URL: https://client.levelkro.net/
Submission: On March 26 via automatic , source certstream-suspicious

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 21 HTTP transactions.
The main IP is 163.172.39.96, located in France and belongs to Online SAS, FR. The main domain is client.levelkro.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 26th 2020. Valid for: 3 months.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 163.172.39.96 12876 (Online SAS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.241.97.79 46606 (UNIFIEDLA...)
1 38.118.26.26 174 (COGENT-174)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 8
Domain
Subdomains
Transfer
14 levelkro.net
497 KB
2 gstatic.com
27 KB
1 fonts.googleapis.com
516 B
1 pandorafms.com
13 KB
1 pandorafms.org
255 B
1 hurdit.com
202 KB
1 webdevelopersnotes.com
2 KB
1 slurp-ramen.com
51 KB
21 8
Domain Requested by
13 client.levelkro.net client.levelkro.net
1 fonts.gstatic.com client.levelkro.net
1 fonts.googleapis.com client.levelkro.net
1 pandorafms.com client.levelkro.net
1 blog.pandorafms.org 1 redirects
1 www.hurdit.com client.levelkro.net
1 www.webdevelopersnotes.com client.levelkro.net
1 encrypted-tbn0.gstatic.com client.levelkro.net
1 www.slurp-ramen.com client.levelkro.net
1 levelkro.net client.levelkro.net
21 10

This site contains links to these domains. Also see Links.

Domain
netstatus.levelkro.net
Subject / Issuer Validity Valid
client.levelkro.net
Let's Encrypt Authority X3
2020-03-26 -
2020-06-24
3 months
levelkro.net
Let's Encrypt Authority X3
2020-02-29 -
2020-05-29
3 months
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-01-31 -
2020-10-09
8 months
*.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months
webdevelopersnotes.com
cPanel, Inc. Certification Authority
2020-02-19 -
2020-05-19
3 months
*.storage.googleapis.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set /
15 KB
15 KB
Document
General
Full URL
https://client.levelkro.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.39.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
op-paris-01.levelkro.net
Software
Apache / PHP/5.4.16
Resource Hash
045e62c8e435c575c836794251ba4eaaf3e89c75b422fc4245c703a6d72db8d9

Request headers

Host
client.levelkro.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Date
Thu, 26 Mar 2020 08:17:25 GMT
Server
Apache
X-Powered-By
PHP/5.4.16
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=pka1nliqujrhi5beqd0kcecbj0; path=/; HttpOnly
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
theme-levelkro.min.css
/bb-themes/bootstrap/assets/css/themes
125 KB
125 KB
Stylesheet
General
Full URL
https://client.levelkro.net/bb-themes/bootstrap/assets/css/themes/theme-levelkro.min.css
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.39.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
op-paris-01.levelkro.net
Software
Apache /
Resource Hash
6b7d8b9330dbe928d52ad5354d1d766f3ac297905ef3c0aa932ae907e724fa4c

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 26 Mar 2020 08:17:25 GMT
Last-Modified
Sat, 18 May 2019 22:17:49 GMT
Server
Apache
ETag
"1f4ba-58930de907d40"
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
128186
bootstrap-markdown.min.css
/bb-themes/bootstrap/assets/css
3 KB
3 KB
Stylesheet
General
Full URL
https://client.levelkro.net/bb-themes/bootstrap/assets/css/bootstrap-markdown.min.css
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.39.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
op-paris-01.levelkro.net
Software
Apache /
Resource Hash
ba631909c13f2d4709dc5dd5fc3e8d9af431766dce5ad44c88c02990d9c320ec

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 26 Mar 2020 08:17:25 GMT
Last-Modified
Sun, 12 May 2019 08:29:51 GMT
Server
Apache
ETag
"a90-588ac9a7a1dc0"
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2704
modern-business.css
/bb-themes/bootstrap/assets/css
1 KB
2 KB
Stylesheet
General
Full URL
https://client.levelkro.net/bb-themes/bootstrap/assets/css/modern-business.css
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.39.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
op-paris-01.levelkro.net
Software
Apache /
Resource Hash
43040ae3bb8563c70d989c1ad2f8d25fb7bb9a7694097beaf9c94925d7bf5830

