urlscan.io logo urlscan.io
SecurityTrails logo

levelflowtr.com Open in urlscan Pro
2606:4700:3033::6815:2c64  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cashflowtr.com/
Effective URL: https://levelflowtr.com/
Submission: On March 03 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3033::6815:2c64, located in United States and belongs to CLOUDFLARENET, US. The main domain is levelflowtr.com.
TLS certificate: Issued by GTS CA 1P5 on February 4th 2024. Valid for: 3 months.
This is the only time levelflowtr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
9 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 4
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cashflowtr.com
9    2606:4700:3033::6815:2c64 (United States)

ASN13335 (CLOUDFLARENET, US)
levelflowtr.com
3    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647
76 KB
9 levelflowtr.com
levelflowtr.com
575 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
188 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
4 KB
1 cashflowtr.com
cashflowtr.com
671 B
25 5
Domain Requested by
12 fundingchoicesmessages.google.com levelflowtr.com
9 levelflowtr.com levelflowtr.com
3 pagead2.googlesyndication.com levelflowtr.com
pagead2.googlesyndication.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 cashflowtr.com 1 redirects
25 5

This site contains links to these domains. Also see Links.

Domain
discord.gg
Subject Issuer Validity Valid
levelflowtr.com
GTS CA 1P5		 2024-02-04 -
2024-05-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://levelflowtr.com/
Frame ID: B710FFEE0C49101E27BDB49BD2F302B8
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: B154862E12691716E9599F268B5E425D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LevelflowTR

Page URL History Show full URLs

  1. http://cashflowtr.com/ HTTP 301
    https://levelflowtr.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

25
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

843 kB
Transfer

2716 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cashflowtr.com/ HTTP 301
    https://levelflowtr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
levelflowtr.com/
Redirect Chain
  • http://cashflowtr.com/
  • https://levelflowtr.com/
17 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://levelflowtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2c64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db29298daa1e2b1df40b107cff10f01c7074d7db2922eebcebd5ca7457ba52b8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85ea9542be3b6700-AMS
content-encoding
gzip
content-type
text/html
date
Sun, 03 Mar 2024 15:15:38 GMT
last-modified
Fri, 01 Mar 2024 20:38:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctVOIPESWYzklZnO%2Bpl6BKdRXWmA5sQAl2cgP%2F64uAxx6aOAgyF%2FOu7LElGXCxCDWCAEwPe8AJLCtHLuMlFdHrtjuASRv2C1zDQuvw5ihHsSpexGbJ4M3lkEZjuaU5i%2BNXxw4oGgwpffwqbck6A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
85ea95420cbcb956-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 03 Mar 2024 15:15:37 GMT
Expires
Sun, 03 Mar 2024 16:15:37 GMT
Location
https://levelflowtr.com
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9zvzdC4qhDpjEw2pwsrwXjzbEe5tC%2Bye3EEcHTWnpxhM7cW5D4APKyoxEOk2WDtodiCjIqbEqKaEqwvkBo%2BALckwMldseWsWMkNiYgMEwBIA9AkMmNT6xzwnFq2Jx8OyHbHeiJ8MGV17w2Hpw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9422049964087743
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
156c764796c592ba648cabc2e63a0877c8cc8f05be1239a764dcbcd68050c81a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://levelflowtr.com/
Origin
https://levelflowtr.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50968
x-xss-protection
0
server
cafe
etag
11683604285347498965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 03 Mar 2024 15:15:38 GMT
pub-9422049964087743
fundingchoicesmessages.google.com/i/ 		183 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-9422049964087743?ers=1
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f366c2a65911ec6d06ef8a2461dc87d7a06f8bc0109590d99358321c098f9c01
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--8-wsepv1Uk5PBmvReKFQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:38 GMT
content-security-policy
script-src 'report-sample' 'nonce--8-wsepv1Uk5PBmvReKFQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmJw05BiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTDMWvFpPVsAg2dW6cwAgD-aCyq"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
index-7d4eca60.js
levelflowtr.com/assets/ 		1 MB
428 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://levelflowtr.com/assets/index-7d4eca60.js
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2c64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0be6fd763f8a41a6e65026f294ba7795fd3548eceba0aee21f539ddea585fbd

