v6tbyq.medical.lvlex.link Open in urlscan Pro
3.20.55.206 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://v6tbyq.medical.lvlex.link/
Submission: On March 17 via api (March 17th 2024, 3:19:44 pm UTC) from US — Scanned from US

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 3.20.55.206, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is v6tbyq.medical.lvlex.link.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on December 17th 2023. Valid for: a year.

This is the only time v6tbyq.medical.lvlex.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	3.20.55.206 3.20.55.206	16509 (AMAZON-02) (AMAZON-02)
2	18.67.65.22 18.67.65.22	16509 (AMAZON-02) (AMAZON-02)
9	3

7 3.20.55.206 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-55-206.us-east-2.compute.amazonaws.com

v6tbyq.medical.lvlex.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.67.65.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-22.iad89.r.cloudfront.net

cdn.lvlex.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	lvlex.link v6tbyq.medical.lvlex.link cdn.lvlex.link	70 KB
9	1

	Domain	Requested by
7	v6tbyq.medical.lvlex.link	v6tbyq.medical.lvlex.link
2	cdn.lvlex.link	v6tbyq.medical.lvlex.link
9	2

This site contains links to these domains. Also see Links.

Domain
medical.lvlex.link

Subject Issuer	Validity	Valid
*.medical.lvlex.link AlphaSSL CA - SHA256 - G4	`2023-12-17` - `2025-01-17`	a year	crt.sh
*.lvlex.link AlphaSSL CA - SHA256 - G4	`2023-11-10` - `2024-12-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://v6tbyq.medical.lvlex.link/
Frame ID: CB6E0FFBF3C1946582C876AB65D1224F
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Medical - PUBLIC LINK

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

3
IPs

1
Countries

70 kB
Transfer

221 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://medical.lvlex.link/drop_sort