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 26 Mar 2020 08:17:25 GMT
Last-Modified
Sun, 12 May 2019 08:29:51 GMT
Server
Apache
ETag
"57a-588ac9a7a1dc0"
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1402
font-awesome.min.css
/bb-themes/bootstrap/assets/font-awesome/css
27 KB
27 KB
Stylesheet
General
Full URL
https://client.levelkro.net/bb-themes/bootstrap/assets/font-awesome/css/font-awesome.min.css
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.39.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
op-paris-01.levelkro.net
Software
Apache /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 26 Mar 2020 08:17:25 GMT
Last-Modified
Sun, 12 May 2019 08:29:59 GMT
Server
Apache
ETag
"6b4a-588ac9af42fc0"
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
27466
jquery.js
/bb-themes/bootstrap/assets/js
94 KB
94 KB
Script
General
Full URL
https://client.levelkro.net/bb-themes/bootstrap/assets/js/jquery.js
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.39.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
op-paris-01.levelkro.net
Software
Apache /
Resource Hash
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 26 Mar 2020 08:17:25 GMT
Last-Modified
Sun, 12 May 2019 08:29:53 GMT
Server
Apache
ETag
"17629-588ac9a98a240"
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
95785
bb-jquery.js
/bb-themes/bootstrap/assets/js
9 KB
9 KB
Script
General
Full URL
https://client.levelkro.net/bb-themes/bootstrap/assets/js/bb-jquery.js
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.39.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
op-paris-01.levelkro.net
Software
Apache /
Resource Hash
7ed9950034a12a36df9a6eee715685d2b6b10946ebae066641f9687fe935a38e

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 26 Mar 2020 08:17:25 GMT
Last-Modified
Sun, 12 May 2019 08:29:52 GMT
Server
Apache
ETag
"223a-588ac9a896000"
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8762
bootstrap.min.js
/bb-themes/bootstrap/assets/js
36 KB
36 KB
Script
General
Full URL
https://client.levelkro.net/bb-themes/bootstrap/assets/js/bootstrap.min.js
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.39.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
op-paris-01.levelkro.net
Software
Apache /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 26 Mar 2020 08:17:25 GMT
Last-Modified
Sun, 12 May 2019 08:29:52 GMT
Server
Apache
ETag
"9004-588ac9a896000"
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
36868
bootstrap-markdown.js
/bb-themes/bootstrap/assets/js
44 KB
44 KB
Script
General
Full URL
https://client.levelkro.net/bb-themes/bootstrap/assets/js/bootstrap-markdown.js
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.39.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
op-paris-01.levelkro.net
Software
Apache /
Resource Hash
79875fce09ec925860b8ad35b2a07375c682fb716edba7110cb81705a2569a4a

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 26 Mar 2020 08:17:25 GMT
Last-Modified
Sun, 12 May 2019 08:29:52 GMT
Server
Apache
ETag
"afe4-588ac9a896000"
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
45028
to-markdown.js
/bb-themes/bootstrap/assets/js
6 KB
6 KB
Script
General
Full URL
https://client.levelkro.net/bb-themes/bootstrap/assets/js/to-markdown.js
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.39.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
op-paris-01.levelkro.net
Software
Apache /
Resource Hash
a761e21f63f86893d22411024c1bc155ff019ce6c61e9f574f2329049db2d9a3

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 26 Mar 2020 08:17:25 GMT
Last-Modified
Sun, 12 May 2019 08:29:53 GMT
Server
Apache
ETag
"1732-588ac9a98a240"
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5938
markdown.js
/bb-themes/bootstrap/assets/js
46 KB
46 KB
Script
General
Full URL
https://client.levelkro.net/bb-themes/bootstrap/assets/js/markdown.js
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.39.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
op-paris-01.levelkro.net
Software
Apache /
Resource Hash
5cf12b6f179fcedeb145181b9158c401693b184cc92294ff81a3e3ea9640a409

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 26 Mar 2020 08:17:25 GMT
Last-Modified
Sun, 12 May 2019 08:29:53 GMT
Server
Apache
ETag
"b830-588ac9a98a240"
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
47152
bootbox.min.js
/bb-themes/bootstrap/assets/js
10 KB
10 KB
Script
General
Full URL
https://client.levelkro.net/bb-themes/bootstrap/assets/js/bootbox.min.js
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.39.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
op-paris-01.levelkro.net
Software
Apache /
Resource Hash
0b6bab63e3aa24b4ab6aab63765a217db5004961bab1ab7d74ffebfa33efb5c4