Request headers

Referer
https://levelflowtr.com/
Origin
https://levelflowtr.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 01 Mar 2024 20:38:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
147328
etag
W/"65e23caf-16a020"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgu0FgHI%2FFoHylHNA2p%2FiZHEXADJ3fZ%2FgbVfOm3y13zJ8YeFW7VIYvkaJJjDI1%2FnaIcoinPSDTzNY5GWURXSnFxcyfxvXZ1N8UP%2FFUakw1O%2BUhofoL5V8e%2BMcVxvxxRm4Gzq6utT64JdJUVXJhY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
85ea9543d8a86700-AMS
alt-svc
h3=":443"; ma=86400
expires
Sun, 31 Mar 2024 22:20:10 GMT
index-3cb65b76.css
levelflowtr.com/assets/ 		391 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://levelflowtr.com/assets/index-3cb65b76.css
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2c64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cb65b76f8a3e03601733d4f827f62dd1e8889ba1c38e452ca6330cb52a198bf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 27 Feb 2024 02:21:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
362387
etag
W/"65dd470e-61a4c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzC%2BbsyjWJV8%2FlG1QnkIcAA1UEPQo%2FOUJ%2FVzf%2BSVPVhLzhGKjqf%2Bfb%2FGqpyddGC6N7Shb9n%2BWzejrW2IrVTjq617QPpR9SKYjhi%2Fq3R8q3EZVk%2FWhAVZAa%2FnuscM%2F%2F3VGC%2Bk6t4tQBwDpMcBIuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
85ea9543d8a56700-AMS
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Mar 2024 10:35:51 GMT
pub-9422049964087743
fundingchoicesmessages.google.com/b/ 		10 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/b/pub-9422049964087743
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af0d4395b49373346f37b8ccc85c97568a3c6f5289d4a507a6477eb83e402d9d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-FgZ6neah2cPkp9knDzx7Kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-FgZ6neah2cPkp9knDzx7Kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytHikmJw0JBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pJJ4OtLJgkg1gLiHT4eLHzrprOqALHh-umskUAc83w6awoQO6XPYA0BYp_6GaxxQCzEwzFrxaT1bAInfs_pZQQAOuwyTg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU0UqvMTlvn8QG3GiP7n5fKyy5RhfmMUHMQUn6scZDZKnKPFq5CGXgVSWJBPz-JWENYf_DtVmKqbRyrDn8Jhzg_PA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU0UqvMTlvn8QG3GiP7n5fKyy5RhfmMUHMQUn6scZDZKnKPFq5CGXgVSWJBPz-JWENYf_DtVmKqbRyrDn8Jhzg_PA==
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UuvWDOeXG2e0LH9WWc0ufA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-UuvWDOeXG2e0LH9WWc0ufA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDMWvFpPVsAjOmzr7ECACKMxEC"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://levelflowtr.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
levelflowtr.com/socket.io/ 		118 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://levelflowtr.com/socket.io/?EIO=4&transport=polling&t=Ou4ueSM
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/assets/index-7d4eca60.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f92712236561bfe4aa84ba44691ec9dd23bfb8725a044dc7af08fc04a3c5eaa

