![](/screenshots/d587e514-28cf-480f-8278-5706832898bc.png)
levelflowtr.com
Open in
urlscan Pro
2606:4700:3033::6815:2c64
Public Scan
Effective URL: https://levelflowtr.com/
Submission: On January 18 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on December 7th 2023. Valid for: 3 months.
This is the only time levelflowtr.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3031::ac43:c688 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
9 | 2606:4700:303... 2606:4700:3033::6815:2c64 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:831::2002 | 15169 (GOOGLE) (GOOGLE) | |
12 | 2a00:1450:400... 2a00:1450:4001:830::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::2002 | 15169 (GOOGLE) (GOOGLE) | |
25 | 4 |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 |
75 KB |
10 |
levelflowtr.com
1 redirects
levelflowtr.com |
556 KB |
3 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 |
217 KB |
1 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 |
4 KB |
25 | 4 |
Domain | Requested by | |
---|---|---|
12 | fundingchoicesmessages.google.com |
levelflowtr.com
|
10 | levelflowtr.com |
1 redirects
levelflowtr.com
|
3 | pagead2.googlesyndication.com |
levelflowtr.com
pagead2.googlesyndication.com |
1 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
25 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
levelflowtr.com GTS CA 1P5 |
2023-12-07 - 2024-03-06 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://levelflowtr.com/
Frame ID: D3C95C9BC4C1825EFF724CE7A68463FE
Requests: 24 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240117/r20190131/zrt_lookup_fy2021.html
Frame ID: 3AE506B0D688C230011FA5862D59526F
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/d587e514-28cf-480f-8278-5706832898bc.png)
Page Title
LevelflowTRPage URL History Show full URLs
-
http://levelflowtr.com/
HTTP 301
https://levelflowtr.com/ Page URL
Detected technologies
Detected patterns
- googlesyndication\.com/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://levelflowtr.com/
HTTP 301
https://levelflowtr.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
levelflowtr.com/ Redirect Chain
|
17 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
146 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub-9422049964087743
fundingchoicesmessages.google.com/i/ |
182 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-9898869f.js
levelflowtr.com/assets/ |
1 MB 409 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-bf713fa6.css
levelflowtr.com/assets/ |
389 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub-9422049964087743
fundingchoicesmessages.google.com/b/ |
11 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
levelflowtr.com/socket.io/ |
118 B 593 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
check-session
levelflowtr.com/api/auth/ |
18 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxU0UqvMTlvn8QG3GiP7n5fKyy5RhfmMUHMQUn6scZDZKnKPFq5CGXgVSWJBPz-JWENYf_DtVmKqbRyrDn8Jhzg_PA==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxXfwK8jB0WqaOz5c_pHO0Sy7JlC7H6xVHVDcYTF2JIF-I8tNaeuWO2UTHKkaxpGYlJGEa24J2v_ZTK3t_nrDyaa1-W2TSuEYw4Hyz7wPa8hcAinFyTHQpoLFpwgHE7YagjcCbbaQQ==
fundingchoicesmessages.google.com/f/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/ |
402 KB 136 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240117/r20190131/ Frame 3AE5 |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
