urlscan.io logo urlscan.io
SecurityTrails logo

levelflowtr.com Open in urlscan Pro
2606:4700:3031::ac43:c688  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cashflowtr.com/
Effective URL: https://levelflowtr.com/
Submission: On January 28 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3031::ac43:c688, located in United States and belongs to CLOUDFLARENET, US. The main domain is levelflowtr.com.
TLS certificate: Issued by GTS CA 1P5 on December 7th 2023. Valid for: 3 months.
This is the only time levelflowtr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
8 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
24 3
Apex Domain
Subdomains		 Transfer
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
76 KB
8 levelflowtr.com
levelflowtr.com
565 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
199 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
5 KB
1 cashflowtr.com
cashflowtr.com
673 B
24 5
Domain Requested by
12 fundingchoicesmessages.google.com levelflowtr.com
8 levelflowtr.com levelflowtr.com
3 pagead2.googlesyndication.com levelflowtr.com
pagead2.googlesyndication.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 cashflowtr.com 1 redirects
24 5

This site contains links to these domains. Also see Links.

Domain
discord.gg
Subject Issuer Validity Valid
levelflowtr.com
GTS CA 1P5		 2023-12-07 -
2024-03-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://levelflowtr.com/
Frame ID: E4E01C6FCD0DCC0C5AC089BD7BEBDC48
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 22FB89023DE37E2E6B9743F1859A3426
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LevelflowTR

Page URL History Show full URLs

  1. http://cashflowtr.com/ HTTP 301
    https://levelflowtr.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

24
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

844 kB
Transfer

2691 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cashflowtr.com/ HTTP 301
    https://levelflowtr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
levelflowtr.com/
Redirect Chain
  • http://cashflowtr.com/
  • https://levelflowtr.com/
17 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://levelflowtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c688 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48095dbdabad01da5ee879de80a449e9297bf100ee6154b1cbe6455cd2d79aba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84caf3b49d1f3645-FRA
content-encoding
gzip
content-type
text/html
date
Sun, 28 Jan 2024 17:28:27 GMT
last-modified
Sun, 28 Jan 2024 12:28:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wy6VxTymxVDOm16GR7TQBNiDbsX6MwQO01EV354P6me0p4BNw%2FZ1%2FBkiVrKDPPODkg1uQxrtSNF1pxyzpLnn9IQ8x1DgqGqMH7u9L%2FXq2eoFs1Tp5yNWGLWXC%2Bke%2Fj1QizWbed%2B54DyUG4vQbTA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
84caf3b3e88b37ef-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 28 Jan 2024 17:28:27 GMT
Expires
Sun, 28 Jan 2024 18:28:27 GMT
Location
https://levelflowtr.com
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fynnFbHdYpEA%2FRAzztrOpbPmNAscFyNDCd0DjGxdZACFCUPwiyJYMTMcyBDMnmajo88iBRUc7bWxHXFulBJHUErzR05TLiDYmdJ1EEovQEXoLOCf7er8PUbbb6nPJNVcVcjCgNl%2BJ7y%2FG58JCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9422049964087743
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e09f42266d6ad008b5a69916874f8bc0963d91254d5825421d11ab274926c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://levelflowtr.com/
Origin
https://levelflowtr.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51107
x-xss-protection
0
server
cafe
etag
2866591469322182108
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 28 Jan 2024 17:28:27 GMT
pub-9422049964087743
fundingchoicesmessages.google.com/i/ 		183 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-9422049964087743?ers=1
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1320f2fa1533d284a9fd5f0ca3323a5f6ad91af3db9c9dc7a139188f5a9f9ff7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2dKabCr5wxyXwKGHLS_GaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:28:27 GMT
content-security-policy
script-src 'report-sample' 'nonce-2dKabCr5wxyXwKGHLS_GaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjusOoxSXF4KwhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAnFP_0umKUD87stLJo6vL5kkgFgNiN9JvmL6BsQ7fDxY3oRPZ2WLmM56umA662UgZquYzsoHxHF101lzgJhv3XRWzfXTWbecmc66B4hjnk9nTQHixawzWFcD8ZTAGaxzgLglegbrJCB2Sp_BGgDEnzNnsP4GYp_6GaxRQFx2-xxrHRAL8XDsnntrLZtAw8OtC5gB-m5kSw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
index-20e9e9be.js
levelflowtr.com/assets/ 		1 MB
418 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://levelflowtr.com/assets/index-20e9e9be.js
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c688 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c146f20cca856a7106f9a84a7c95ed3442f4153432c5557a002105727618a34