Request headers

Accept
*/*
Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWbOX4r07FC3rSxQYxjyd9mJbMUs%2Bx1tZE72jbaH7QH1%2FB7nXdL%2BGwYAMq8GwvEAsZyjl%2BTprOgJITS74G5vaO7gKier9z0xiMEQffbhxpy%2F4JRgJOJgAJ%2BcgMJrCeMTyiSv4379OZXJJrrmL3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cache-control
no-store
cf-ray
85ea95450ce56654-AMS
alt-svc
h3=":443"; ma=86400
check-session
levelflowtr.com/api/auth/ 		18 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://levelflowtr.com/api/auth/check-session
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/assets/index-7d4eca60.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aa06759da6af9878325a7b76e0c2a27516b85ca0022c140bd02d236e4ce81e5
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:38 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
content-length
18
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"12-5Ti4RxX6tW4QHCzTPHbTwIiTtA8"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://levelflowtr.com
origin-agent-cluster
?1
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkvH63v5JyZtAep69zLHZGQTbkj8JoxRI%2FSqB7OE1ZBhv2LMUjBhWSuFJqbXvgbL8%2B9jpLXzLuB6RBAgufMF7JNQCdcE3jlEfgXA5IZsF8FxyWmPu%2FcWqWEFVfMG5D8o99jhaq7DbX2tezevIRA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
85ea95454d5b6654-AMS
AGSKWxXKL43faVX9XKGA98o9ShrnW1Pl0rWXAaje4oG2ZSrQAvUZOyNe5c7rHUuHrZgVpdtwTqvAQjuE0M8Jg9F9OTFjtGwjtcB4Kk9FUeO8ocAwJp8uM1n5b89g8x2GCnTKVhkozIjuAw==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXKL43faVX9XKGA98o9ShrnW1Pl0rWXAaje4oG2ZSrQAvUZOyNe5c7rHUuHrZgVpdtwTqvAQjuE0M8Jg9F9OTFjtGwjtcB4Kk9FUeO8ocAwJp8uM1n5b89g8x2GCnTKVhkozIjuAw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5NDc4OTM4LDQ1MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9sZXZlbGZsb3d0ci5jb20vIixudWxsLFtbOCwidnpyTnZIUS1jeW8iXSxbOSwibmwiXSxbMjAsIltudWxsLG51bGwsWzk1MzI1OTkxXSxudWxsLDE4XSJdLFsxOSwiMSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMy1IAN4jOEtIpqcXKMAogmmqiUUoQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
97e6755b327d3f258c4879788e4474bb8e2801abae0d1b816836863b7ec44bde
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-VQNqZCtnGtYLJrs_Zi-U9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-VQNqZCtnGtYLJrs_Zi-U9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTDMWvFpPVsAisWfW9gAgABjC0d"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 		407 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9422049964087743&plah=levelflowtr.com&aplac=true&bust=31081511
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9422049964087743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4542be6d34279915b51d311f75691df3522580234e57b9fdcba43e52860b88e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140927
x-xss-protection
0
server
cafe
etag
12278117766881817223
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 03 Mar 2024 15:15:38 GMT
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/ Frame B154 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9422049964087743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://levelflowtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
18952
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 09:59:46 GMT
etag
5035419970550746386
expires
Sun, 17 Mar 2024 09:59:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
levelflowtr.com/socket.io/ 		2 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://levelflowtr.com/socket.io/?EIO=4&transport=polling&t=Ou4ueUx&sid=UZKLaXoL5wtocwa5AABH
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/assets/index-7d4eca60.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
*/*
Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

date
Sun, 03 Mar 2024 15:15:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9YgYH5y6LA43IGgnyBdRuhx%2Fis6BzgGuJ9CaDxYEPeSW%2BbCIUdqsrqkysvdNnxl8oa4y2xhu6X8n50Nc0q9rFzOiUwVhx8y%2FGuEJHJdr2a608VSTSbMUOG8IL15phx%2BKqRQ%2BM1stsF5kf7oYsE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
no-store
cf-ray
85ea95460e936654-AMS
alt-svc
h3=":443"; ma=86400
/
levelflowtr.com/socket.io/ 		32 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://levelflowtr.com/socket.io/?EIO=4&transport=polling&t=Ou4ueUx.0&sid=UZKLaXoL5wtocwa5AABH
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/assets/index-7d4eca60.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a14e6dc7efb47ac424051f5c4669a2658a77c066e3a5a92a938a167d462a5bf4

Request headers

Accept
*/*
Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BxmZS1COGMhLqgxeZz4wGYzEXl40c4St%2FibDp73MWtIuK7ZeVNa6sXFYxDRxGtukWiU9NASCph2mRJbPE3A4kM%2BXenXGune9ZxpTy%2FPLf6gtxMKBC6JCxsXsLyr95VtY9m3Ifoy%2B5RvoDoupe0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cache-control
no-store
cf-ray
85ea95460e976654-AMS
alt-svc
h3=":443"; ma=86400
content-length
32
/
levelflowtr.com/socket.io/ 		1 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://levelflowtr.com/socket.io/?EIO=4&transport=polling&t=Ou4ueXJ&sid=UZKLaXoL5wtocwa5AABH
Requested by
Host: levelflowtr.com
URL: https://levelflowtr.com/assets/index-7d4eca60.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

