150x150.png
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/07/ 39 KB
40 KB 917ms
907ms Image
image/png 34.110.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/07/Harga-Borongan-Rumah-Per-m2-Di-Jakarta-150x150.png

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.138.177 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.110.34.bc.googleusercontent.com

Software

cloudflare /

Resource Hash

fa9328070a3b0ebd83b9a05b1ee8366604c8fcbb811f8620a0ae01c55ac1425d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33041
strict-transport-security: max-age=31536000; includeSubDomains; preload
replit-cluster: hacker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 08 Jul 2017 05:23:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"59606c39-9cdc"
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIttITrdNUAcD8YLpUbWrB4k429YwgHxC%2BicZ8fsBEpR9g8VI%2BEBOch5xejoW69sgjYtm0h35%2BHFKl3Y4wJCOuPJ%2FPUbcSJfDTkwgLJwUYiqa2UXKo35l26DPTbclGxO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
cf-ray: 743684999dc757c4-IAD
expires: Thu, 31 Aug 2023 05:29:10 GMT

GET
H2 200 Kawat-Las-Harga-150x150.jpg
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/07/ 7 KB
8 KB 834ms
825ms Image
image/jpeg 34.110.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/07/Kawat-Las-Harga-150x150.jpg

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.138.177 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.110.34.bc.googleusercontent.com

Software

cloudflare /

Resource Hash

fee05a99733042de2773d5173d61db911e0b37ede6832a763daa5aed10ca552e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136413
strict-transport-security: max-age=31536000; includeSubDomains; preload
replit-cluster: hacker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jul 2017 15:35:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"59639ebd-1d56"
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAsMLDrjrG9kzz4LphdXNyjPd4nTSPBTWhfL8%2Fla2%2FCRgzB9zW772YqkzC3vLz5RhD7PnrfgbUsF032IQvLcYHSeN5sL7IHdeMkMIY7qjNjg9HXXRzcg4rdrTnUP1rEk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
cf-ray: 743684996b2681a3-IAD
expires: Wed, 30 Aug 2023 00:46:18 GMT

GET
H2 200 Pasang-AC-150x150.jpg
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/07/ 6 KB
6 KB 864ms
854ms Image
image/jpeg 34.110.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/07/Pasang-AC-150x150.jpg

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.138.177 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.110.34.bc.googleusercontent.com

Software

cloudflare /

Resource Hash

a6b1c77e4e4093b79bfb4e31f8fdf1068cd9391ed0dea9e91ac6dd789b9447da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136412
strict-transport-security: max-age=31536000; includeSubDomains; preload
replit-cluster: hacker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jul 2017 15:52:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5963a2ba-17df"
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Frc8yOFNn%2Bf5v81eiOq7XZMafnflei53Mg6ftSBlrDAVBq9ybmxXhK%2FfavYY5eQF5VubQAdmal4%2FfP9wkJqiupp4%2Fh7oAT39%2BPKK%2BVrD5gIImLxEH2hRA0v87MUtasIz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
cf-ray: 743684998d0c57e8-IAD
expires: Wed, 30 Aug 2023 00:46:19 GMT

GET
H2 200 Cat-Genteng-Terbaik-150x150.jpg
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/07/ 6 KB
6 KB 862ms
853ms Image
image/jpeg 34.110.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/07/Cat-Genteng-Terbaik-150x150.jpg

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.138.177 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.110.34.bc.googleusercontent.com

Software

cloudflare /

Resource Hash

b6a322fd6227764713e81671066c420fa54721799cf84585469fa0eac7a5c413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33039
strict-transport-security: max-age=31536000; includeSubDomains; preload
replit-cluster: hacker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jul 2017 16:21:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5963a97d-1696"
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRYkvRMUlSMsjGf19DEzACL1MyUJtUrOCfT1hVFvoTOv37yefs4nCEZ8sx4m9sH0HoJU%2B%2FVd5ZAfmIKU8ABauLwWe5IBGbgOUYm7rNwROEr3PG21vpoFE40gM7QBJCld"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
cf-ray: 743684997cfc9c73-IAD
expires: Thu, 31 Aug 2023 05:29:12 GMT

GET
H2 200 Homogenous-Tile-150x150.jpg
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/07/ 6 KB
7 KB 1886ms
1878ms Image
image/jpeg 34.110.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/07/Homogenous-Tile-150x150.jpg

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.138.177 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.110.34.bc.googleusercontent.com

Software

cloudflare /

Resource Hash

89d417b63b667b55687b466e193f13bd5c54e5024e5a6cd4dcd647671cc71509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136413
strict-transport-security: max-age=31536000; includeSubDomains; preload
replit-cluster: hacker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jul 2017 16:11:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5963a722-18a1"
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uT2fgKm0p9ImP0MPaImRz8rjcH%2ByfqIvTJTPKgfFNvVIJSJVI8xjiuhQr7sXWaW7uvpn%2BdQTPjMBGngHNqHf2LS8vuNTGLX1KZe3YaVyaWjkvs3r86JBlHWZzJQQZrG7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
cf-ray: 7436849f3a9b7fd5-IAD
expires: Wed, 30 Aug 2023 00:46:19 GMT

GET
H2 200 Wiremesh-150x150.jpg
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/04/ 10 KB
10 KB 1056ms
1048ms Image
image/jpeg 34.110.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/04/Wiremesh-150x150.jpg

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.138.177 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.110.34.bc.googleusercontent.com

Software

cloudflare /

Resource Hash

fe5dc8ae42af52c00644c22448de067563ffcd3b0a96839a55651c90d1cc903c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23486
strict-transport-security: max-age=31536000; includeSubDomains; preload
replit-cluster: hacker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Apr 2017 04:04:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"58f984ba-2660"
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXsmxzbO%2FDN8NDGI3eMYQvrg5i765L%2Bip0kSUI3mV6efFEyXQdswSSN7ZGsa67t5QhXroxo7o5kJ94r2zxQLG%2F9G7p%2BeCU3LjPUPK6JEwPvGf0WvP5ymsbeftL72pMVo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
cf-ray: 743684995c577007-IAD
expires: Thu, 31 Aug 2023 08:08:25 GMT

GET /
a.levitrares.comback-button.js/ 0
0

GET
H2 200 inject.js Show response
a.levitrares.com/ 14 KB
4 KB 56ms
18ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.levitrares.com/inject.js

Requested by

Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b93fc787eade336325fa28901f3bc44ec897524d84b9cf39472d015c3ac1995

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3547
cf-polished: origSize=13847
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"6410160bb54bc3cfef446015e9d32325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYzM8PyWOy8g49vFwdtwMgOXRzCgO2niw2m2jGo2zjPfIAJlV3lQ9sYmv4C5T7%2F7Fs11BJNXbeGo3KwVFrvpgwhAVWeKPEq5CqKoeFaBb%2B7wBi8nnV16Mqq5vIilXLCLsFi0koOv%2BoFu91xuSqWz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 743684950acc9bbf-FRA

GET
H2 200 country.js Show response
a.levitrares.com/ 22 B
347 B 85ms
47ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.levitrares.com/country.js?hash=8uACX5TmdIHa

Requested by

Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e87eb8f1ab22351834096dcb08c6ea4e3312e63f225451f22612c52338733de5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:50 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "fb9c03b5dbc120283c167909dbb17c2c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8FezthzNWKKytSc9fx9LSJB6I5fIp6JzMjzABJ4%2FM0o2dO1WJ8rB7zyP2WHIHUXhgU08fIW%2FqOAqi30dWgFMdp5IGFPx7X0ZWLKHvpcMZ%2BqRjgt9kfmkLU6nH%2FmYoh4mCK1e0Tou2a%2B7L0mJ2FJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 743684950ad09bbf-FRA

GET
H2 200 ping.js Show response
a.levitrares.com/ 1 KB
641 B 60ms
22ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.levitrares.com/ping.js

Requested by

Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

757f54c716b23d480dd35f78d86068c85b99d45a1957427689013e22ade3029e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3547
cf-polished: origSize=1098
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"7ad9a07dc9e6eaa72c7112c1f524662c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufvaAPkoaSF6kM5kFOvT4wzWZYJTvMR8pt7WK1Ki%2FyiBI7qHYLWdSMI%2B%2BH4usKFqgQlc9qWAGSfepCPtq0dNOFOD6chWVSvMU4PqV93UApG5VzDsiof0CCrvqcGz7FLel70dt9Ber79%2BUjG7n8G0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 743684950ad19bbf-FRA

GET
H2 200 analytic.js Show response
a.levitrares.com/ 398 B
907 B 53ms
15ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.levitrares.com/analytic.js

Requested by

Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a99d41d739aeed78876867db37d6383f1cb9fc75c37b0bc086fe4bb51927c365

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3547
cf-polished: origSize=434
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"4b45253570a3d937544ae8a0aeddffa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxNj8Cn3QjGWwIK9F25YMwS9xZqHsBysSZGp6iYci91m0gtmlO9RJlO099hCsxU2GlGs5kYNGaRqM0w7vrI2gEntgpgFwP9%2BXgVVyvkz%2FqrAwONwIZjbL%2BNqxhmX1klqox32XuGWxjadyO33TW56"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 743684950ad39bbf-FRA

GET
H2 200 costom-botton-shoope.js Show response
a.levitrares.com/ 326 B
531 B 53ms
17ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.levitrares.com/costom-botton-shoope.js

Requested by

Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b568549921b3add333905d117b2b843d51ffb5a94ce7b3a8b5c18bd419a1d08c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6205
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"7d9f5478632007b416b605c70ced8555"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wjT9TCn9tafoMBzJm6AJlNZdg6XlKZJN4rlvZ7%2BuboP%2Fazx3S%2Fl8RJ9f%2BL%2BwIIt3ir5r5zoMq%2BsCkkHx2bJmBDFpm0Pe4vcDN712%2BlC3Y5csStc%2Fx20YUEkqlLl89rLc%2BsmngsbyboMVrUD2kJv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 743684950ad49bbf-FRA

GET
H2 200 anti-adblock.js Show response
a.levitrares.com/ 303 B
504 B 56ms
20ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.levitrares.com/anti-adblock.js

Requested by

Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645b7c70edb7cf696c165eda3fda4ab274fcd108ee98e33453992b51003aa972