Request headers

Referer
https://levelflowtr.com/
Origin
https://levelflowtr.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:28:27 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 28 Jan 2024 12:28:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b6485b-15d295"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0etEIsw2ZJgw1n%2F2CKH1xRHqWXG2cYYMagtOLblzOH0qwdL9vUmbda%2BqegMaJqxaA5r%2BmcvNB4j%2B5w0mVOtEHlmQw6qD2RbpE6AnVZpG53sO8V%2F0L00mzecIlEjVQcte7PNc28YOc3oWjbl%2FK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84caf3b57e1b3645-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 27 Feb 2024 17:28:27 GMT
index-aaae9f11.css
levelflowtr.com/assets/ 		389 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://levelflowtr.com/assets/index-aaae9f11.css
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c688 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaae9f113568ae9a014770dcbb7536b90a79353fa72d646f2258f05e31894ebe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:28:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 25 Jan 2024 01:39:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
150827
etag
W/"65b1bbdb-6140b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCDB4eOih%2BAHnDgzCNJY07zUPTXiFPsfGHAHMtCCfIWYNu9NZbD0Gocztt85UPkZC1BefEiWfRzt09MVncl92pQILNWvgdbbEXzv%2F0TrhqT5nt7tX7nZu4pIJYLnXDXWqUQ%2Bu2Gx4LwFGmCqotQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84caf3b57e193645-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 25 Feb 2024 23:34:40 GMT
pub-9422049964087743
fundingchoicesmessages.google.com/b/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/b/pub-9422049964087743
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
62c8219e13b355fc2bf84035a328f3d28aacd98fe148b6369b1dde30cb5e4218
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-h_tMu6v9QV_FqFvq1sHnvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:28:27 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-h_tMu6v9QV_FqFvq1sHnvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjusKoxSXF4KUhxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAnFP_0umKUD87stLJo6vL5kkgFgNiN9JvmL6BsQ7fDxY3oRPZ2WLmM56umA662UgZquYzsoHxHF101lzgJhv3XRWzfXTWbecmc66B4hjnk9nTQHixawzWFcD8ZTAGaxzgLglegbrJCB2Sp_BGgDEnzNnsP4G4rLb51jrgFiIh2P33Ftr2QQ-XJ0_iRkA8i1hqg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU0UqvMTlvn8QG3GiP7n5fKyy5RhfmMUHMQUn6scZDZKnKPFq5CGXgVSWJBPz-JWENYf_DtVmKqbRyrDn8Jhzg_PA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU0UqvMTlvn8QG3GiP7n5fKyy5RhfmMUHMQUn6scZDZKnKPFq5CGXgVSWJBPz-JWENYf_DtVmKqbRyrDn8Jhzg_PA==
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Z6C949kanlrMpNLq-n2WaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:28:27 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Z6C949kanlrMpNLq-n2WaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY_fcW2vZBG5M-bSNGQDwgCDU"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://levelflowtr.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 		405 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9422049964087743&plah=levelflowtr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9422049964087743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d36e7a7b394bb1a5398b95d802f2bde5b6ad8bebb4fe1bda230f0794e32b32f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140753
x-xss-protection
0
server
cafe
etag
7499531597121713354
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 17:28:27 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 22FB 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9422049964087743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://levelflowtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
64070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 23:40:37 GMT
etag
3890843268177463596
expires
Sat, 10 Feb 2024 23:40:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxWRU9Qtgck7AyAW2Rv_FYnwNqKzs7ng72WF2GOpua9QO_229sEn_-nSdarK_S9J91UCLVtN1BbHwpGMGM2EjuqGb83sgSmaV-zb0NIFs-TXlLADUVAyI_SLiks5hdJPvOBCecF2uQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWRU9Qtgck7AyAW2Rv_FYnwNqKzs7ng72WF2GOpua9QO_229sEn_-nSdarK_S9J91UCLVtN1BbHwpGMGM2EjuqGb83sgSmaV-zb0NIFs-TXlLADUVAyI_SLiks5hdJPvOBCecF2uQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NDYyOTA3LDk1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9sZXZlbGZsb3d0ci5jb20vIixudWxsLFtbOCwiWXRrdlV2cjBLaEkiXSxbOSwibmwiXSxbMTksIjEiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxeD-IE230jo4CeT4KBR9exv4WH7w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ed4bd3eb3d3ad034266b02cac3a1bc50c1a8ff15e0bc6b80310581f4da8e3507
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Byqemhh0LLv2dfrMX-12XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:28:28 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Byqemhh0LLv2dfrMX-12XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smnq8vmSSAWAOI30m-YvoGxDt8PFjehE9n5YqYznq6YDrrZSBmq5jOygfEcXXTWfOAmG_ddFbd9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCUayAZip_QZrEFA_DlzButvIC67fY61DoiFuDn2zL21lk1gw5wvPABJAVv8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
levelflowtr.com/socket.io/ 		118 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://levelflowtr.com/socket.io/?EIO=4&transport=polling&t=OrH7OyM
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/assets/index-20e9e9be.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c688 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aa4d783d9899e10e2b3bd2106529242228e26e316b88b8926db551ba0753c96

