level-user.site Open in urlscan Pro
2606:4700:3035::ac43:cb90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://level-user.site/
Submission: On September 12 via automatic, source certstream-suspicious (September 12th 2024, 4:34:23 pm UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3035::ac43:cb90, located in United States and belongs to CLOUDFLARENET, US. The main domain is level-user.site.
TLS certificate: Issued by WE1 on September 12th 2024. Valid for: 3 months.

This is the only time level-user.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3035::ac43:cb90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
13	3

10 2606:4700:3035::ac43:cb90 (United States)

ASN13335 (CLOUDFLARENET, US)

level-user.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	level-user.site level-user.site	125 KB
2	gstatic.com fonts.gstatic.com	54 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
13	3

	Domain	Requested by
10	level-user.site	level-user.site
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	level-user.site
13	3

This site contains no links.

Subject Issuer	Validity	Valid
level-user.site WE1	`2024-09-12` - `2024-12-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://level-user.site/
Frame ID: 3017A53D671961595301765D8682388A
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ads Instinct

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

180 kB
Transfer

517 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
level-user.site/ 20 KB
4 KB 277ms
144ms Document
text/html 2606:4700:3035::ac43:cb90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://level-user.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:cb90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 972f03589ee8d9efabfad8e5627e8aac2613b07c4788139ce0d8c98f5d10adb3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8c214dd22fcc368c-FRA
content-encoding: br
content-type: text/html
date: Thu, 12 Sep 2024 16:34:16 GMT
last-modified: Fri, 23 Aug 2024 20:37:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rgl%2FOk8V8Mpv5YgnjRM28jgY63rFo8cKJy2b2j9GczHw%2FF3y5gwSzH75WtC3SiZvVt%2BC%2FDvZXXC4h%2FJpJJ8zrpRRO0mMe7D02Cd9mb%2BIB0V36UmXPFflUT3A4wdj5dJP25zhbjLtxD467feITwo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 132ms
33ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bitter:ital,wght@0,100..900;1,100..900&display=swap

Requested by

Host: level-user.site
URL: https://level-user.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

460f891d6c6fbb3b6bb55179707a1d58882205ac665f430c3ee9c07a8e59ea66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://level-user.site/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Sep 2024 16:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Sep 2024 16:34:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Sep 2024 16:34:16 GMT

GET
H3 200 normalize.b6182ef6.css
level-user.site/ 6 KB
2 KB 182ms
179ms Stylesheet
text/css 2606:4700:3035::ac43:cb90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://level-user.site/normalize.b6182ef6.css
Requested by: Host: level-user.site
URL: https://level-user.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:cb90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 952e32dc1bd95b15a8e5b32c30df2284c207f02c1032f5232b010906d14686a9

Request headers

Referer: https://level-user.site/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:34:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Aug 2024 20:37:28 GMT
server: cloudflare
etag: W/"66c8f308-198b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dSh8XJnUNDVsw1XGkaOum5cziutgoUSQF%2F6BWyI2gkyZfQ1mDd6%2FgVSalp3f9ElI52VMbO5qKcLGDZ39jzEmkx0WjOl8TG5IeNzFnnvxEL3ImcMvFJ13p91ukqABHokdVGvCi9slgVxFNm2X7Bk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8c214dd318d7368c-FRA
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With

GET
H3 200 main.d2070829.css
level-user.site/ 852 B
953 B 175ms
173ms Stylesheet
text/css 2606:4700:3035::ac43:cb90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://level-user.site/main.d2070829.css
Requested by: Host: level-user.site
URL: https://level-user.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:cb90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26e99cff28a4fdbc6da0a1c88e050918187f60be8e689b784e3e3af7a5a3207c

Request headers

Referer: https://level-user.site/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:34:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Aug 2024 20:37:28 GMT
server: cloudflare
etag: W/"66c8f308-354"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QNac%2BKz%2F3b7Ml4XMtrMqQA7zv8BK24bMqKhLbFsMjUvA253T4Ybpi%2F0Q7w%2BKLjsBajE5Nrjr94eD5w5witbkTbUx2q1TESCLBY2wsVzy%2BBvyBounqjc53ZXZ9hEUIf9ysJ3kN93OKnQ2n45VE7c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8c214dd318d9368c-FRA
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With

GET
H3 200 adsinstinct.com.9ad09f98.css
level-user.site/ 3 KB
1 KB 129ms
127ms Stylesheet
text/css 2606:4700:3035::ac43:cb90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://level-user.site/adsinstinct.com.9ad09f98.css
Requested by: Host: level-user.site
URL: https://level-user.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:cb90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c74841784c0d9717720b3a372c904a5e9d018a1cf13f17fb71344955b6e62d4

