levelflowtr.com Open in urlscan Pro
172.67.198.136 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://levelflowtr.com/
Effective URL:
https://levelflowtr.com/
Submission: On June 25 via api (June 25th 2024, 8:52:48 pm UTC) from US — Scanned from DE

Summary HTTP 26 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 26 HTTP transactions. The main IP is 172.67.198.136, located in United States and belongs to CLOUDFLARENET, US. The main domain is levelflowtr.com.
TLS certificate: Issued by GTS CA 1P5 on June 1st 2024. Valid for: 3 months.

This is the only time levelflowtr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	172.67.198.136 172.67.198.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
9	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
26	4

11 172.67.198.136 (United States)

ASN13335 (CLOUDFLARENET, US)

levelflowtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744	81 KB
11	levelflowtr.com levelflowtr.com	574 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137	249 KB
26	3

	Domain	Requested by
12	fundingchoicesmessages.google.com	levelflowtr.com
11	levelflowtr.com	levelflowtr.com
3	pagead2.googlesyndication.com	levelflowtr.com pagead2.googlesyndication.com
26	3

This site contains links to these domains. Also see Links.

Domain
discord.gg

Subject Issuer	Validity	Valid
levelflowtr.com GTS CA 1P5	`2024-06-01` - `2024-08-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://levelflowtr.com/
Frame ID: 5BC10AB23F142E7DF0F4868604EFCEB2
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LevelflowTR

Page URL History Show full URLs

http://levelflowtr.com/ HTTP 307
https://levelflowtr.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

26
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

903 kB
Transfer

2934 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/p6CYt33yKw

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://levelflowtr.com/ HTTP 307
https://levelflowtr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
levelflowtr.com/
Redirect Chain

http://levelflowtr.com/
https://levelflowtr.com/

17 KB
8 KB

158ms
89ms

Document
text/html

172.67.198.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://levelflowtr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.198.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e31270ec882b8613e6c3747d0248793bec1670870f549d777a9d770912741c7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8997d7c62e722bc7-FRA
content-encoding: br
content-type: text/html
date: Tue, 25 Jun 2024 20:52:42 GMT
last-modified: Wed, 29 May 2024 12:17:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oaVg9DzvL%2Bklmt%2F58fwqhxGPCM208If9BPA0k6pTyIx0udqXub3X0fpcFZGjo9p9wlUhd7Dxwgn0Ln5lMma8p94jQ8AKQBrzffTMDgDsBr8FQuenbcuDIikgt8T9MvwXtKg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Location: https://levelflowtr.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
52 KB 163ms
84ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9422049964087743

Requested by

Host: levelflowtr.com
URL: https://levelflowtr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

1e684df50cedabb69bf5be70c58051cf3d1b4d842182490623b0ac472d5bf645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://levelflowtr.com/
Origin: https://levelflowtr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52860
x-xss-protection: 0
server: cafe
etag: 3993740962150026711
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 25 Jun 2024 20:52:42 GMT

GET
H2 200 pub-9422049964087743 Show response
fundingchoicesmessages.google.com/i/ 197 KB
65 KB 165ms
67ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-9422049964087743?ers=1

Requested by

Host: levelflowtr.com
URL: https://levelflowtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8ce5aaef86e752220c1f1a1640ef8be49dcb75f0fa1139c41f309113a322886

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Teg5lucAZLGWjJR3d4dIYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Teg5lucAZLGWjJR3d4dIYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmLw1ZBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLiJREXWQ8lXmQ9-Pgi60kgFuLhmHXnzWY2gQtn__5jUtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDMy0TMwii8wAAAmLDrj"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index-20b3cb30.js Show response
levelflowtr.com/assets/ 1 MB
424 KB 160ms
159ms Script
application/javascript 172.67.198.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://levelflowtr.com/assets/index-20b3cb30.js
Requested by: Host: levelflowtr.com
URL: https://levelflowtr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.198.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99b1b33cb31a5dd906e8a100f2a87e87a4d3511471f7217f6e4695b8ccc7dbf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://levelflowtr.com/
Origin: https://levelflowtr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 May 2024 12:17:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66571cd4-16da8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=98oWny2WZv2F9qNpKilhEv2WSXURTeF3gADfU133uEABPSWDOZG6eei3%2BsZDVNRSBGCliC6kZKfxAA%2BrM28QWlMf27jOvSybJ5tmCN%2FtPH3IbQJzOf%2BaQi9YhbcePV1GaOk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 8997d7c6cf552bc7-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 20:52:42 GMT