Request headers

Accept
*/*
Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:28:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSp34OLaNTnvU9oxkXBnMexbhdyO%2BMiScXHoIQd6dDFKSxEIsNrwwsTdmcOj040SJAzt8VoEDbxsNAf6L0EzNBCbpogxZm97umoom4sw%2BgNqfo82drqqmw5Iv7hx%2BDYlyGc5BYNXS%2FadAurUIH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cache-control
no-store
cf-ray
84caf3b87c725a7b-IAD
alt-svc
h3=":443"; ma=86400
check-session
levelflowtr.com/api/auth/ 		18 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://levelflowtr.com/api/auth/check-session
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/assets/index-20e9e9be.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c688 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aa06759da6af9878325a7b76e0c2a27516b85ca0022c140bd02d236e4ce81e5
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:28:28 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
content-length
18
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"12-5Ti4RxX6tW4QHCzTPHbTwIiTtA8"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://levelflowtr.com
origin-agent-cluster
?1
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kK8EfoXge4OZjRkPZjUHlUNUsEcOPArez%2BxqH3sa9ALf%2FpL8pjZA62w7mu%2B67jNvsrkrtca%2FH26EAbIVteBJdjTl2jXznt6kRbWlTk67QLE79zgdhhZTNayfVkVFDWA6nDPvlHddjNQIjkPuVAo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
84caf3b8bcc05a7b-IAD
/
levelflowtr.com/socket.io/ 		2 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://levelflowtr.com/socket.io/?EIO=4&transport=polling&t=OrH7P3z&sid=wbBiXWc6ALL58VAwAANn
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/assets/index-20e9e9be.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c688 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
*/*
Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

date
Sun, 28 Jan 2024 17:28:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgNxp9aBx%2FLQFJ98amfpr5wmi6fYl7kz%2F6q2enLtoMmE5QcYKQUOa2MYG2ioxXOPpy%2FlBLdRYEkgA5NsrQJmwnBw5O1Epz9vv1hZBRncBVaQYeklz%2BsBFOUqt6U1nzLqWqD4sDTfJ5gFgGpQib4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
no-store
cf-ray
84caf3bb8f2d5a7b-IAD
alt-svc
h3=":443"; ma=86400
/
levelflowtr.com/socket.io/ 		32 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://levelflowtr.com/socket.io/?EIO=4&transport=polling&t=OrH7P3-&sid=wbBiXWc6ALL58VAwAANn
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/assets/index-20e9e9be.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c688 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec35ca2d2ccc8eeebc0951a3a40542370e69dcd3ac33b356a9a9a3d55c1f76b6