Request headers

Referer: https://level-user.site/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:34:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Aug 2024 20:37:29 GMT
server: cloudflare
etag: W/"66c8f309-c95"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eH7G%2FDGK%2BS4n8TEC82POmHM%2BgXfFhdIAmyO5cQzlG6%2Fmi9z9fRf1UzR54EEhITY%2BBgJ34w6xEx4SHXvakGa5wYa7fVmFQTzoVKrQD9D84ilYdDOByKD7r6%2F2AH979j%2FF%2BcV5i0w31yTcfnwQrBM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8c214dd318da368c-FRA
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With

GET
H3 200 normalize.b6182ef6.js Show response
level-user.site/ 11 KB
4 KB 177ms
175ms Script
application/javascript 2606:4700:3035::ac43:cb90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://level-user.site/normalize.b6182ef6.js
Requested by: Host: level-user.site
URL: https://level-user.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:cb90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b1665e84219dd9adfe57606154bb20f4308d481a23608c0cc2265da3318b093

Request headers

Referer: https://level-user.site/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:34:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Aug 2024 20:37:28 GMT
server: cloudflare
etag: W/"66c8f308-2ab1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bzor3wzPW4C4JVtoGFKTG%2BbFUg2mZwXIbO02KOZGHMcvVC3yUGfcvTsFERsmoRZw0%2BsRDKiLA31tEAOOqGdYoqMf2pED3tUPfbqILTJAoVFQjQQPOy2QrrWdHQK4dKGfgcP32bd4NBkNy298vlo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8c214dd318db368c-FRA
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With

GET
H3 200 main.d2070829.js Show response
level-user.site/ 11 KB
4 KB 204ms
202ms Script
application/javascript 2606:4700:3035::ac43:cb90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://level-user.site/main.d2070829.js
Requested by: Host: level-user.site
URL: https://level-user.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:cb90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afcfc30a7c97da0445da0b1962c0d454acab67e18e177ede10eb9ed732f8e74a

Request headers

Referer: https://level-user.site/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:34:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Aug 2024 20:37:28 GMT
server: cloudflare
etag: W/"66c8f308-2aa7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iLWFtjsr0X4E4cf%2FxWOSBwrWSYJgChJL6BacELK5iPJNNKh93vl5B2d9xf%2BKbSOXfubqW%2BDizxYkYZc6yqSYGKCR3xCygRSJPTxI68Vl%2BfzHMzYRVcG5DQuC3PR%2Fr7RipU%2FkmknxfPX13pPGbjA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8c214dd318de368c-FRA
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With

GET
H3 200 adsinstinct.com.9ad09f98.js Show response
level-user.site/ 11 KB
4 KB 174ms
172ms Script
application/javascript 2606:4700:3035::ac43:cb90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://level-user.site/adsinstinct.com.9ad09f98.js
Requested by: Host: level-user.site
URL: https://level-user.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:cb90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c9f30a7b2a926c784cbdfa76d5794af079f068d4f70c4050d8e71e6d0a2f24a

Request headers

Referer: https://level-user.site/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:34:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Aug 2024 20:37:29 GMT
server: cloudflare
etag: W/"66c8f309-2aac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExYzDjj%2BeEGOMKE%2B13Y8DeQ4q0J%2BFoaAOQbQexWQF80Tp0AJVTuUwgN74Z9Ts1QUUhzp6QRQdEFLedf%2BBy21w0HGXX1N1qBZC%2B3U7BMJljW4HeOvbf2mft2eh9Gmndf3LMr8KmfhR3g7qJvf4tA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8c214dd318e0368c-FRA
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With

GET
H3 200 email-decode.min.js Show response
level-user.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 32ms
30ms Script
application/javascript 2606:4700:3035::ac43:cb90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://level-user.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: level-user.site
URL: https://level-user.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cb90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://level-user.site/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 08 Sep 2024 16:12:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66ddccf5-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzuI0qwUsJy%2FrJMuokXlI6c39zqMf%2BR1hoVQTKdJ1WBqkoq0%2FZw%2BN%2BtCW%2B3auwHtq1fHeHv2tcwaTHgBPFpwoMDwns%2BuWFEAaX7IMT9yEP57YkzcjraLjZJLRBKeKSZl%2FXEb%2F2wWHJPEqyQ%2BZAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8c214dd318e2368c-FRA
expires: Sat, 14 Sep 2024 16:34:16 GMT

GET
H3 200 adsinstinct.com.e31bb0bc.js Show response
level-user.site/ 374 KB
81 KB 254ms
252ms Script
application/javascript 2606:4700:3035::ac43:cb90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://level-user.site/adsinstinct.com.e31bb0bc.js
Requested by: Host: level-user.site
URL: https://level-user.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:cb90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dd5cfcee944f119f4f070f7b22976223b4e51cc0bbce49b29d1cc0a455c04f5