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6205
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"f38c37432b090b636b93bd4958ff7958"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVUV%2FGVu%2Fi7bmToZil5vhIMsM52ry8TppA%2BD0HSzTq7vi9%2BeifNCglhcYILHJfeMR%2BJdArMujaKpmb4m7B5tZ0JHwPhv4IVtACHewbGrcZm94ClOSveeM%2BKq1d9Gl0KOMxKodfjhJK0A0pq6854a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 743684950ad59bbf-FRA

GET
H3 200 disable-costom-button-back.js Show response
a.levitrares.com/ 376 B
820 B 39ms
17ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.levitrares.com/disable-costom-button-back.js

Requested by

Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c68076ca6b0fd444012ce3a63197141733a2351e2310353b5029a4ddc0f1ef9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"d427b34941bfcf21c219ecba88bc49bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pZCHHCEXoNfFBdambg5oFXuKC%2FEX64gUU%2Be9npxJFN8E4pSSzAWdAiryCxcnlAZWq38PxfmR3K56zX%2B7Si%2BywsNxLwpe3pbzhCQzCfeOA3J3vCGK%2Bw9I9aASiErcjBxJHS%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 743684954a979a18-FRA

GET
H3 200 banner.js Show response
a.levitrares.com/ 2 KB
1 KB 39ms
17ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.levitrares.com/banner.js

Requested by

Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

571f0718f7c7625ee0c521a70f8d60f0a5ba592af9e1704ef27dcbaaf946850b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4134
cf-polished: origSize=3345
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"c6faffcf66d32e749c6c145f20e9aff1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYYLHLNQVHK%2BGW1zGH8Oi%2FsBhnM%2BpnLHqaTCK0Jul3wYxWxKBLxXUUDWhcAo%2BNupA6ryTEdWCXMS7K9hrcwW7vI%2FTKY3wxEkvphqrEulDbyB61RxWvx%2BKBpg4K7bjSEjbmIAyGlBhplml%2Bkq5byp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 743684954a989a18-FRA

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 111ms
10ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: levitrares.com
URL: https://levitrares.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:31:39 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 883917873

GET
H/1.1 403
Forbidden 725b09a97d8c22957d89c9d08a8e182b.js
calumnylightlyspider.com/72/5b/09/ 0
0 455ms
100ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://calumnylightlyspider.com/72/5b/09/725b09a97d8c22957d89c9d08a8e182b.js
Requested by: Host: levitrares.com
URL: https://levitrares.com/assets/inject.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 14:39:50 GMT
Server: nginx/1.22.0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H/1.1 403
Forbidden 6353cd5fdad8d14e5a34c65cc3d8a4ca.js
calumnylightlyspider.com/63/53/cd/ 0
0 451ms
102ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://calumnylightlyspider.com/63/53/cd/6353cd5fdad8d14e5a34c65cc3d8a4ca.js
Requested by: Host: levitrares.com
URL: https://levitrares.com/assets/inject.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 14:39:50 GMT
Server: nginx/1.22.0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 51ms
25ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y8NS3XF3SB

Requested by

Host: levitrares.com
URL: https://levitrares.com/assets/inject.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

821d7c6d3a0197f6eb3a336d1231f17d1bb0ceec39a13544831b2d76fdc7711d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73029
x-xss-protection: 0
expires: Wed, 31 Aug 2022 14:39:50 GMT

GET
H2 200 ads.js Show response
ads.maskoding.com/ 67 B
254 B 323ms
177ms Script
text/javascript 34.110.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.maskoding.com/ads.js
Requested by: Host: a.levitrares.com
URL: https://a.levitrares.com/anti-adblock.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.138.177 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 177.138.110.34.bc.googleusercontent.com
Software: /
Resource Hash: 51928336069eb971297269f1409e689b13134f2bb945a96993007832572e9868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 31 Aug 2022 14:39:50 GMT
replit-cluster: hacker
content-length: 67
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type: text/javascript; charset=utf-8

GET
H2 200 ping
www.google.com/ 0
0 49ms
22ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ping?sitemap=https://levitrares.com/host-https-brainly.co.id/sitemap.xml
Requested by: Host: levitrares.com
URL: https://levitrares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 ping
www.google.com/ 0
0 95ms
68ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ping?sitemap=https://www.levitrares.app/host-https-brainly.co.id/sitemap.xml
Requested by: Host: levitrares.com
URL: https://levitrares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 52ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Y8NS3XF3SB&gtm=2oe8t0&_p=1524983091&cid=762529065.1661956797&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1661956797&sct=1&seg=0&dl=https%3A%2F%2Flevitrares.com%2F&dt=HargaDepo%20-%20Daftar%20Harga%20Di%20Depo%20Bangunan&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y8NS3XF3SB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 14:39:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://levitrares.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sweetalert2.min.js Show response
odong.eduzone.my.id/ 43 KB
14 KB 182ms
9ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odong.eduzone.my.id/sweetalert2.min.js
Requested by: Host: a.levitrares.com
URL: https://a.levitrares.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: a562e74fa9fc556c7d765a6a82f80af5053ea80d0691c27771f773404bfe6f60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-fastly-request-id: 4a1acc93bca38fcd107a9e2526136aca79407750
date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: gzip
age: 139
x-cache: HIT
content-length: 14333
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Sat, 25 Jun 2022 10:44:35 GMT
server: GitHub.com
x-github-request-id: 20B4:5150:370FF9:3B04EA:62FDB6B2
x-timer: S1661956791.828222,VS0,VE2
etag: W/"62b6e713-aa5f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Thu, 18 Aug 2022 03:59:06 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 1