Request headers

Accept
*/*
Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:28:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwTlxChrLNSxk7vY45HVy6cXMykqCbbQKlU80AJ3%2BdQl5LlKGvAlq194JzS17M47BD3wmk5wKDTvenpjAEAr7FAE9Jj5uqx902NezcnnzUm0FRHdFWNh2uz%2BdjhC68oeLjzD%2FLrvsrvbZ9rBaqA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cache-control
no-store
cf-ray
84caf3bb8f2f5a7b-IAD
alt-svc
h3=":443"; ma=86400
content-length
32
/
fundingchoicesmessages.google.com/f/AGSKWxXRPhdYYduyPjQdD1m_NTKvbp7wwmmLYn7txBBZlZijsptPZ2jwQMkBT8PPf2a1L8kayht25agjNGO1hTtgUk2DFEDQuZX5P7_60mFnEMDtsi57JoffsG33uoo4kQi9tzArtmu5uXohlJtcGAgIsuzgCKBXH... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXRPhdYYduyPjQdD1m_NTKvbp7wwmmLYn7txBBZlZijsptPZ2jwQMkBT8PPf2a1L8kayht25agjNGO1hTtgUk2DFEDQuZX5P7_60mFnEMDtsi57JoffsG33uoo4kQi9tzArtmu5uXohlJtcGAgIsuzgCKBXH7HA6fLrejRkbKe6YAW-3ANXZz_4fNZJ/_/eshopoffer./streamatepop./wpbanners_show.php/footerad..php/ads/
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.YtkvUvr0KhI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwRjr3WO--t1Mw39DbBocqBWnQs6g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f11f7fdb521c2c56466b54995f08d9ebfa39706f9532014b7a3a942a894dcd52
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qFWZl_V2OUl6wkdjyNnd1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:28:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-qFWZl_V2OUl6wkdjyNnd1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxjGIQQEYB_Dnyyde0mXCbHgpZbzZZLiuWCi6SUlKpsvC5DZlUd8b3HTTJSw3GJRZ5Ii6cMMNeJ5k4SwM_sOvfurcElB9yrPmUwbLFU3hO_xLPzD1b2gBJWVLb_AX39IOQppBj1DIGVQEy21HDqjWTKrD8WyS898kD2hw9O7pAt2niPUQF1YTwsOC8AxsRWEXvJSF8-BqCwc7wl8j4R6kDOE0fLDOTahHdW5AJYlDOKNzDE5Zna_wuhpzGdxOe-992bI9TPqfa7oD_slh6g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.YtkvUvr0KhI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwRjr3WO--t1Mw39DbBocqBWnQs6g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f58309f6361e67c1bfc3f0cd9fe217c931c95911b21129dbafb364e2a8902c19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 16:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2290
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11399
x-xss-protection
0
server
cafe
etag
11747613320577944511
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 17:50:18 GMT
AGSKWxUGKceh7WpGiLZ0HuizwOk7MUtiQE7ZiRQH920xXe6cY3wnxVeVwQ-c2X1ets1Ffho1CNGbIraY1VRC8kbY6aAH1OwI-PWZxl_WTWDTjbIHvbXJRHzhUPSIcxRm2t18_G_z2X3YqQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUGKceh7WpGiLZ0HuizwOk7MUtiQE7ZiRQH920xXe6cY3wnxVeVwQ-c2X1ets1Ffho1CNGbIraY1VRC8kbY6aAH1OwI-PWZxl_WTWDTjbIHvbXJRHzhUPSIcxRm2t18_G_z2X3YqQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxeD-IE230jo4CeT4KBR9exv4WH7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-m4i9VNatu7wSGmcMEwmtXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Jan 2024 17:28:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-m4i9VNatu7wSGmcMEwmtXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY8_cW2vZBBoe_njABADumCDz"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://levelflowtr.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUGKceh7WpGiLZ0HuizwOk7MUtiQE7ZiRQH920xXe6cY3wnxVeVwQ-c2X1ets1Ffho1CNGbIraY1VRC8kbY6aAH1OwI-PWZxl_WTWDTjbIHvbXJRHzhUPSIcxRm2t18_G_z2X3YqQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUGKceh7WpGiLZ0HuizwOk7MUtiQE7ZiRQH920xXe6cY3wnxVeVwQ-c2X1ets1Ffho1CNGbIraY1VRC8kbY6aAH1OwI-PWZxl_WTWDTjbIHvbXJRHzhUPSIcxRm2t18_G_z2X3YqQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxeD-IE230jo4CeT4KBR9exv4WH7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kvresURxK1bL0BXIGhPFiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Jan 2024 17:28:28 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kvresURxK1bL0BXIGhPFiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY8_cW2vZBG782vuSCQDtCSEo"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://levelflowtr.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUGKceh7WpGiLZ0HuizwOk7MUtiQE7ZiRQH920xXe6cY3wnxVeVwQ-c2X1ets1Ffho1CNGbIraY1VRC8kbY6aAH1OwI-PWZxl_WTWDTjbIHvbXJRHzhUPSIcxRm2t18_G_z2X3YqQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUGKceh7WpGiLZ0HuizwOk7MUtiQE7ZiRQH920xXe6cY3wnxVeVwQ-c2X1ets1Ffho1CNGbIraY1VRC8kbY6aAH1OwI-PWZxl_WTWDTjbIHvbXJRHzhUPSIcxRm2t18_G_z2X3YqQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxeD-IE230jo4CeT4KBR9exv4WH7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-R-WQlwczZWLIZWyrcXSzDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Jan 2024 17:28:28 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-R-WQlwczZWLIZWyrcXSzDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY8_cW2vZBBpub_3OBADvuSDH"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://levelflowtr.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUGKceh7WpGiLZ0HuizwOk7MUtiQE7ZiRQH920xXe6cY3wnxVeVwQ-c2X1ets1Ffho1CNGbIraY1VRC8kbY6aAH1OwI-PWZxl_WTWDTjbIHvbXJRHzhUPSIcxRm2t18_G_z2X3YqQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUGKceh7WpGiLZ0HuizwOk7MUtiQE7ZiRQH920xXe6cY3wnxVeVwQ-c2X1ets1Ffho1CNGbIraY1VRC8kbY6aAH1OwI-PWZxl_WTWDTjbIHvbXJRHzhUPSIcxRm2t18_G_z2X3YqQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxeD-IE230jo4CeT4KBR9exv4WH7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Kkk3h7IUGBoeXouH97B1GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Jan 2024 17:28:28 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Kkk3h7IUGBoeXouH97B1GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY8_cW2vZBBY0bPzBBADqAyB5"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://levelflowtr.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXthg3UqORkVC33tU6UB21ZQgtcNGy65lQvuS_AvsxPotznGVmeX5b8SD3MbRGsg5Ey9YQ6U6Dsk-5J4nXgKn0IRofH5JSodkKABfkWCekmnO1BgPPilyNZVZUZpMNGFSgFkQTDKw==