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response v6tbyq.medical.lvlex.link/	8 KB 8 KB	209ms 52ms	Document text/html	3.20.55.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://v6tbyq.medical.lvlex.link/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.20.55.206 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-20-55-206.us-east-2.compute.amazonaws.com Software Microsoft-HTTPAPI/2.0 / Resource Hash `c9586ec95a491f6d1c77e0967f307b99d16156887af8702f535c1dd88633ecea` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-store content-length 8286 content-type text/html date Sun, 17 Mar 2024 15:19:39 GMT last-modified Sun, 17 Mar 2024 15:19:39 GMT server Microsoft-HTTPAPI/2.0
GET H2	200	default.css v6tbyq.medical.lvlex.link/themes/	3 KB 1 KB	46ms 44ms	Stylesheet text/css	3.20.55.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://v6tbyq.medical.lvlex.link/themes/default.css Requested by Host: v6tbyq.medical.lvlex.link URL: https://v6tbyq.medical.lvlex.link/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.20.55.206 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-20-55-206.us-east-2.compute.amazonaws.com Software Microsoft-HTTPAPI/2.0 / Resource Hash `3dd701c85307c8d7629af4ecdecda27cfab595fecd6bae069d3fbd759446d12e` Request headers accept-language en-US,en;q=0.9 Referer https://v6tbyq.medical.lvlex.link/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 15:19:39 GMT content-encoding br last-modified Mon, 30 Jan 2023 05:11:37 GMT server Microsoft-HTTPAPI/2.0 access-control-allow-methods GET content-type text/css access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=3600, public access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-length 879
GET H2	200	main_menu.css v6tbyq.medical.lvlex.link/css/	19 KB 3 KB	48ms 46ms	Stylesheet text/css	3.20.55.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://v6tbyq.medical.lvlex.link/css/main_menu.css Requested by Host: v6tbyq.medical.lvlex.link URL: https://v6tbyq.medical.lvlex.link/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.20.55.206 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-20-55-206.us-east-2.compute.amazonaws.com Software Microsoft-HTTPAPI/2.0 / Resource Hash `a5daa860c2cb598e0e84c2fd1b00fb0960b814862651370537a7d0340129a8f8` Request headers accept-language en-US,en;q=0.9 Referer https://v6tbyq.medical.lvlex.link/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 15:19:39 GMT content-encoding br last-modified Wed, 09 Aug 2023 05:34:22 GMT server Microsoft-HTTPAPI/2.0 access-control-allow-methods GET content-type text/css access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=3600, public access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-length 3009
GET H2	200	web_publicLinks_url.css v6tbyq.medical.lvlex.link/css/	129 KB 18 KB	49ms 47ms	Stylesheet text/css	3.20.55.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://v6tbyq.medical.lvlex.link/css/web_publicLinks_url.css Requested by Host: v6tbyq.medical.lvlex.link URL: https://v6tbyq.medical.lvlex.link/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.20.55.206 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-20-55-206.us-east-2.compute.amazonaws.com Software Microsoft-HTTPAPI/2.0 / Resource Hash `0f9745d66aa622363e9c40ec632743c3f24495c794fbf32062e0d02142d980c5` Request headers accept-language en-US,en;q=0.9 Referer https://v6tbyq.medical.lvlex.link/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 15:19:39 GMT content-encoding br last-modified Tue, 14 Nov 2023 17:10:39 GMT server Microsoft-HTTPAPI/2.0 access-control-allow-methods GET content-type text/css access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=3600, public access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-length 18616
GET H2	200	levelex-remoteplay-white-2@2x.png cdn.lvlex.link/images/	13 KB 13 KB	167ms 49ms	Image image/png	18.67.65.22 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.lvlex.link/images/levelex-remoteplay-white-2@2x.png Requested by Host: v6tbyq.medical.lvlex.link URL: https://v6tbyq.medical.lvlex.link/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.65.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-65-22.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash `5b550010013cd7cf93957412dd87c0478603949d2ea4085d4debce6744488f53` Request headers accept-language en-US,en;q=0.9 Referer https://v6tbyq.medical.lvlex.link/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id DZGIrQ_jXi5DrVWTzYpeWR6p85GcEo6Q date Sun, 17 Mar 2024 11:06:35 GMT via 1.1 0920aeb1eced22df07c9ece1cab0a554.cloudfront.net (CloudFront) x-amz-cf-pop IAD89-P1 age 15185 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 13085 last-modified Wed, 01 Nov 2023 17:51:04 GMT server AmazonS3 etag "2661ec675b0c35bd3a0345b6f945821b" vary Accept-Encoding, Origin content-type image/png cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id y-IzZGWMIHeQKnOLP6T7pO2bqvsTpo5x9Hb7m9WAWOj5bIztesfFpA==
GET H2	200	web_registration_websocket.js Show response v6tbyq.medical.lvlex.link/script/	10 KB 3 KB	49ms 48ms	Script application/x-javascript	3.20.55.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://v6tbyq.medical.lvlex.link/script/web_registration_websocket.js Requested by Host: v6tbyq.medical.lvlex.link URL: https://v6tbyq.medical.lvlex.link/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.20.55.206 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-20-55-206.us-east-2.compute.amazonaws.com Software Microsoft-HTTPAPI/2.0 / Resource Hash `204e834751a0f83f89aa9dd34cfba03279ee4881a3d594f90211895512b30ff0` Request headers Referer https://v6tbyq.medical.lvlex.link/ Origin https://v6tbyq.medical.lvlex.link accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 15:19:39 GMT content-encoding br last-modified Mon, 05 Feb 2024 20:04:24 GMT server Microsoft-HTTPAPI/2.0 access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=3600, public access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-length 2839
GET DATA	200 OK	truncated /	401 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `47c11c559a23fc1cfe357c7c5b640a8a3fdfdf8ae669f2e430ca4892304e59c9` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	common.js Show response v6tbyq.medical.lvlex.link/script/	8 KB 3 KB	44ms 44ms	Script application/x-javascript	3.20.55.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://v6tbyq.medical.lvlex.link/script/common.js Requested by Host: v6tbyq.medical.lvlex.link URL: https://v6tbyq.medical.lvlex.link/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.20.55.206 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-20-55-206.us-east-2.compute.amazonaws.com Software Microsoft-HTTPAPI/2.0 / Resource Hash `145bd9008992cb39c91dbaeebb8778bea562c01a06307717554796adbd2db428` Request headers Referer https://v6tbyq.medical.lvlex.link/script/web_registration_websocket.js Origin https://v6tbyq.medical.lvlex.link accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 15:19:39 GMT content-encoding br last-modified Wed, 14 Feb 2024 23:36:18 GMT server Microsoft-HTTPAPI/2.0 access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=3600, public access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-length 2995
GET H2	200	auth3.js Show response v6tbyq.medical.lvlex.link/script/	14 KB 4 KB	44ms 44ms	Script application/x-javascript	3.20.55.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://v6tbyq.medical.lvlex.link/script/auth3.js Requested by Host: v6tbyq.medical.lvlex.link URL: https://v6tbyq.medical.lvlex.link/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.20.55.206 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-20-55-206.us-east-2.compute.amazonaws.com Software Microsoft-HTTPAPI/2.0 / Resource Hash `9c2ca02792cc81fa01fecf0fda58fb16d9b73f7831e72a37aa9015f35fe1feaf` Request headers Referer https://v6tbyq.medical.lvlex.link/script/web_registration_websocket.js Origin https://v6tbyq.medical.lvlex.link accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 15:19:39 GMT content-encoding br last-modified Wed, 01 Jun 2022 01:34:32 GMT server Microsoft-HTTPAPI/2.0 access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=3600, public access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-length 3706
GET H2	200	open-sans-v29-latin-regular.woff2 cdn.lvlex.link/fonts/	16 KB 17 KB	115ms 43ms	Font font/woff2	18.67.65.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.lvlex.link/fonts/open-sans-v29-latin-regular.woff2 Requested by Host: v6tbyq.medical.lvlex.link URL: https://v6tbyq.medical.lvlex.link/css/main_menu.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.65.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-65-22.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash `9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289` Request headers Referer https://v6tbyq.medical.lvlex.link/ Origin https://v6tbyq.medical.lvlex.link accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 11:06:35 GMT x-amz-version-id FCEGYNqSYUDdO7OnwlFKp2t87MF.whap via 1.1 066fc17b108820c747336d8f45e8ea54.cloudfront.net (CloudFront) x-amz-cf-pop IAD89-P1 age 15185 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 16720 last-modified Wed, 15 Mar 2023 15:23:38 GMT server AmazonS3 etag "c416910cae8fe4258cdf8c35933e9f4c" content-type font/woff2 access-control-allow-origin * access-control-expose-headers * cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id eYUyIwFb6l5p_tmL77s5MNSJ8j2J-RRomvI0bsjuNE2t5zVwdyAnhQ==