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 320ms
95ms Script
text/html 192.99.8.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4459743&@f16&@g1&@h1&@i1&@j1661956797630&@k0&@l1&@mHargaDepo%20-%20Daftar%20Harga%20Di%20Depo%20Bangunan&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1600&@b1:-68054684&@b3:1661956798&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Flevitrares.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns523448.ip-192-99-8.net
Software: /
Resource Hash: f739680d60242a74f17ccfbc631dfdb684ef76b11cebefec10b53fcdca296132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 14:39:50 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_511.js Show response
s10.histats.com/counters/ 15 KB
6 KB 14ms
10ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_511.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:30:30 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "1364484781"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 5984
x-request-id: 715524103

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 318ms
93ms Script
text/html 192.99.8.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4459743&@f16&@g1&@h1&@i1&@j1661956797630&@k0&@l1&@mHargaDepo%20-%20Daftar%20Harga%20Di%20Depo%20Bangunan&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:143625685&@b3:1661956798&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Flevitrares.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns523448.ip-192-99-8.net
Software: /
Resource Hash: f739680d60242a74f17ccfbc631dfdb684ef76b11cebefec10b53fcdca296132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 14:39:50 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 315ms
94ms Script
text/html 192.99.8.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4459743&@f16&@g0&@h2&@i1&@j1661956797657&@k27&@l2&@mHargaDepo%20-%20Daftar%20Harga%20Di%20Depo%20Bangunan&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1600&@b1:-153846247&@b3:1661956798&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Flevitrares.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns523448.ip-192-99-8.net
Software: /
Resource Hash: f739680d60242a74f17ccfbc631dfdb684ef76b11cebefec10b53fcdca296132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 14:39:50 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 324ms
97ms Script
text/html 192.99.8.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4459743&@f16&@g0&@h2&@i1&@j1661956797657&@k27&@l2&@mHargaDepo%20-%20Daftar%20Harga%20Di%20Depo%20Bangunan&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-53949489&@b3:1661956798&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Flevitrares.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns523448.ip-192-99-8.net
Software: /
Resource Hash: f739680d60242a74f17ccfbc631dfdb684ef76b11cebefec10b53fcdca296132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 14:39:50 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/ 149 KB
53 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/reactive_library_fy2021.js?bust=31069250

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f2fdb8b3457f7e99445bc79a07948ef8e31deda89b426a5684aa4c0c5775a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54500
x-xss-protection: 0
server: cafe
etag: 6480376548414441208
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Aug 2022 14:39:50 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 36ms
19ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=levitrares.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 37ms
17ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=levitrares.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/ Frame 9830 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://levitrares.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 23:34:36 GMT
etag: 8616628553774171045
expires: Tue, 13 Sep 2022 23:34:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame BAC0 6 KB
1 KB 44ms
18ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1661956797&rafmt=1&to=qs&pwprc=7179978295&psa=0&format=1200x280&url=https%3A%2F%2Flevitrares.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661956797175&bpp=4&bdt=376&idt=206&shv=r20220829&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6780957671790&frm=20&pv=1&ga_vid=762529065.1661956797&ga_sid=1661956797&ga_hid=1524983091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31069250%2C44772922&oid=2&pvsid=635269597083374&tmod=89183124&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tzyB16IqwH&p=https%3A//levitrares.com&dtd=214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 14:00:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 31 Aug 2022 14:39:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Aug 2022 14:39:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame BAC0 2 KB
983 B 56ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 14:30:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame BAC0 23 KB
10 KB 48ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f63e08b18115b72e6d2cbe9db5f7527d2731545d38beae54317e10cfe0f58fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9615
x-xss-protection: 0
server: cafe
etag: 5965352936607719246
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 14:34:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame BAC0 3 KB
1 KB 43ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 13:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 13:54:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame BAC0 17 KB
8 KB 51ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 14:21:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BAC0 141 KB
44 KB 44ms
25ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44757
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661773661488070"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 14:39:50 GMT

GET
H2 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame BAC0 33 KB
14 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 575982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 22:40:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BAC0 0
0 55ms
54ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbwwDtnIPY_KbHIq57AOdzpeoCLa8vv9b2sf1up4KwI23ARABIJ62vzdglYKAgJAHoAGc8sfqA8gBCakCqL7JkNuBsz6oAwHIA8sEqgT4AU_QDT1uyvvJK13YSpqDqsODV2qvTNiOJCCGoNTmQ8ezTU0D--F_opCIbv2XdqWbaaLpGES5Sc51uRzQT8iZIDWF27Cv3Cai_Y1kdYNCBB9hGn0EM3z2EDu9ny6RjslVqssOSnky8jbAToQ1PU4paEQK6MlBW50MC4yKWDzkAEv87LhIo5MidEQGHMMsWmlqqlBV9MvCK64XuyfU23f6JAEA--QLzZ3uOP2tGn0pUa7-B7UVXuI5hhr1yDpq81Gio_263tDpOnySJzUvbop315TZ4WS1JqgpDxr6tdqEy2ZF0GNI-o4vJeqI0Jib9ODSmDprmkeiLrnJwATOt6yGmQKSBQQIBBgBkgUECAUYBKAGLoAHzI24FagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEIB_0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMNiBQJ0BUBmBYBgBcBshccChoIABIUcHViLTk4ODczNjgyMTEwMTk0NjcYAA&sigh=I7XdJbdd2xI&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1661956797&rafmt=1&to=qs&pwprc=7179978295&psa=0&format=1200x280&url=https%3A%2F%2Flevitrares.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661956797175&bpp=4&bdt=376&idt=206&shv=r20220829&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6780957671790&frm=20&pv=1&ga_vid=762529065.1661956797&ga_sid=1661956797&ga_hid=1524983091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31069250%2C44772922&oid=2&pvsid=635269597083374&tmod=89183124&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tzyB16IqwH&p=https%3A//levitrares.com&dtd=214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 31 Aug 2022 14:39:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 31 Aug 2022 14:39:50 GMT