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 26 Mar 2020 08:17:25 GMT
Last-Modified
Sun, 12 May 2019 08:29:52 GMT
Server
Apache
ETag
"26f4-588ac9a896000"
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
9972
main-logo.png
levelkro.net/images
13 KB
13 KB
Image
General
Full URL
https://levelkro.net/images/main-logo.png
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.39.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
op-paris-01.levelkro.net
Software
Apache /
Resource Hash
33299eca504ac9571ec4c95b3923e17ad6c1dab79650661306c6e7b66773ca65

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 26 Mar 2020 08:17:25 GMT
Last-Modified
Mon, 29 Apr 2019 07:12:39 GMT
Server
Apache
ETag
"33b5-587a6027387c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
13237
Transmission-640x405.png
www.slurp-ramen.com/wp-content/uploads/2018/07
50 KB
51 KB
Image
General
Full URL
https://www.slurp-ramen.com/wp-content/uploads/2018/07/Transmission-640x405.png
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681f:4799 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f5c80e604ec20a00b34a83fd7d6e68d029d4824a6609e617ccf30239e0b2129

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Thu, 26 Mar 2020 08:17:25 GMT
cf-cache-status
MISS
last-modified
Mon, 16 Jul 2018 16:16:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
579f6f685c4297c0-FRA
content-length
51370
expires
Mon, 25 May 2020 08:17:25 GMT
images?q=tbn:ANd9GcRs48mnPXHJLFJ7PRi1daq1EkrujMDfqQv3rkoQyKsp4aRrOAn4XA&s
encrypted-tbn0.gstatic.com
13 KB
13 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRs48mnPXHJLFJ7PRi1daq1EkrujMDfqQv3rkoQyKsp4aRrOAn4XA&s
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7745fc02ba668c8087dfd542ed245364f82c8ca1f1350393555c9009cfc16627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 08:17:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 16 Jun 2019 07:52:12 GMT
server
sffe
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
13445
x-xss-protection
0
expires
Fri, 26 Mar 2021 08:17:25 GMT
change-web-hosting-server.png
www.webdevelopersnotes.com/wp-content/uploads
2 KB
2 KB
Image
General
Full URL
https://www.webdevelopersnotes.com/wp-content/uploads/change-web-hosting-server.png
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.241.97.79 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.simplygraphix.com
Software
Apache /
Resource Hash
554ae29356e5857dcb64443fbc76439feaefc42550f43ee87cb85c84dd75691a

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 26 Mar 2020 08:17:26 GMT
Last-Modified
Wed, 22 Feb 2017 20:09:37 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2235
Blog-NetworkUpdate.png
www.hurdit.com/sites/default/files
202 KB
202 KB
Image
General
Full URL
http://www.hurdit.com/sites/default/files/Blog-NetworkUpdate.png
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
HTTP/1.1
Server
38.118.26.26 Washington, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7e356e7acdfeba0992ad458cb130d4b7009e5450eaa332db3a06b42269b8e954

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 26 Mar 2020 08:17:22 GMT
ETag
"7824b3a057a2d21:0"
Last-Modified
Tue, 21 Mar 2017 15:27:18 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
206691
network-security-featured.png
pandorafms.com/blog/wp-content/uploads/2018/03
Redirect Chain
  • https://blog.pandorafms.org/wp-content/uploads/2018/03/network-security-featured.png
  • https://pandorafms.com/blog/wp-content/uploads/2018/03/network-security-featured.png
13 KB
13 KB
Image
General
Full URL
https://pandorafms.com/blog/wp-content/uploads/2018/03/network-security-featured.png
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:6607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.13.1
Resource Hash
1f86d1b58af9f411a64cf73d6ed15be0e1ef35458eadde96b12be4c9eee6f59d

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Mar 2020 08:17:26 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
x-powered-by
W3 Total Cache/0.13.1
x-cache
MISS
status
200
content-type
image/png
content-length
12969
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Feb 2020 07:01:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
x-varnish
26169252
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
579f6f69db95972a-FRA
expires
Thu, 25 Mar 2021 22:37:05 GMT