fundingchoicesmessages.google.com/f/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXthg3UqORkVC33tU6UB21ZQgtcNGy65lQvuS_AvsxPotznGVmeX5b8SD3MbRGsg5Ey9YQ6U6Dsk-5J4nXgKn0IRofH5JSodkKABfkWCekmnO1BgPPilyNZVZUZpMNGFSgFkQTDKw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NDYyOTA4LDc3NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbGV2ZWxmbG93dHIuY29tLyIsbnVsbCxbWzgsIll0a3ZVdnIwS2hJIl0sWzksIm5sIl0sWzE5LCIxIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxeD-IE230jo4CeT4KBR9exv4WH7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
589683704568f5afc018d1c4369214ccdb64baecdaaa2b0eb0bcb4b1687d3fce
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jIH375skmJN0J9ylfR6AcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:28:28 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jIH375skmJN0J9ylfR6AcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXFEKghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smnq8vmSSAWAOI30m-YvoGxDt8PFjehE9n5YqYznq6YDrrZSBmq5jOygfEcXXTWfOAmG_ddFbd9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCUayAZip_QZrEFA_DlzButvIC67fY61DoiFeDj2zL21lk3gxvzJ_cwAsXhcWw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
levelflowtr-mainwallpaper.webp
levelflowtr.com/assets/img/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levelflowtr.com/assets/img/levelflowtr-mainwallpaper.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c688 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ce704cf1b677a8be53ca97b36f0ae95c59a035828b684edf25bb1f66f9984c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:28:29 GMT
cf-cache-status
MISS
last-modified
Sat, 14 Oct 2023 18:05:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"652ad87c-15634"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXqNGsGFTwutsfmd3FTHbNXT0xOFbGsq3WgKjrmivbtcKMCA6WFAmbnqBD%2FjBdJFhLKzPIf%2Br0hQyrN%2FQxMlsCIRy1EW9LNphpZFGJIox9iI2jJ592kg15oNGR%2BUMbaE%2BCVufceIG6CIvxHQgSo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
84caf3bc4fe95a7b-IAD
alt-svc
h3=":443"; ma=86400
content-length
87604
expires
Tue, 27 Feb 2024 17:28:29 GMT
AGSKWxUTIOuRSOv_hsuIRfEswbE8ITTxssOM5_SpJ1u8KkIZ5VQY1CJVctCKHM3LPwHG3Fdr73Fy2FKhYAn6L7FK6udYIZTegx-5KM9_mtxcaGEaNHBZS0cjcyLdZKenb0hktBGmCyT0pA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUTIOuRSOv_hsuIRfEswbE8ITTxssOM5_SpJ1u8KkIZ5VQY1CJVctCKHM3LPwHG3Fdr73Fy2FKhYAn6L7FK6udYIZTegx-5KM9_mtxcaGEaNHBZS0cjcyLdZKenb0hktBGmCyT0pA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NDYyOTA4LDg1NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbGV2ZWxmbG93dHIuY29tL2xvZ2luIixudWxsLFtbOCwiWXRrdlV2cjBLaEkiXSxbOSwibmwiXSxbMTksIjEiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxeD-IE230jo4CeT4KBR9exv4WH7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fccd7f6e64a3ad179d6550dcaa476127e7e0893a57b0fe8af14d5dc90ebebd28
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_SF6CFT8q6cLp7-eg5Nd_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 17:28:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-_SF6CFT8q6cLp7-eg5Nd_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4K8hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gbistvnWOuAWIiHY8_cW2vZBDrmT9jBDACm5Vwb"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUCe9BN-ODrEuJw4ozFP1yXDPqMHmIYITv3dLjgDx0uRn6p4ffNaE4LXmuD_Vnt01TFyzGRW2MMRT6T02i3SFbWHkqcevPWTltQEzjGx7djWzTDJzpOf6FG8B_OnhD1YZ0xBSJucg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUCe9BN-ODrEuJw4ozFP1yXDPqMHmIYITv3dLjgDx0uRn6p4ffNaE4LXmuD_Vnt01TFyzGRW2MMRT6T02i3SFbWHkqcevPWTltQEzjGx7djWzTDJzpOf6FG8B_OnhD1YZ0xBSJucg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxeD-IE230jo4CeT4KBR9exv4WH7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VrgNEml7C1azmCyEMsyZ5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Jan 2024 17:28:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-VrgNEml7C1azmCyEMsyZ5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY8_cW2vZBGZsm3aKGQDsKSBm"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://levelflowtr.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| __h82AlnkH6D91__ function| __p4qa8r1lb17__ string| cHViLTk0MjIwNDk5NjQwODc3NDM= object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZmZlNzJkY2QyOTNhYWU5OWxvYWRlcl9qcw== string| ZmZlNzJkY2QyOTNhYWU5OWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| FontAwesomeConfig object| ___FONT_AWESOME___ function| momentDurationFormatSetup number| uidEvent function| google_sa_impl function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| 77f3e328-d540-47d8-a30d-6ae624eb3b33