GET
H2 200 2728354180183721846
tpc.googlesyndication.com/simgad/5154815653305459718/ Frame BAC0 31 KB
31 KB 39ms
16ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5154815653305459718/2728354180183721846?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aae4c698d40f4d24bcadced1b964bd061201644cf45ea1a65b140f0724d3376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:26:24 GMT
x-content-type-options: nosniff
age: 360806
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31734
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 17:15:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 27 Aug 2023 10:26:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 9830 4 KB
709 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 14:04:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 31 Aug 2022 14:39:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Aug 2022 14:39:50 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9830 205 B
518 B 13ms
9ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:18:39 GMT
x-content-type-options: nosniff
age: 1271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 31 Aug 2023 14:18:39 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9830 604 B
695 B 13ms
10ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 11:44:12 GMT
x-content-type-options: nosniff
age: 10538
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 31 Aug 2023 11:44:12 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/elements/html/ Frame 9830 19 KB
8 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3d58bcf272258d6dde92e0123d8bd16f3caf1c4a025147c5964fe778e064e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 13:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8311
x-xss-protection: 0
server: cafe
etag: 13410161823615325117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 13:39:58 GMT

GET
H2 200 sweetalert2.min.css
odong.eduzone.my.id/ 24 KB
4 KB 21ms
14ms Stylesheet
text/css 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odong.eduzone.my.id/sweetalert2.min.css
Requested by: Host: a.levitrares.com
URL: https://a.levitrares.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: be2d081c45968c7f97fb9226c95ea48ff7c1305cd24f3e2e3e5523461453b834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-fastly-request-id: afe27de37263068ab8e47c39b1456716e69ce88e
date: Wed, 31 Aug 2022 14:39:50 GMT
content-encoding: gzip
age: 139
x-cache: HIT
content-length: 4359
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Sat, 25 Jun 2022 10:44:35 GMT
server: GitHub.com
x-github-request-id: E806:3864:C3E6F7:D30A5A:630D1540
x-timer: S1661956791.869820,VS0,VE3
etag: W/"62b6e713-5fe8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Mon, 29 Aug 2022 19:46:32 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 7.7MegaElektronikSale.jpg
odong.eduzone.my.id/ 34 KB
34 KB 105ms
105ms Image
image/jpeg 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odong.eduzone.my.id/7.7MegaElektronikSale.jpg
Requested by: Host: levitrares.com
URL: https://levitrares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 9ad054ecc06be62a99c5b8f6da6e8dc1258bbc5362a9263e1411687e42011569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-fastly-request-id: 939387486a97ea965d781710b7b8cb51d3db9818
date: Wed, 31 Aug 2022 14:39:50 GMT
via: 1.1 varnish
age: 0
x-cache: HIT
x-cache-hits: 1
content-length: 34894
x-served-by: cache-hhn4020-HHN
last-modified: Sat, 25 Jun 2022 10:44:35 GMT
server: GitHub.com
x-github-request-id: 561C:1138F:1A53E:61206:630C376C
x-timer: S1661956791.878287,VS0,VE96
etag: "62b6e713-884e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
expires: Mon, 29 Aug 2022 04:00:04 GMT

GET
H3 200 Cat-Genteng-Terbaik.jpg
hargadepo.com/wp-content/uploads/2017/07/ 33 KB
34 KB 803ms
802ms Image
image/jpeg 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hargadepo.com/wp-content/uploads/2017/07/Cat-Genteng-Terbaik.jpg

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f92780c6483f1983730d224bba612797f5ce8b604ee47d8efba4d93fc6a9ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jul 2017 16:21:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5963a97d-8401"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMB9qecb9IvlAOTDnBR0hD2Vu5%2Fs4Cter8Wbbemm8u2cVXZsSxceozLs%2BK%2FKxF045w8XR%2B0CJz%2FmrCdP4U3I2mc5D0PwJ4sAJu64YPgMJBxayEfJjuON1DFX8ldX3J0gc%2BaWqEvIYFT1vtsT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 7436849748a95b74-FRA
expires: Thu, 31 Aug 2023 14:39:51 GMT