Accept
*/*
Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z929ot0sIApY%2BDnZetgi70ZJp8k120KQZ02HKnKy7n5KHerWWWVvphboK3wmM6CCkKAOJc32uv1DSm8IV7e4TYKEogevXbNMZs5oNBS%2BnBO1YBm9Ojs7p8BXLBD%2BtGdPYKfPQX1Ag59s5Vpovto%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cache-control
no-store
cf-ray
85ea9546f82e6654-AMS
alt-svc
h3=":443"; ma=86400
content-length
1
levelflowtr-mainwallpaper.webp
levelflowtr.com/assets/img/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levelflowtr.com/assets/img/levelflowtr-mainwallpaper.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2c64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ce704cf1b677a8be53ca97b36f0ae95c59a035828b684edf25bb1f66f9984c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:38 GMT
cf-cache-status
MISS
last-modified
Sat, 14 Oct 2023 18:05:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"652ad87c-15634"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wg06dXQQrOuXa3tb7SQUHp%2BkwzbV5zH5w%2B7JxCJ6DgDDXBQRcMRHXJy%2B%2BO%2F4UI1v5fIaTRXbZkiQlty4QZlq%2BlQcaEUS9%2BMLjBE6h%2BB2Mz%2F3sfjA8camMqlR7BaONvi6KrE%2BZF19lB%2BeckCO8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
85ea954718a56654-AMS
alt-svc
h3=":443"; ma=86400
content-length
87604
expires
Tue, 02 Apr 2024 15:15:38 GMT
get
fundingchoicesmessages.google.com/f/AGSKWxXpBdoIMjMcBxu5YFCY-aIR1aFMr6dDRlbgxtrfP3QWCOLT3nVPQzcZbozADie4mkx1YaTT9Od6yTU1HuRDIY_tDeMAxc24d5uEYI1k7OVZNP98m4RyKvhd1kuTyTFQlr4JNMUJ6XRhX-iK6bDlL-E-h-Y2Z... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXpBdoIMjMcBxu5YFCY-aIR1aFMr6dDRlbgxtrfP3QWCOLT3nVPQzcZbozADie4mkx1YaTT9Od6yTU1HuRDIY_tDeMAxc24d5uEYI1k7OVZNP98m4RyKvhd1kuTyTFQlr4JNMUJ6XRhX-iK6bDlL-E-h-Y2ZpdTHgwCSWKf61oUvMmJQbcV9tCtzwa3/_/adzbotm.-ads/get?/video_ad./adbug_.adserve.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.vzrNvHQ-cyo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzyN6Cc_VOTypYisgH6dRMTiXSc3Q/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c1169d68f1d6fb1d2bee119530078e971188dbeb962196f8dc9b92e58e881eb2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZlPpURkVu5IVRm8k1kg7cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-ZlPpURkVu5IVRm8k1kg7cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmII1pBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTNMXvFpPVsAj8-HgoDANo5LWU"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.vzrNvHQ-cyo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzyN6Cc_VOTypYisgH6dRMTiXSc3Q/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 09:21:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
21241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 09:21:38 GMT
AGSKWxXc8LbWWsfqWHx-WJc-vmXE8kU_ng_5pcvru9qeHwBoY0j4GVF61uiTrYUloccKCUwtQUerXVIhVXBHGwtA5IoycVZA63wFpb-mHjXQCAVVpe002t5__7JopcnnGKPhRob0W5ncyg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXc8LbWWsfqWHx-WJc-vmXE8kU_ng_5pcvru9qeHwBoY0j4GVF61uiTrYUloccKCUwtQUerXVIhVXBHGwtA5IoycVZA63wFpb-mHjXQCAVVpe002t5__7JopcnnGKPhRob0W5ncyg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMy1IAN4jOEtIpqcXKMAogmmqiUUoQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VsNm7CfL1lO4SenIB1pWkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Mar 2024 15:15:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VsNm7CfL1lO4SenIB1pWkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw05BiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTNMXvFpPVsAhOufA4DAHkfEQ8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://levelflowtr.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXc8LbWWsfqWHx-WJc-vmXE8kU_ng_5pcvru9qeHwBoY0j4GVF61uiTrYUloccKCUwtQUerXVIhVXBHGwtA5IoycVZA63wFpb-mHjXQCAVVpe002t5__7JopcnnGKPhRob0W5ncyg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXc8LbWWsfqWHx-WJc-vmXE8kU_ng_5pcvru9qeHwBoY0j4GVF61uiTrYUloccKCUwtQUerXVIhVXBHGwtA5IoycVZA63wFpb-mHjXQCAVVpe002t5__7JopcnnGKPhRob0W5ncyg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMy1IAN4jOEtIpqcXKMAogmmqiUUoQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Y8mTU98X6eR4pON-6FR95w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Mar 2024 15:15:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Y8mTU98X6eR4pON-6FR95w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTNMXvFpPVsAic-nk0CAHnpEUk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://levelflowtr.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXc8LbWWsfqWHx-WJc-vmXE8kU_ng_5pcvru9qeHwBoY0j4GVF61uiTrYUloccKCUwtQUerXVIhVXBHGwtA5IoycVZA63wFpb-mHjXQCAVVpe002t5__7JopcnnGKPhRob0W5ncyg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXc8LbWWsfqWHx-WJc-vmXE8kU_ng_5pcvru9qeHwBoY0j4GVF61uiTrYUloccKCUwtQUerXVIhVXBHGwtA5IoycVZA63wFpb-mHjXQCAVVpe002t5__7JopcnnGKPhRob0W5ncyg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMy1IAN4jOEtIpqcXKMAogmmqiUUoQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-m3be_NNPYf0cvyrik1Pn2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Mar 2024 15:15:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-m3be_NNPYf0cvyrik1Pn2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw0ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTNMXvFpPVsAh_-Hc0GAHkUEXY"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://levelflowtr.