2 Cookies

Domain/Path Name / Value
levelflowtr.com/ Name: sid
Value: s%3Ag1VCmumeiRRBxdBRUXwCxnSZOsNpp_r8.2oFCgKx02tagFqu1byoykvRePlO3IzpcqtCOgIPqXrI
.levelflowtr.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8e6EFWBfMPWBQzii14q-ct4xuV25h-y9C--X6zXfGGgn2S2CjOyPj-lV0ytgH5eKYk4jpVyEE_pT0BDbNn3z98AanRM8ytgx5A_A4418riofA1C6Hk3vAU25Ygy4I0PwnNQLZqgx2OeEfd3h2NE1gb0aqwzw%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cashflowtr.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
levelflowtr.com
pagead2.googlesyndication.com
2606:4700:3031::ac43:c688
2a00:1450:4001:813::2002
2a00:1450:4001:830::200e
2a06:98c1:3121::3
1320f2fa1533d284a9fd5f0ca3323a5f6ad91af3db9c9dc7a139188f5a9f9ff7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3c146f20cca856a7106f9a84a7c95ed3442f4153432c5557a002105727618a34
48095dbdabad01da5ee879de80a449e9297bf100ee6154b1cbe6455cd2d79aba
589683704568f5afc018d1c4369214ccdb64baecdaaa2b0eb0bcb4b1687d3fce
5e09f42266d6ad008b5a69916874f8bc0963d91254d5825421d11ab274926c9c
62c8219e13b355fc2bf84035a328f3d28aacd98fe148b6369b1dde30cb5e4218
7aa4d783d9899e10e2b3bd2106529242228e26e316b88b8926db551ba0753c96
8aa06759da6af9878325a7b76e0c2a27516b85ca0022c140bd02d236e4ce81e5
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a7ce704cf1b677a8be53ca97b36f0ae95c59a035828b684edf25bb1f66f9984c
aaae9f113568ae9a014770dcbb7536b90a79353fa72d646f2258f05e31894ebe
d36e7a7b394bb1a5398b95d802f2bde5b6ad8bebb4fe1bda230f0794e32b32f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec35ca2d2ccc8eeebc0951a3a40542370e69dcd3ac33b356a9a9a3d55c1f76b6
ed4bd3eb3d3ad034266b02cac3a1bc50c1a8ff15e0bc6b80310581f4da8e3507
f11f7fdb521c2c56466b54995f08d9ebfa39706f9532014b7a3a942a894dcd52
f58309f6361e67c1bfc3f0cd9fe217c931c95911b21129dbafb364e2a8902c19
fccd7f6e64a3ad179d6550dcaa476127e7e0893a57b0fe8af14d5dc90ebebd28