GET
H3 200 Homogenous-Tile.jpg
hargadepo.com/wp-content/uploads/2017/07/ 27 KB
27 KB 833ms
832ms Image
image/jpeg 2606:4700:3031::ac43:8776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hargadepo.com/wp-content/uploads/2017/07/Homogenous-Tile.jpg

Requested by

Host: levitrares.com
URL: https://levitrares.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f8e12e4e9026a91d781abc9200243f114c0205039afa819bbe90deee8e3e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jul 2017 16:11:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5963a722-6bb0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TF8mtUAgAUEfUatsMhmqQ98vuNy%2Br0EXcLxu6U%2BC4geE9gqNLdGHmbIFROE%2BkdOQM2U5mDDjvQVvsucfv2omoNIO5pDeBRYvbAynfYtwQbJuXa58zuCWIBDzpcSYnO%2BIzjEIEdNLqNFC0AzI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 7436849748ac5b74-FRA
expires: Thu, 31 Aug 2023 14:39:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C8F2 8 KB
893 B 42ms
25ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 14:04:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 31 Aug 2022 14:39:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Aug 2022 14:39:51 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame C8F2 2 KB
902 B 28ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 14:25:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame C8F2 23 KB
9 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f63e08b18115b72e6d2cbe9db5f7527d2731545d38beae54317e10cfe0f58fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9615
x-xss-protection: 0
server: cafe
etag: 5965352936607719246
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 14:34:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame C8F2 3 KB
1 KB 31ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 13:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 13:55:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame C8F2 17 KB
7 KB 30ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 14:02:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8F2 141 KB
44 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44757
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661773661488070"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 14:39:51 GMT

GET
H3 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame C8F2 33 KB
13 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 575983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 22:40:08 GMT

GET
DATA 200
OK truncated
/ Frame BAC0 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57f08252e75f1adbc232e7a361572c6ceb3a65fe52b8f69efeff3e6ebc8b4e9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BAC0 15 KB
16 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 292210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:29:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BAC0 15 KB
15 KB 32ms
14ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 183154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 11:47:17 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BAC0 15 KB
15 KB 24ms
12ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 542280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 08:01:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BF56 143 B
163 B 11ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1707
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 14:11:24 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET fontawesome-webfont.woff
hargadepo.com/wp-content/themes/mudra/assets/fonts/ 0
0

GET
H3 200 ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B77 36 KB
16 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 11:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15877
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 11:57:15 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BF56
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

20ms
20ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 14:39:51 GMT
expires: Wed, 31 Aug 2022 14:39:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 14:39:51 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET fontawesome-webfont.ttf
hargadepo.com/wp-content/themes/mudra/assets/fonts/ 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 74ms
56ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220829&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87d9cd5374c00bd260dae086aa5b37d9101fdabe45894d1155a023e6ec0cbbef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 14:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11214
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 14:39:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7093 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://levitrares.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 13:40:21 GMT
expires: Thu, 31 Aug 2023 13:40:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7C4A 783 B
535 B 32ms
31ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3184acf13a2c0bd458d1817209343ef18c34ff3f517001566019ee841b61e515

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VXcAQYlvq_hBVg_ZgyU2JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://levitrares.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-VXcAQYlvq_hBVg_ZgyU2JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 14:39:53 GMT
expires: Wed, 31 Aug 2022 14:39:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js Show response
pagead2.googlesyndication.com/bg/ Frame 7093 36 KB
16 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 11:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15877
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 11:57:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7C4A 0
0 42ms
41ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220829&jk=635269597083374&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7093 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Dzpv_g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:39:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220829&jk=635269597083374&bg=!XF-lXxvNAAaXrHhMt6w7ACkAdvg8Wq2RXfxZlvLQYsIsu3CYqAkASOCbD5RKuE2wzqjzcPfkTspoEAIAAAByUgAAAARoAQcKACEeab-P9judNYxXlTvIX_GPR12MSZXll_Ou8tNkx2BNZQ6ZAprDrMM1qgnM6og9lixPumxkq4SCxZCf19GA98A_32SJfBwax3B3OKgqYxAbHnhDtgDSYjbRCNP4hiQzjaJLfoG1PFo4u8Nihof6ZQ2ZFF6l4G32IlIcHym3xPSfM9bhlAdwXNsNEloNOkP2UMlpacBV2WqrpG87KBDAIPIlHlfEFfpvUukGtq2fRA3KOL-cigT1iSaY54fPj69cqjb8kRwsRw-YISTY8wGpEe-sQNdOq7C34LEi1KEN3ZMdA6wZygJ016iFSCmluTscMGXmqSZ9HJPyT0-4dwJqumndVuEJgBgldJF7vekop7PoL86gsi2rFC9TPZ_FxqDYjdpLy_tw6-WL4w8N59wXneB2k9hfvGhdEo_vgUloo5KKrQg7GIb6Eg6s35wNnU04t-LnT5Z17MgidNSfsCYfnBBnHtsxVz9OmffmGJlTRN3LYjxWcjlxHtX3S9dthMjVsFJd_PhVuC1bJNvh3TCmR-lsVL14nPaIrggxZ6cT2548E1grdCzf-qlTVjnh_4fmbzqXeIcUcDw-04AhLITTmc8Vzbh_pC_so5HdWjw3SzxBZvxM9PTGwS6TvBQBIq_IAUXKkSvISFRhNJrgOsuKWoc4N4d-KLIRKWeaJCRGYPsXjyBEHG9mvZXBDsPDowV4_g5MdZUPHjeGWZin4sMcj6lmtmWPhtEpCdTmGLxri-yLGTOo4oO7p5-MKwMW6y9EtqXxWavqwhmhrqoP8lrwI3tRRrvJLvAjyLYhWpL7UTbxEJkLHxLckPp-BLk_JdCJogPgwm7rFRinCR5a7IeiwgFQv_d-LUzUHQxrkh2PB5JHUwTBTUAoovOBfl4JQmttGvUO9AlUWbiYZICCt4haCBFzroUgvUkj2pLZMS2Li5I
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 239ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Y8NS3XF3SB&gtm=2oe8t0&_p=1524983091&cid=762529065.1661956797&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1661956797&sct=1&seg=0&dl=https%3A%2F%2Flevitrares.com%2F&dt=HargaDepo%20-%20Daftar%20Harga%20Di%20Depo%20Bangunan&en=scroll&epn.percent_scrolled=90&_et=482
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y8NS3XF3SB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://levitrares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 14:39:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://levitrares.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hargadepo.com
URL: https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Domain: a.levitrares.comback-button.js
URL: https://a.levitrares.comback-button.js/