GET
H3 200 index-9a9119ef.css
levelflowtr.com/assets/ 391 KB
52 KB 119ms
119ms Stylesheet
text/css 172.67.198.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://levelflowtr.com/assets/index-9a9119ef.css
Requested by: Host: levelflowtr.com
URL: https://levelflowtr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.198.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a9119ef06af23c139a6959c64c9722242e9d509664ba67aec8a31632a7794a7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 May 2024 12:17:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66571cd4-61a9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2FxqILfxWlwnjeF3HCR5FRN9U7FNfbVPJKOv1tLtHj%2F2xxjk%2Bqc7ipM48hfgHP4W0KUKtV4y0kvRKd623Gblg4N1bZAVnDDFVbZVnxMSfALEUWe8k9DkIcppZoD9Kuzi168%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8997d7c6cf592bc7-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 20:52:42 GMT

GET
H2 200 pub-9422049964087743 Show response
fundingchoicesmessages.google.com/b/ 10 KB
6 KB 147ms
60ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/b/pub-9422049964087743

Requested by

Host: levelflowtr.com
URL: https://levelflowtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d0bd23df2bf537a3f6a1580e1dfa25e9d57653ec9e93fcd0ff8ed73b01fd7a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hOMbo5pbEBsXwo2FBis3Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-hOMbo5pbEBsXwo2FBis3Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw1ZBiOHnrNtNFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYg_Pz7H-huIk_6dZy0C4iURF1kPJV5kPfj4IutJIBbi4Zh1581mNoEFf67-YlLSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMTAzMtEzMIovMAAAxRA_vg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 AGSKWxU0UqvMTlvn8QG3GiP7n5fKyy5RhfmMUHMQUn6scZDZKnKPFq5CGXgVSWJBPz-JWENYf_DtVmKqbRyrDn8Jhzg_PA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 134ms
51ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU0UqvMTlvn8QG3GiP7n5fKyy5RhfmMUHMQUn6scZDZKnKPFq5CGXgVSWJBPz-JWENYf_DtVmKqbRyrDn8Jhzg_PA==

Requested by

Host: levelflowtr.com
URL: https://levelflowtr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-irHybRT1ENKCmc_GA4JBxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-irHybRT1ENKCmc_GA4JBxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEwzHrzpvNbAIvfv7fy6zkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMjEz0DMziCwwAoe8s2Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://levelflowtr.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406200101/ 431 KB
146 KB 226ms
97ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9422049964087743&plah=levelflowtr.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9422049964087743

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

60d5919c711dfd6efc99a105fdba0e4d01a0f6d0fc3d83fa8c3764630a3e1a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149065
x-xss-protection: 0
server: cafe
etag: 11486820877744205439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Jun 2024 20:52:43 GMT

GET
H2 200 AGSKWxXRjJYU38NEU-27KKgTv97KmNf70LpBvj2YRz1vw0Q-QfBuraKaUdyIrZMpVVrgNb241k591C9tr0vWr4fWYrW0Bq2rD9Qtf6uL9OlLuyb65JaRdcQslJLXR1FMCr7Hd0q6pyj1zA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 94ms
93ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXRjJYU38NEU-27KKgTv97KmNf70LpBvj2YRz1vw0Q-QfBuraKaUdyIrZMpVVrgNb241k591C9tr0vWr4fWYrW0Bq2rD9Qtf6uL9OlLuyb65JaRdcQslJLXR1FMCr7Hd0q6pyj1zA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5MzQ4NzYyLDkzMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9sZXZlbGZsb3d0ci5jb20vIixudWxsLFtbOCwiUTlDY1ZPZFBSakUiXSxbOSwiZGUiXSxbMjIsImZhbHNlIl0sWzE5LCIxIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMy4x_pq4jiqk9c5mZ-HoD2H-2-3NA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be85385444b3dd02627ef27593e9127a7fade5a1b79ad21322f3e5cf68167ade

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o6uxvn6PBuKzM8K2MYYTJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-o6uxvn6PBuKzM8K2MYYTJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmII1pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLiJREXWQ8lXmQ9-Pgi60kgFuLhmHXnzWY2gQNN928zK2kk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBmZ6BkYxRcYAAANuzpO"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
levelflowtr.com/socket.io/ 118 B
519 B 68ms
68ms XHR
text/plain 172.67.198.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://levelflowtr.com/socket.io/?EIO=4&transport=polling&t=P1HB1gt
Requested by: Host: levelflowtr.com
URL: https://levelflowtr.com/assets/index-20b3cb30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.198.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d9b17aff5e6522484d26e66b45d705d37d7f8d13f399d7387ade140c3239574