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXc8LbWWsfqWHx-WJc-vmXE8kU_ng_5pcvru9qeHwBoY0j4GVF61uiTrYUloccKCUwtQUerXVIhVXBHGwtA5IoycVZA63wFpb-mHjXQCAVVpe002t5__7JopcnnGKPhRob0W5ncyg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXc8LbWWsfqWHx-WJc-vmXE8kU_ng_5pcvru9qeHwBoY0j4GVF61uiTrYUloccKCUwtQUerXVIhVXBHGwtA5IoycVZA63wFpb-mHjXQCAVVpe002t5__7JopcnnGKPhRob0W5ncyg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMy1IAN4jOEtIpqcXKMAogmmqiUUoQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fAWZdeSlebJSFTEsPxW4hg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Mar 2024 15:15:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fAWZdeSlebJSFTEsPxW4hg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII0JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTNMXvFpPVsAhsOzssCAHkqEN0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://levelflowtr.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVDWgFPoYPtNXULKm15syHK4YLLZ1BTqivZrjeuaHZkMWWdL7CtHtFYAJviwJ72itQ1_Y9ZdSfrpNWa_UFNO55qaBlgPX_wNIXI2MjJ8Fr8CnG_EUXp3NmJoVM3CJ9QUcHfBfTZaw==
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVDWgFPoYPtNXULKm15syHK4YLLZ1BTqivZrjeuaHZkMWWdL7CtHtFYAJviwJ72itQ1_Y9ZdSfrpNWa_UFNO55qaBlgPX_wNIXI2MjJ8Fr8CnG_EUXp3NmJoVM3CJ9QUcHfBfTZaw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5NDc4OTM5LDIwMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbGV2ZWxmbG93dHIuY29tL2xvZ2luIixudWxsLFtbOCwidnpyTnZIUS1jeW8iXSxbOSwibmwiXSxbMjAsIltudWxsLG51bGwsWzk1MzI1OTkxXSxudWxsLDE4XSJdLFsxOSwiMSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMy1IAN4jOEtIpqcXKMAogmmqiUUoQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d6896498b148b794dc86120c4a4e296c97893e91fd9a10d6d7d7f2797fde2ef2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-V8KbhiqP2T4OxGrUiqN4qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-V8KbhiqP2T4OxGrUiqN4qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTDMXvFpPVsAhOOvmhlBAABhy0e"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW2-7ejyaKd_-ldZycyzI-0tIb0Enm8lwYXU8BPrg1J_nORNn6YUmFhHsHnzc7_Uu1rnAK7d1_VAI4Y2NArhhYMVHGWPB2sdEQnrfJO_KXCzUs4nqUapqay1ehr9QC9KEcDkre2LA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW2-7ejyaKd_-ldZycyzI-0tIb0Enm8lwYXU8BPrg1J_nORNn6YUmFhHsHnzc7_Uu1rnAK7d1_VAI4Y2NArhhYMVHGWPB2sdEQnrfJO_KXCzUs4nqUapqay1ehr9QC9KEcDkre2LA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5NDc4OTM5LDI5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbGV2ZWxmbG93dHIuY29tL2xvZ2luIixudWxsLFtbOCwidnpyTnZIUS1jeW8iXSxbOSwibmwiXSxbMjAsIltudWxsLG51bGwsWzk1MzI1OTkxXSxudWxsLDE4XSJdLFsxOSwiMSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMy1IAN4jOEtIpqcXKMAogmmqiUUoQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7add41cc03105d7b1eced874297a0f3e0e03024c7ab2ebc8d949ec9ba569eb2e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-y6riTBTYBRtM3gPg1n7i5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://levelflowtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 15:15:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-y6riTBTYBRtM3gPg1n7i5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmII1JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTDMXvFpPVsAg3Lnu1gBAAEiy0o"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVc_PLVZljmwrt6EoVvKHYsMfNq9eEuEBwJZ0jGqI2mD1wcS1rPIJIr2-GrJHIhW23yGNutfLLike6Uu1fFOHBrCdEwHeDKGl8z6hvsfbIUD3flrj7Dd9eyj6n-Mf-qhp6UXZjuqA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVc_PLVZljmwrt6EoVvKHYsMfNq9eEuEBwJZ0jGqI2mD1wcS1rPIJIr2-GrJHIhW23yGNutfLLike6Uu1fFOHBrCdEwHeDKGl8z6hvsfbIUD3flrj7Dd9eyj6n-Mf-qhp6UXZjuqA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMy1IAN4jOEtIpqcXKMAogmmqiUUoQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XKzM4UJ6WwJEIU065GN5UA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://levelflowtr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Mar 2024 15:15:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-XKzM4UJ6WwJEIU065GN5UA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw1JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDMXvFpPVsAjum7TrNCACH9REq"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://levelflowtr.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| __h82AlnkH6D91__ function| __p4qa8r1lb17__ string| cHViLTk0MjIwNDk5NjQwODc3NDM= object| FontAwesomeConfig object| ___FONT_AWESOME___ function| momentDurationFormatSetup number| uidEvent object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef object| ggeac string| ZmZlNzJkY2QyOTNhYWU5OWxvYWRlcl9qcw== string| ZmZlNzJkY2QyOTNhYWU5OWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| google_empty_script_included boolean| ecbf53fe-4d53-4c1c-8c49-e48bebbccc60