Domain: hargadepo.com
URL: https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.woff?v=4.7.0

Domain: hargadepo.com
URL: https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.ttf?v=4.7.0

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.levitrares.com/	1970-01-20 15:00:52	Name: __gads Value: ID=ed970f3253541a19-2285fc1b0cce0036:T=1661956790:RT=1661956790:S=ALNI_Max9UYnM2dcghf5mecoUDkQ_Rj7Pw
.levitrares.com/	1970-01-20 15:15:16	Name: _ga Value: GA1.1.762529065.1661956797
levitrares.com/	1970-01-20 14:24:52	Name: HstCfa4459743 Value: 1661956797630
levitrares.com/	1970-01-20 14:24:52	Name: HstCmu4459743 Value: 1661956797630
levitrares.com/	1970-01-20 14:24:52	Name: HstCnv4459743 Value: 1
levitrares.com/	1970-01-20 14:24:52	Name: HstCns4459743 Value: 1
levitrares.com/	1970-01-20 14:24:52	Name: HstCla4459743 Value: 1661956797657
levitrares.com/	1970-01-20 14:24:52	Name: HstPn4459743 Value: 2
levitrares.com/	1970-01-20 14:24:52	Name: HstPt4459743 Value: 2
.doubleclick.net/	1970-01-20 15:00:52	Name: IDE Value: AHWqTUmcOb2kEvTf0J3Wpq5UbFFgWblhiNYntSpkBOXoG9XicBl4p8OeytczzJ4FqwE
.levitrares.com/	1970-01-20 15:15:16	Name: _ga_Y8NS3XF3SB Value: GS1.1.1661956797.1.0.1661956798.0.0.0
.doubleclick.net/	1970-01-20 05:39:20	Name: DSID Value: NO_DATA