Redirect headers

date
Thu, 26 Mar 2020 08:17:25 GMT
server
cloudflare
location
https://pandorafms.com/blog/wp-content/uploads/2018/03/network-security-featured.png
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
301
cache-control
max-age=3600
cf-ray
579f6f693bdc1f45-FRA
expires
Thu, 26 Mar 2020 09:17:25 GMT
css?family=Lato:300,400,700
fonts.googleapis.com
2 KB
516 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7d6b1c8e88874fb2696fc3128ea91fc6f47915466ea9f566ab2c39fcebffbd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://client.levelkro.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 26 Mar 2020 08:17:25 GMT
server
ESF
date
Thu, 26 Mar 2020 08:17:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Mar 2020 08:17:25 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/bb-themes/bootstrap/assets/js/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin
https://client.levelkro.net
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Mar 2020 00:02:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
1844097
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Fri, 05 Mar 2021 00:02:28 GMT
fontawesome-webfont.woff2?v=4.5.0
/bb-themes/bootstrap/assets/font-awesome/fonts
65 KB
65 KB
Font
General
Full URL
https://client.levelkro.net/bb-themes/bootstrap/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: client.levelkro.net
URL: https://client.levelkro.net/bb-themes/bootstrap/assets/js/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.39.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
op-paris-01.levelkro.net
Software
Apache /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
https://client.levelkro.net/bb-themes/bootstrap/assets/font-awesome/css/font-awesome.min.css
Origin
https://client.levelkro.net
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 26 Mar 2020 08:17:25 GMT
Last-Modified
Sun, 12 May 2019 08:30:01 GMT
Server
Apache
ETag
"10440-588ac9b12b440"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
66624

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 17
  • https://blog.pandorafms.org/wp-content/uploads/2018/03/network-security-featured.png
  • https://pandorafms.com/blog/wp-content/uploads/2018/03/network-security-featured.png

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| bb object| jQuery111103373609755887246 function| toMarkdown object| markdown object| bootbox

1 Cookies

Domain/Path Name / Value
client.levelkro.net/ Name: PHPSESSID
Value: pka1nliqujrhi5beqd0kcecbj0

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

blog.pandorafms.org
client.levelkro.net
encrypted-tbn0.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
levelkro.net
pandorafms.com
www.hurdit.com
www.slurp-ramen.com
www.webdevelopersnotes.com


162.241.97.79
163.172.39.96
2606:4700:3030::681b:8faf
2606:4700:3031::6818:6607
2606:4700:3034::681f:4799
2a00:1450:4001:814::2003
2a00:1450:4001:816::200a
2a00:1450:4001:81b::200e
38.118.26.26

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
045e62c8e435c575c836794251ba4eaaf3e89c75b422fc4245c703a6d72db8d9
0b6bab63e3aa24b4ab6aab63765a217db5004961bab1ab7d74ffebfa33efb5c4
0f5c80e604ec20a00b34a83fd7d6e68d029d4824a6609e617ccf30239e0b2129
1f86d1b58af9f411a64cf73d6ed15be0e1ef35458eadde96b12be4c9eee6f59d
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
33299eca504ac9571ec4c95b3923e17ad6c1dab79650661306c6e7b66773ca65
43040ae3bb8563c70d989c1ad2f8d25fb7bb9a7694097beaf9c94925d7bf5830
554ae29356e5857dcb64443fbc76439feaefc42550f43ee87cb85c84dd75691a
5cf12b6f179fcedeb145181b9158c401693b184cc92294ff81a3e3ea9640a409
6b7d8b9330dbe928d52ad5354d1d766f3ac297905ef3c0aa932ae907e724fa4c
7745fc02ba668c8087dfd542ed245364f82c8ca1f1350393555c9009cfc16627
79875fce09ec925860b8ad35b2a07375c682fb716edba7110cb81705a2569a4a
7e356e7acdfeba0992ad458cb130d4b7009e5450eaa332db3a06b42269b8e954
7ed9950034a12a36df9a6eee715685d2b6b10946ebae066641f9687fe935a38e
a761e21f63f86893d22411024c1bc155ff019ce6c61e9f574f2329049db2d9a3
ba631909c13f2d4709dc5dd5fc3e8d9af431766dce5ad44c88c02990d9c320ec
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
f7d6b1c8e88874fb2696fc3128ea91fc6f47915466ea9f566ab2c39fcebffbd6
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995