2 Cookies

Domain/Path Name / Value
levelflowtr.com/ Name: sid
Value: s%3AiVih7hLb1x2saoex8Tt2XIYOSA0ytbgH.0ie2%2FtgAcc2B7O5vwJszdGpns1NLDJHuPLvkjSEFkS8
.levelflowtr.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8GIHP-zgOgs1Ekg2YavLya4eJ9NWfSOWgFSifYxHm4yLhr7vJ7d6Or8yzn1r7C7UnifhPP86A1WBgTSEFNBvDgP31MSsWwj71zjW3YrfpvUpyJ7eD5kPatKf7TbbtWFCKwB4wKjDz2YyhabgwIO4Kcro2kRQ%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cashflowtr.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
levelflowtr.com
pagead2.googlesyndication.com
2606:4700:3033::6815:2c64
2a00:1450:4001:806::200e
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a06:98c1:3120::3
156c764796c592ba648cabc2e63a0877c8cc8f05be1239a764dcbcd68050c81a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3cb65b76f8a3e03601733d4f827f62dd1e8889ba1c38e452ca6330cb52a198bf
7add41cc03105d7b1eced874297a0f3e0e03024c7ab2ebc8d949ec9ba569eb2e
8aa06759da6af9878325a7b76e0c2a27516b85ca0022c140bd02d236e4ce81e5
8f92712236561bfe4aa84ba44691ec9dd23bfb8725a044dc7af08fc04a3c5eaa
97e6755b327d3f258c4879788e4474bb8e2801abae0d1b816836863b7ec44bde
a14e6dc7efb47ac424051f5c4669a2658a77c066e3a5a92a938a167d462a5bf4
a7ce704cf1b677a8be53ca97b36f0ae95c59a035828b684edf25bb1f66f9984c
af0d4395b49373346f37b8ccc85c97568a3c6f5289d4a507a6477eb83e402d9d
c1169d68f1d6fb1d2bee119530078e971188dbeb962196f8dc9b92e58e881eb2
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d0be6fd763f8a41a6e65026f294ba7795fd3548eceba0aee21f539ddea585fbd
d4542be6d34279915b51d311f75691df3522580234e57b9fdcba43e52860b88e
d6896498b148b794dc86120c4a4e296c97893e91fd9a10d6d7d7f2797fde2ef2
db29298daa1e2b1df40b107cff10f01c7074d7db2922eebcebd5ca7457ba52b8
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
f366c2a65911ec6d06ef8a2461dc87d7a06f8bc0109590d99358321c098f9c01