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://a.levitrares.comback-button.js/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	Message: Scripts may close only the windows that were opened by them.
security	warning	URL: https://levitrares.com/ Message: Mixed Content: The page at 'https://levitrares.com/' was loaded over HTTPS, but requested an insecure element 'http://odong.eduzone.my.id/7.7MegaElektronikSale.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://calumnylightlyspider.com/72/5b/09/725b09a97d8c22957d89c9d08a8e182b.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://calumnylightlyspider.com/63/53/cd/6353cd5fdad8d14e5a34c65cc3d8a4ca.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	error	URL: https://levitrares.com/ Message: Access to font at 'https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://levitrares.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://levitrares.com/ Message: Access to font at 'https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.woff?v=4.7.0' from origin 'https://levitrares.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.woff?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://levitrares.com/ Message: Access to font at 'https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.ttf?v=4.7.0' from origin 'https://levitrares.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.ttf?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.levitrares.com
a.levitrares.comback-button.js
ads.maskoding.com
adservice.google.com
adservice.google.de
calumnylightlyspider.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hargadepo.com
levitrares.com
nodejs-2e7.pages.dev
odong.eduzone.my.id
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s10.histats.com
s4.histats.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
a.levitrares.comback-button.js
hargadepo.com
192.243.61.225
192.99.8.28
2001:4860:4802:34::36
2606:4700:3031::ac43:8776
2606:4700:e0::ac40:6a09
2606:50c0:8002::153
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a06:98c1:3121::3
34.110.138.177
46.105.201.240
056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c
0610d2c01db70605caabb09d411f5cb387248f08391f8dfcd3c39a938213961f
065ea5dc22496e49af5e1eaec97826adeab5bd2efbd69be3c0fff5f6826c675e
0d85376e8ae607236a463a14dc4a003aac1326e7b6fbf1c294c86404f7d0f5b5
15a111f76d24379ceaa3ce64ec466243185fd92626a3f8f86b5392b6a629611f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b93fc787eade336325fa28901f3bc44ec897524d84b9cf39472d015c3ac1995
1f7cefc114dc01ba0aa512a33782150637475395b8afaced5145ecedac353af8
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
296b4b2d9b6795531fdfac83b14aed57bf951b23f1d47441aec8de57f9b7b71b
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e0511b4f7c9bd214faec34044198e116971bd2f4bff025013fea5743bfeafcd
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f92780c6483f1983730d224bba612797f5ce8b604ee47d8efba4d93fc6a9ed9
3184acf13a2c0bd458d1817209343ef18c34ff3f517001566019ee841b61e515
3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6
3e760854d9366cc138dd013bc6c00c7fb1ae9d74fdbc05d21d17f4a2b1af0a18
48fdcad6248cad75d16876289b4543334d70d7aab6c06f79160034568468f813
494b75ba5483e93b0842e4977c2e0b642377fc857d3e2e54d58073599a4bc83b
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f2fdb8b3457f7e99445bc79a07948ef8e31deda89b426a5684aa4c0c5775a4a
51928336069eb971297269f1409e689b13134f2bb945a96993007832572e9868
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
571f0718f7c7625ee0c521a70f8d60f0a5ba592af9e1704ef27dcbaaf946850b
57f08252e75f1adbc232e7a361572c6ceb3a65fe52b8f69efeff3e6ebc8b4e9e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6168c05ec69fef27e8540e68131c36d7c12a0d5bbc99f7a831b5b06fedab374e
619d55d392e0262b83bf1d5a30f1068733ed49d167ade1310c944cb5e6a0421a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645b7c70edb7cf696c165eda3fda4ab274fcd108ee98e33453992b51003aa972
757f54c716b23d480dd35f78d86068c85b99d45a1957427689013e22ade3029e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8118a6ea4212c3668430a1af26add843ecd7f0a238ce2014d90909cc66b21093
821d7c6d3a0197f6eb3a336d1231f17d1bb0ceec39a13544831b2d76fdc7711d
87d9cd5374c00bd260dae086aa5b37d9101fdabe45894d1155a023e6ec0cbbef
8844c1122f04668ccf736bf2024b2f067dbf6f52c7e5912ebd4b2d10fe13c3c4
89d417b63b667b55687b466e193f13bd5c54e5024e5a6cd4dcd647671cc71509
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
91f8e12e4e9026a91d781abc9200243f114c0205039afa819bbe90deee8e3e25
959bededca11122a899abbce442e78d9f5410ada412ffd788e1cbe7056f45701
9812f5669f5e5afa4dc48e50d50eff5af0310b7ce7cc4ccfea0c4989f9c5a9a9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9aae4c698d40f4d24bcadced1b964bd061201644cf45ea1a65b140f0724d3376
9ad054ecc06be62a99c5b8f6da6e8dc1258bbc5362a9263e1411687e42011569
9f21f888c15e38433d68956a83c5f0f83aad6ed3768cf03c10402eb06ef206ab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a562e74fa9fc556c7d765a6a82f80af5053ea80d0691c27771f773404bfe6f60
a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2
a6b1c77e4e4093b79bfb4e31f8fdf1068cd9391ed0dea9e91ac6dd789b9447da
a99d41d739aeed78876867db37d6383f1cb9fc75c37b0bc086fe4bb51927c365
b121c96898449bc5491418331102250943130cfaa0ba2dbb00b70cb6d3b1fda6
b3d58bcf272258d6dde92e0123d8bd16f3caf1c4a025147c5964fe778e064e6a
b568549921b3add333905d117b2b843d51ffb5a94ce7b3a8b5c18bd419a1d08c
b6a322fd6227764713e81671066c420fa54721799cf84585469fa0eac7a5c413
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
be2d081c45968c7f97fb9226c95ea48ff7c1305cd24f3e2e3e5523461453b834
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c68076ca6b0fd444012ce3a63197141733a2351e2310353b5029a4ddc0f1ef9b
d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e745cb882282dd9b39f3f065db4bce0a2d145bcccd2a30d3ed36e8119a816203
e87eb8f1ab22351834096dcb08c6ea4e3312e63f225451f22612c52338733de5
e9d39c03d322319f16ebe0a5c6edc98d74a1461b2c1f0e9efee61fc73777d9ec
f097b0225fe610d9cf60811335f0ef1bb4409db641c0851a6e5c99e580ffd971
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f63e08b18115b72e6d2cbe9db5f7527d2731545d38beae54317e10cfe0f58fc6
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f739680d60242a74f17ccfbc631dfdb684ef76b11cebefec10b53fcdca296132
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f81af49b9e273ea507982f870dabfa439eb2f9845a7f2cacdb473631aa10de18
fa9328070a3b0ebd83b9a05b1ee8366604c8fcbb811f8620a0ae01c55ac1425d
fe5dc8ae42af52c00644c22448de067563ffcd3b0a96839a55651c90d1cc903c
fee05a99733042de2773d5173d61db911e0b37ede6832a763daa5aed10ca552e

levitrares.com Open in urlscan Pro 34.110.138.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

96 %HTTPS

80 %IPv6

18 Domains

23 Subdomains

21 IPs

4 Countries

2460 kBTransfer

3880 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

levitrares.com Open in urlscan Pro
34.110.138.177 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

96 %
HTTPS

80 %
IPv6

18
Domains

23
Subdomains

21
IPs

4
Countries

2460 kB
Transfer

3880 kB
Size

12
Cookies

107 HTTP transactions
1 data transactions