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: */*
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67M02q887YUbTrSZGHFQqeyGiXFXpG%2BPLmdXQ1xhWJMmNnj3sFJvpmBvzyObVE2SrMBqsOwX9mG3Yyh1sMqFEMwzO0D9%2BBsfLe0%2FDwwUGG9PiijyAyMT6oJxNbszeVdgIxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cache-control: no-store
cf-ray: 8997d7cadcf32bc7-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 check-session Show response
levelflowtr.com/api/auth/ 18 B
1 KB 195ms
195ms XHR
application/json 172.67.198.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://levelflowtr.com/api/auth/check-session

Requested by

Host: levelflowtr.com
URL: https://levelflowtr.com/assets/index-20b3cb30.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.136 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aa06759da6af9878325a7b76e0c2a27516b85ca0022c140bd02d236e4ce81e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
content-length: 18
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"12-5Ti4RxX6tW4QHCzTPHbTwIiTtA8"
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://levelflowtr.com
origin-agent-cluster: ?1
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FFu7Ddz6aLqa7159CAGRonCdiDN9yYSnAqKfyxZlmVxaHbnnSbVA7NUNRbtIBY5YZPQZDggdj4TV%2F9%2FjtTskALYSh5fWcErbGaVH0gTqfOhzz14vzgBx2NzPUIlDK%2FHRC9Q%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8997d7cb1d3e2bc7-FRA

GET
H3 200 vite.svg
levelflowtr.com/ 994 B
1017 B 88ms
88ms Other
image/svg+xml 172.67.198.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://levelflowtr.com/vite.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.198.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c2e447e311b2e451f15cb3d5c3fede4a1960879cb8febd043d12995a1641a32

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 07:08:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6528ecf5-3e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uh3z47vqD3ycwta%2Fb2X3%2FWNQ0I2nUWf9GzT7gkzoAiJmNcjiVByghzs%2FniaMTkd2lt7ahFz6F3xR2nKocunN7aTmR6BC6y2L59%2B8cj2Osniz%2FD4sH2Va4ZsMPiVgHLhizxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8997d7cb1d422bc7-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 / Show response
levelflowtr.com/socket.io/ 2 B
406 B 96ms
96ms XHR
text/html 172.67.198.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://levelflowtr.com/socket.io/?EIO=4&transport=polling&t=P1HB1h-&sid=xw-NuKDNwdZI2_cHAAKa
Requested by: Host: levelflowtr.com
URL: https://levelflowtr.com/assets/index-20b3cb30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.198.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: text/plain;charset=UTF-8
Accept: */*
Referer: https://levelflowtr.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iIwTh2tBzFveSfot3ZyCMvnXSDdbCDlPo%2FQwRoGMq8rqhgPFMvsnFmbAAZn4gUgD2kVdo%2B479ikqjY4QByfqM%2BRIEYk2RlzeNQJB8474r84Mh67StUdhRSSc%2BKyg43NzbQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: no-store
cf-ray: 8997d7cb4d872bc7-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
levelflowtr.com/socket.io/ 32 B
445 B 84ms
84ms XHR
text/plain 172.67.198.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://levelflowtr.com/socket.io/?EIO=4&transport=polling&t=P1HB1h_&sid=xw-NuKDNwdZI2_cHAAKa
Requested by: Host: levelflowtr.com
URL: https://levelflowtr.com/assets/index-20b3cb30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.198.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da172e65e798709775befca2ad2c91648906151fec2949752059ad185259fc28

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: */*
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TjtNcXqZfbzhF0zX%2B3KPlQs%2Bw5tVQtbj6ti5Ol8J%2BEjnqRFlYSFpc2L8MK%2BTKfuYqixy8OOjIOJA9oAFqkRjRP1cztuZjlhWXog2wBwbtJpgWmgkwx6XBsYvyw22oFMxr14%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cache-control: no-store
cf-ray: 8997d7cb4d8c2bc7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 32

GET
H3 200 / Show response
levelflowtr.com/socket.io/ 1 B
412 B 257ms
257ms XHR
text/plain 172.67.198.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://levelflowtr.com/socket.io/?EIO=4&transport=polling&t=P1HB1jL&sid=xw-NuKDNwdZI2_cHAAKa
Requested by: Host: levelflowtr.com
URL: https://levelflowtr.com/assets/index-20b3cb30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.198.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: */*
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1dII%2BItGS3Jrmw4SOfDPIxxV95EvR1Kk4gnH0HY0tGBsgwFTEx3Y6XPDmjp4gpYz9P30B1oYq9mfq1lSPLU%2FK9l2F8UB%2BkgWuFhE2ogA4zrO3hUfyxKB0TUYAY6tyzJab7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cache-control: no-store
cf-ray: 8997d7cbde1b2bc7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1

GET
H3 200 levelflowtr-mainwallpaper.webp
levelflowtr.com/assets/img/ 86 KB
86 KB 108ms
107ms Image
image/webp 172.67.198.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://levelflowtr.com/assets/img/levelflowtr-mainwallpaper.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.198.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7ce704cf1b677a8be53ca97b36f0ae95c59a035828b684edf25bb1f66f9984c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://levelflowtr.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
cf-cache-status: MISS
last-modified: Sat, 14 Oct 2023 18:05:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652ad87c-15634"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2Fs%2Braj%2FaX6035UxVInDR7HFD3HLOwmtvTQZAgDT%2ByUH8NGC2z56cXqWntGDH1V8607bWy%2FJA%2Fndv4k%2FZjKQkL0WrCxL2XDXWw%2FeaAGSCYNgLw8Esy1rRlXSbKIa1Y4uqww%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8997d7cc7ed92bc7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 87604
expires: Thu, 25 Jul 2024 20:52:43 GMT

GET
H3 200 vite.svg
levelflowtr.com/ 994 B
0 0ms
0ms Other
image/svg+xml 172.67.198.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://levelflowtr.com/vite.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.198.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c2e447e311b2e451f15cb3d5c3fede4a1960879cb8febd043d12995a1641a32

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://levelflowtr.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 07:08:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6528ecf5-3e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uh3z47vqD3ycwta%2Fb2X3%2FWNQ0I2nUWf9GzT7gkzoAiJmNcjiVByghzs%2FniaMTkd2lt7ahFz6F3xR2nKocunN7aTmR6BC6y2L59%2B8cj2Osniz%2FD4sH2Va4ZsMPiVgHLhizxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8997d7cb1d422bc7-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 exitpopup. Show response
fundingchoicesmessages.google.com/f/AGSKWxWNaAJ3E7o9a1DPF8WtCXJPMEy7sbL-mdkjDTA5tKS7z519f7e4ff6aT4bBnqbPP1J99Zl1Sl46trEcuA_8mZnrcd-sy9nuRbJ3Q04X2NYhOikPQWiGeE4bQNO5efS3if7qSOQPP_RHZJ-wqAl-29XhgnW0m... 54 B
109 B 53ms
53ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWNaAJ3E7o9a1DPF8WtCXJPMEy7sbL-mdkjDTA5tKS7z519f7e4ff6aT4bBnqbPP1J99Zl1Sl46trEcuA_8mZnrcd-sy9nuRbJ3Q04X2NYhOikPQWiGeE4bQNO5efS3if7qSOQPP_RHZJ-wqAl-29XhgnW0mNUAgMYiy-hs-2PqK9YAL6CyKluOp_AD/_/adx/iframe./MonsterAd-/cnnslads./180x150-/exitpopup.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Q9CcVOdPRjE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzjk_zm6kJ0SQhYd1cAPH3RMu_Pqg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

c2477205e69f94ac288f176452e2d6ddf27486c0ccab7851842e71c7840f674e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-j5CxqIX06uxEf2G810Qp9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-j5CxqIX06uxEf2G810Qp9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw1ZBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLiJREXWQ8lXmQ9-Pgi60kgFuLhmH3nzWY2gR27u44xKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBmZ6BkYxRcYAAD8tzoH"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
52 KB 83ms
83ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

b1e487f4ac13b8a25c767f0653a14c91e60e36658768b49adbe5b19dc9140971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52825
x-xss-protection: 0
server: cafe
etag: 519697589752255271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 25 Jun 2024 20:52:43 GMT

POST
H3 204 AGSKWxWSMxdyYb8AkJmkuoCzZBVT3crLR01YUI8RaZFQFLxw38AdXueAKp1WOyGORjl9HDG1rehxyvnefPkZd7gDklKQ0Qep0cp3kgPEooiVUfxXI0EE4UD627ZVA1-6N3cQc3hb81owkQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 76ms
76ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWSMxdyYb8AkJmkuoCzZBVT3crLR01YUI8RaZFQFLxw38AdXueAKp1WOyGORjl9HDG1rehxyvnefPkZd7gDklKQ0Qep0cp3kgPEooiVUfxXI0EE4UD627ZVA1-6N3cQc3hb81owkQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sK785QJ9LBZEeLrrfaLMUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-sK785QJ9LBZEeLrrfaLMUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEwzH7zpvNbAI_tjRcZFJyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmRiZ6BmbxBQYAcRAsMg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://levelflowtr.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWSMxdyYb8AkJmkuoCzZBVT3crLR01YUI8RaZFQFLxw38AdXueAKp1WOyGORjl9HDG1rehxyvnefPkZd7gDklKQ0Qep0cp3kgPEooiVUfxXI0EE4UD627ZVA1-6N3cQc3hb81owkQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-43rhxqdWdE6-wnrVNi0D9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-43rhxqdWdE6-wnrVNi0D9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEwzH7zpvNbAIH9s9-wKTkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMjEz0DMziCwwAcKEsMQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://levelflowtr.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWSMxdyYb8AkJmkuoCzZBVT3crLR01YUI8RaZFQFLxw38AdXueAKp1WOyGORjl9HDG1rehxyvnefPkZd7gDklKQ0Qep0cp3kgPEooiVUfxXI0EE4UD627ZVA1-6N3cQc3hb81owkQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-23LeWWmWzHSYGQLc9JpYlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-23LeWWmWzHSYGQLc9JpYlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEwzH7zpvNbAILps_qZlZyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmRiZ6BmbxBQYASscrpA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://levelflowtr.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWSMxdyYb8AkJmkuoCzZBVT3crLR01YUI8RaZFQFLxw38AdXueAKp1WOyGORjl9HDG1rehxyvnefPkZd7gDklKQ0Qep0cp3kgPEooiVUfxXI0EE4UD627ZVA1-6N3cQc3hb81owkQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-64wDH-judjEweb5cK_6H0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-64wDH-judjEweb5cK_6H0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEwzH7zpvNbAITnkzoZlZyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmRiZ6BmbxBQYAUZ8rxQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://levelflowtr.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXTEEGvg-HIHYg4HD3yyD6PolgeOU0XAlaSNRSm93NMgENTQMORF-oe4LRNpWHWjwH8Mrqc8nhlncMiYnw0Z3wESmijKJyHQA1Wb1kHRCrE4q0_mhO7Y7KHYK0rs7cXnbJBQwyK8Q== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 108ms
107ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXTEEGvg-HIHYg4HD3yyD6PolgeOU0XAlaSNRSm93NMgENTQMORF-oe4LRNpWHWjwH8Mrqc8nhlncMiYnw0Z3wESmijKJyHQA1Wb1kHRCrE4q0_mhO7Y7KHYK0rs7cXnbJBQwyK8Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5MzQ4NzYzLDgwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbGV2ZWxmbG93dHIuY29tL2xvZ2luIixudWxsLFtbOCwiUTlDY1ZPZFBSakUiXSxbOSwiZGUiXSxbMjIsImZhbHNlIl0sWzE5LCIxIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

8b1a21344b286c0a0aaaa0279b77f4995ba98f3b45c3f3e784413c4b4ffaceb8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aiEnkijkmfFXyXYynCF5qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-aiEnkijkmfFXyXYynCF5qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw1JBiOHnrNtNFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYg_Pz7H-huIk_6dZy0C4iURF1kPJV5kPfj4IutJIBbi4Zh9581mNoENj-cuY1bSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMTAzMtEzMIovMAAArco_Lw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWRz9IR483t5_HKnuWHMj4e_9iksexKtsd7xr7Qb0k5Zn1ZWPlI2F9Ejua3g93uOsmYbAOWoi4swXM2GTNjVYg4r0iH3oig84ZhRV8nBVUuteuxfMP2ohpa60Q3HDkCQX1kpeXeTg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 110ms
110ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWRz9IR483t5_HKnuWHMj4e_9iksexKtsd7xr7Qb0k5Zn1ZWPlI2F9Ejua3g93uOsmYbAOWoi4swXM2GTNjVYg4r0iH3oig84ZhRV8nBVUuteuxfMP2ohpa60Q3HDkCQX1kpeXeTg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5MzQ4NzYzLDkxNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbGV2ZWxmbG93dHIuY29tL2xvZ2luIixudWxsLFtbOCwiUTlDY1ZPZFBSakUiXSxbOSwiZGUiXSxbMjIsImZhbHNlIl0sWzE5LCIxIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

9b8b081d70275aefef850b21458f63aa550ecdf55ea9efedf4619fab4fdc872b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q_DYbkb31HVWtoTLaTvasQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 20:52:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-Q_DYbkb31HVWtoTLaTvasQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmII1pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLiJREXWQ8lXmQ9-Pgi60kgFuLimHPnzWY2gQV37JU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDMyMTPQMjOILDACAQTkK"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVBZpjFUYSC2dCYI7repY2E7g4FsqaoriBX03ppvlYnUCW479TPx0LgkOsRHNcg-eIsd38Q9iL38RkCSGL-glMSoQDbcZKzpXYXdZndy6pCdGJSNHbU10tbIajVZH_EsyjRHK0NBw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 51ms
51ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVBZpjFUYSC2dCYI7repY2E7g4FsqaoriBX03ppvlYnUCW479TPx0LgkOsRHNcg-eIsd38Q9iL38RkCSGL-glMSoQDbcZKzpXYXdZndy6pCdGJSNHbU10tbIajVZH_EsyjRHK0NBw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-S8rIcab6fcliHV4ub00l0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://levelflowtr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jun 2024 20:52:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-S8rIcab6fcliHV4ub00l0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzTHnzpvNbAIrTm6UVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBmZGJnoGZvEFBgAoWitx"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://levelflowtr.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			levelflowtr.com/	1970-01-20 21:37:15	Name: sid Value: s%3AWpaByCgVLjmQo7Vrsrk01zPB7mbFeZiB.g%2Bt%2BQk5SiX6ltGQpJhULsFj6gguKf0bH6PEWgpWZlMQ
			.levelflowtr.com/	1970-01-21 06:21:24	Name: FCNEC Value: %5B%5B%22AKsRol-aT-ICzS6lXjS3BOJWKTHGH3wis1dZ-Hpu6sr10H2dbl28POeQEQdq5KH6-d3lT66NcYUfqfNvY34lokJuKegs9rIKQIQ1RHdjudUVnWEsSAFe98nG3bS4z9HrYUInIkJZRKPDK_UqNZ816F-puGhJ71H7DQ%3D%3D%22%5D%5D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://levelflowtr.com/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fundingchoicesmessages.google.com
levelflowtr.com
pagead2.googlesyndication.com
142.250.185.194
142.250.185.78
172.67.198.136
2a00:1450:4001:80e::200e
1e684df50cedabb69bf5be70c58051cf3d1b4d842182490623b0ac472d5bf645
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3c2e447e311b2e451f15cb3d5c3fede4a1960879cb8febd043d12995a1641a32
60d5919c711dfd6efc99a105fdba0e4d01a0f6d0fc3d83fa8c3764630a3e1a2e
7d9b17aff5e6522484d26e66b45d705d37d7f8d13f399d7387ade140c3239574
7e31270ec882b8613e6c3747d0248793bec1670870f549d777a9d770912741c7
8aa06759da6af9878325a7b76e0c2a27516b85ca0022c140bd02d236e4ce81e5
8b1a21344b286c0a0aaaa0279b77f4995ba98f3b45c3f3e784413c4b4ffaceb8
8d0bd23df2bf537a3f6a1580e1dfa25e9d57653ec9e93fcd0ff8ed73b01fd7a6
9a9119ef06af23c139a6959c64c9722242e9d509664ba67aec8a31632a7794a7
9b8b081d70275aefef850b21458f63aa550ecdf55ea9efedf4619fab4fdc872b
a7ce704cf1b677a8be53ca97b36f0ae95c59a035828b684edf25bb1f66f9984c
a8ce5aaef86e752220c1f1a1640ef8be49dcb75f0fa1139c41f309113a322886
a99b1b33cb31a5dd906e8a100f2a87e87a4d3511471f7217f6e4695b8ccc7dbf
b1e487f4ac13b8a25c767f0653a14c91e60e36658768b49adbe5b19dc9140971
be85385444b3dd02627ef27593e9127a7fade5a1b79ad21322f3e5cf68167ade
c2477205e69f94ac288f176452e2d6ddf27486c0ccab7851842e71c7840f674e
da172e65e798709775befca2ad2c91648906151fec2949752059ad185259fc28
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

levelflowtr.com Open in urlscan Pro 172.67.198.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

25 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

903 kBTransfer

2934 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

2 Cookies

1 Console Messages

levelflowtr.com Open in urlscan Pro
172.67.198.136 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

903 kB
Transfer

2934 kB
Size

2
Cookies

26 HTTP transactions
0 data transactions