levelflowtr.com/socket.io/ |
2 B 446 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
levelflowtr.com/socket.io/ |
32 B 462 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
levelflowtr-mainwallpaper.webp
levelflowtr.com/assets/img/ |
86 KB 86 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
levelflowtr.com/socket.io/ |
1 B 428 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads_.adforge.
fundingchoicesmessages.google.com/f/AGSKWxVkGWtuVKvLZjWGQrCnm2Ii4vXlgpQC9A3o-pnYaM8T5Fk6-LxU1_RL3mPuGhPmqomA1utOqiQp0UYAwr6sX7MWqHNGxdo3D3ttU-H2MzwxJ7CF7RGifDP4hRG852FP-V2oa7Nj4Z7Lb-jZbPONfnO0dB1Tn... |
54 B 109 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lidar.js
pagead2.googlesyndication.com/pagead/js/ |
86 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXzyAq3_TlFylB6xMUPT0ufvoNjbq3eHtGcNVBe-pQU26G-fIwp6q-fQrXLvr1rjJ5rAtnLuvXi2gp_MwR3lLQZS799-c2HRq6C3W5gSx_fur3hssFSth4jnjwz0Yq37-el_Nnt_w==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXzyAq3_TlFylB6xMUPT0ufvoNjbq3eHtGcNVBe-pQU26G-fIwp6q-fQrXLvr1rjJ5rAtnLuvXi2gp_MwR3lLQZS799-c2HRq6C3W5gSx_fur3hssFSth4jnjwz0Yq37-el_Nnt_w==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXzyAq3_TlFylB6xMUPT0ufvoNjbq3eHtGcNVBe-pQU26G-fIwp6q-fQrXLvr1rjJ5rAtnLuvXi2gp_MwR3lLQZS799-c2HRq6C3W5gSx_fur3hssFSth4jnjwz0Yq37-el_Nnt_w==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXzyAq3_TlFylB6xMUPT0ufvoNjbq3eHtGcNVBe-pQU26G-fIwp6q-fQrXLvr1rjJ5rAtnLuvXi2gp_MwR3lLQZS799-c2HRq6C3W5gSx_fur3hssFSth4jnjwz0Yq37-el_Nnt_w==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxWezMa_HKJDueXjAqDs69iyULMOViLbvu8ECegJQVS6G-ZJXG6r5U0SwIPwgHmiv5XAD9NlelHmGHAqdl83CG_cB5rcFhW40eiVElApX1EQDJCYzvA8x2ZqzwobHEm1F-KlDagaEw==
fundingchoicesmessages.google.com/f/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxXANSNxQJazGlf8dlEITgexCqCMmSbZwnc1EbT9eassstcr89yj5HPt2nltveL0qF68XfaLyGyaeFlcs5mquLf8fifKh1H94XUVMq9U2IaWHTam4u-k4Wq_18M70-vUaF0BRJDXmA==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxWFAgdeVBNDwI21-xyqgk3yXNI1nuFzbM84Yv7ksyVkPKchXIwt9MqVs5qqJV-IIQG6Z6_OOO5AwFqDdv-8CPE1eClY7dt3o2zBtSYN2EViIvNZAOtLO7guMN6ZyV9S58Ct1mLVCw==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
57 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| __h82AlnkH6D91__ object| FontAwesomeConfig object| ___FONT_AWESOME___ function| momentDurationFormatSetup number| uidEvent function| __p4qa8r1lb17__ string| cHViLTk0MjIwNDk5NjQwODc3NDM= object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef object| ggeac string| ZmZlNzJkY2QyOTNhYWU5OWxvYWRlcl9qcw== string| ZmZlNzJkY2QyOTNhYWU5OWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| __google_lidar_ function| __google_lidar_radf_ boolean| 51300848-b27b-4486-b659-620bb16afba82 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
levelflowtr.com/ | Name: sid Value: s%3ANkEEeZ6Kjwi6fFTcYMvdhoPaoQSnoxqd.zniGaIRfOEGWUHWgq095fpExfow6B8Q8G07qMdRUMc0 |
|
.levelflowtr.com/ | Name: FCNEC Value: %5B%5B%22AKsRol_RN6wqiG3Q9dwBhkZb9T38NI3evfV8vfkL0MNzeBEAvQOgimj4XDuN8S7x6ykteS-gH3wmUrMIuCFsly74NRyFREUo08F8r15fN9OxlWaxFOpffYAe42PBrbWjZ3XdyCKWrk1V7q2qScHkwHtaGT1qly_nlA%3D%3D%22%5D%5D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
levelflowtr.com
pagead2.googlesyndication.com
2606:4700:3031::ac43:c688
2606:4700:3033::6815:2c64
2a00:1450:4001:828::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
08fe27658c303e05f0d214cb63e439116f85c77351e54ed6e6403fa44f66a313
0f0cd2ea6ad00748a3aaca83f553b1dd6f0407ad291967cf088c548d8eb8a09e
1756f6e7f0c1c703432c27f40252ab81e71f485d62ef6c572394418005c9d15f
1b3da4c38a13512fdb8a67e48ff7cafa256a5609a08385045a41442259d6d761
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
5e3ecf59c11cd6ba7efc88e396b114f5c361fd62d384135af3ab3c536c0c1707
62c8219e13b355fc2bf84035a328f3d28aacd98fe148b6369b1dde30cb5e4218
6600f9b5e1f8d5e7b7e1bb687cf57ad3924132d62fa64495098e0b50f091433d
6c1d3d15b8d50ca21bde638b25a2a8f331bd3d791d681a48130a2039afa90e09
8978c3071faaec54d953a547d4db04b38e10bbebcd9331b98e43895ceccee5a3
8aa06759da6af9878325a7b76e0c2a27516b85ca0022c140bd02d236e4ce81e5
958d577fb16ede78cdd292ae7d8392bd771eb052fd20dcb78165dba51d2a3c05
a7ce704cf1b677a8be53ca97b36f0ae95c59a035828b684edf25bb1f66f9984c
af6cd6c6bb62dae3df0cdd3a89e9cf921e2ac34aefb6e424f1e95f6fc8c8ade9
bf713fa657a3bd293cb60096b018047c4522cca594d50c6feefcb14d962d16c5
c867a14b9289b5c0114d032d94a1c80faf3cac1cf89c8824ee941164557a959c
c9cacd70ab308f607d941cc9728d034e189506e8d020820adb112d7ff148762a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197