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.medical.lvlex.link/	1970-01-20 19:32:21	Name: remote-userId Value: 058b5cb7-0b43-446c-8751-c93678427baf

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.lvlex.link
v6tbyq.medical.lvlex.link
18.67.65.22
3.20.55.206
0f9745d66aa622363e9c40ec632743c3f24495c794fbf32062e0d02142d980c5
145bd9008992cb39c91dbaeebb8778bea562c01a06307717554796adbd2db428
204e834751a0f83f89aa9dd34cfba03279ee4881a3d594f90211895512b30ff0
3dd701c85307c8d7629af4ecdecda27cfab595fecd6bae069d3fbd759446d12e
47c11c559a23fc1cfe357c7c5b640a8a3fdfdf8ae669f2e430ca4892304e59c9
5b550010013cd7cf93957412dd87c0478603949d2ea4085d4debce6744488f53
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
9c2ca02792cc81fa01fecf0fda58fb16d9b73f7831e72a37aa9015f35fe1feaf
a5daa860c2cb598e0e84c2fd1b00fb0960b814862651370537a7d0340129a8f8
c9586ec95a491f6d1c77e0967f307b99d16156887af8702f535c1dd88633ecea

v6tbyq.medical.lvlex.link Open in urlscan Pro 3.20.55.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

3 IPs

1 Countries

70 kBTransfer

221 kBSize

1 Cookies

1 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

1 Cookies

Indicators

v6tbyq.medical.lvlex.link Open in urlscan Pro
3.20.55.206 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

3
IPs

1
Countries

70 kB
Transfer

221 kB
Size

1
Cookies

9 HTTP transactions
1 data transactions