Request headers

Referer: https://level-user.site/
Origin: https://level-user.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:34:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Aug 2024 20:37:29 GMT
server: cloudflare
etag: W/"66c8f309-5d9e5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zuQsJpn0YnsOOC0y6NNVWvlTWRa4dhUNpWSpOL96gcPB%2BcD%2B2sbjIuHWgsHXdD95gnHBDPaZzXLGhFC78FxFrxws5nqq1OlYYZ9G4EVXS4QualXG05mUS2RZYlL4V0sbnvV5F9TBv313U%2FmuvcQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8c214dd318e3368c-FRA
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With

GET
H2 200 rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v36/ 33 KB
34 KB 80ms
24ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v36/rax8HiqOu8IVPmn7f4xp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bitter:ital,wght@0,100..900;1,100..900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

710837bbd0f471356c5ea8fa53770a38ad6e4ccb135168c90fdbc0f33aef0ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://level-user.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 02:17:14 GMT
x-content-type-options: nosniff
age: 569822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33804
x-xss-protection: 0
last-modified: Wed, 26 Jun 2024 16:04:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Sep 2025 02:17:14 GMT

GET
H2 200 rax8HiqOu8IVPmn7e4xpPDk.woff2
fonts.gstatic.com/s/bitter/v36/ 21 KB
21 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v36/rax8HiqOu8IVPmn7e4xpPDk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bitter:ital,wght@0,100..900;1,100..900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ea93773c9eb43a6008aa3ef88238a29daba7d6f8c8ffc0ee21b55b1c052ea04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://level-user.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 15:25:29 GMT
x-content-type-options: nosniff
age: 436127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21100
x-xss-protection: 0
last-modified: Wed, 26 Jun 2024 16:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Sep 2025 15:25:29 GMT

GET
H3 200 favicon.26242483.ico
level-user.site/ 22 KB
22 KB 174ms
174ms Other
image/x-icon 2606:4700:3035::ac43:cb90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://level-user.site/favicon.26242483.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:cb90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72779565c6347b11c44d5c0dcd50e6e6d6b26ebe504ee189669ccf730c244a2c

Request headers

Referer: https://level-user.site/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:34:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Aug 2024 20:37:29 GMT
server: cloudflare
etag: W/"66c8f309-5680"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/x-icon
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cvvOK3J6Y%2FhA3a%2Bl2OrRJRWcNCDfNRnXD0JZf%2FoB0WAt2VSYUZcsTAQjsu1Z%2B%2FKXFA7mim%2F1u%2Filr8%2FLi4fJXLHLO9%2FQBJUlKBIWbjohHZelstUYQ9qS8IN%2BqnENxOB8b8Vc2DP1NFfnW0xb1ME%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8c214dd6fed3368c-FRA
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| parcelRequire

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
level-user.site
2606:4700:3035::ac43:cb90
2a00:1450:4001:81c::2003
2a00:1450:4001:828::200a
0c74841784c0d9717720b3a372c904a5e9d018a1cf13f17fb71344955b6e62d4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26e99cff28a4fdbc6da0a1c88e050918187f60be8e689b784e3e3af7a5a3207c
2dd5cfcee944f119f4f070f7b22976223b4e51cc0bbce49b29d1cc0a455c04f5
460f891d6c6fbb3b6bb55179707a1d58882205ac665f430c3ee9c07a8e59ea66
4b1665e84219dd9adfe57606154bb20f4308d481a23608c0cc2265da3318b093
6c9f30a7b2a926c784cbdfa76d5794af079f068d4f70c4050d8e71e6d0a2f24a
710837bbd0f471356c5ea8fa53770a38ad6e4ccb135168c90fdbc0f33aef0ad3
72779565c6347b11c44d5c0dcd50e6e6d6b26ebe504ee189669ccf730c244a2c
7ea93773c9eb43a6008aa3ef88238a29daba7d6f8c8ffc0ee21b55b1c052ea04
952e32dc1bd95b15a8e5b32c30df2284c207f02c1032f5232b010906d14686a9
972f03589ee8d9efabfad8e5627e8aac2613b07c4788139ce0d8c98f5d10adb3
afcfc30a7c97da0445da0b1962c0d454acab67e18e177ede10eb9ed732f8e74a

level-user.site Open in urlscan Pro 2606:4700:3035::ac43:cb90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

180 kBTransfer

517 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

level-user.site Open in urlscan Pro
2606:4700:3035::ac43:cb90 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

180 kB
Transfer

517 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions