urlscan.io logo urlscan.io
SecurityTrails logo

www.totalflow.store Open in urlscan Pro
3.13.177.195  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.totalflow.store/
Effective URL: https://www.totalflow.store/storeclosed
Submission: On June 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 3.13.177.195, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is www.totalflow.store.
TLS certificate: Issued by R3 on June 6th 2024. Valid for: 3 months.
This is the only time www.totalflow.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 3.13.177.195 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 172.67.22.83 13335 (CLOUDFLAR...)
1 18.173.205.121 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.173.205.2 16509 (AMAZON-02)
19 7
12    3.13.177.195 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-177-195.us-east-2.compute.amazonaws.com
www.totalflow.store
1    2600:9000:2251:3c00:f:6dc5:9bc8:f821 (United States)

ASN16509 (AMAZON-02, US)
d0.awsstatic.com
2    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    172.67.22.83 (United States)

ASN13335 (CLOUDFLARENET, US)
apps.elfsight.com
static.elfsight.com
1    18.173.205.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-121.fra56.r.cloudfront.net
js.stripe.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.173.205.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-2.fra56.r.cloudfront.net
js.stripe.com
Apex Domain
Subdomains		 Transfer
12 totalflow.store
www.totalflow.store
387 KB
2 gstatic.com
fonts.gstatic.com
67 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1556
150 KB
2 elfsight.com
apps.elfsight.com — Cisco Umbrella Rank: 21706
static.elfsight.com — Cisco Umbrella Rank: 14970
17 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
1 KB
1 awsstatic.com
d0.awsstatic.com — Cisco Umbrella Rank: 215414
4 KB
19 6
Domain Requested by
12 www.totalflow.store 1 redirects www.totalflow.store
2 fonts.gstatic.com fonts.googleapis.com
2 js.stripe.com www.totalflow.store
js.stripe.com
2 fonts.googleapis.com www.totalflow.store
1 static.elfsight.com www.totalflow.store
1 apps.elfsight.com 1 redirects
1 d0.awsstatic.com www.totalflow.store
19 7

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.youtube.com
www.pinterest.com
www.instagram.com
Subject Issuer Validity Valid
www.totalflowusa.com
R3		 2024-06-06 -
2024-09-04		 3 months crt.sh
d0.awsstatic.com
Amazon RSA 2048 M03		 2024-04-05 -
2025-05-04		 a year crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-05-22 -
2024-08-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.totalflow.store/storeclosed
Frame ID: A8308C74CBEB46A8332A666D1040CC0A
Requests: 18 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 375741A2904CF6681B00BB6C73C90AF5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Store closed|

Page URL History Show full URLs

  1. https://www.totalflow.store/ HTTP 302
    https://www.totalflow.store/storeclosed Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

626 kB
Transfer

1796 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.totalflow.store/ HTTP 302
    https://www.totalflow.store/storeclosed Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://apps.elfsight.com/p/platform.js HTTP 301
  • https://static.elfsight.com/platform/platform.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request storeclosed
www.totalflow.store/
Redirect Chain
  • https://www.totalflow.store/
  • https://www.totalflow.store/storeclosed
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
82a8261f8fbd98f6ade0f2b7971e753e6fc45391143480aa90f3c99b877b8494
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
content-encoding
br
content-language
en-US
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Tue, 18 Jun 2024 06:20:16 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
pragma
no-cache
referrer-policy
same-origin
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-miniprofiler-ids
["0863786f-a0da-46c3-a3f3-5b578822876a"]
x-xss-protection
1; mode=block

Redirect headers

content-language
en-US
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
date
Tue, 18 Jun 2024 06:20:16 GMT
location
/storeclosed
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
referrer-policy
same-origin
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-miniprofiler-ids
["c1de620a-3d18-4fe9-9f36-f9d056fe5a3b"]
x-xss-protection
1; mode=block
venture-font.woff
www.totalflow.store/Themes/Venture/Content/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.store/Themes/Venture/Content/fonts/venture-font.woff
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
433e3ab4d1d2d75ac304c6074d3e712c791a1a1bea07d2eea0c58d62a7434eee
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.totalflow.store/storeclosed
Origin
https://www.totalflow.store
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 23 Feb 2023 15:00:21 GMT
server
Microsoft-IIS/10.0
date
Tue, 18 Jun 2024 06:20:16 GMT
etag
"1d947978cae1968"
x-frame-options
SAMEORIGIN
content-type
application/font-woff
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
10728
x-xss-protection
1; mode=block
w21zeuhfvwzjeypxzcbmbq.styles.css
www.totalflow.store/css/ 		262 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.store/css/w21zeuhfvwzjeypxzcbmbq.styles.css?v=VgSdKFT_NMLt4PnUbBgymJRgyVw
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
9cdfca5aa57e35bf729983ef75669bad136cfd744f2ba578e7e658675c70982e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.totalflow.store/storeclosed
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
last-modified
Wed, 27 Dec 2023 04:04:52 GMT
server
Microsoft-IIS/10.0
date
Tue, 18 Jun 2024 06:20:16 GMT
referrer-policy
same-origin
etag
"VgSdKFT_NMLt4PnUbBgymJRgyVw"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000,immutable
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
x-xss-protection
1; mode=block
0016817_TOTALFLOW.jpeg.webp
www.totalflow.store/images/thumbs/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totalflow.store/images/thumbs/0016817_TOTALFLOW.jpeg.webp
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
2967640d9a0c660b8839630a74287f061ad1c681f5a78d8c3916287ef148ff3c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.totalflow.store/storeclosed
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 21 May 2023 07:53:44 GMT
server
Microsoft-IIS/10.0
date
Tue, 18 Jun 2024 06:20:16 GMT
etag
"1d98bb95d9e8760"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
45920
x-xss-protection
1; mode=block
VMAD.png.webp
www.totalflow.store/images/uploaded/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totalflow.store/images/uploaded/VMAD.png.webp
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
aae65f38e6f32d400fc3be3e7052207d773287da40a134b107ba7c0102c13fc7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.totalflow.store/storeclosed
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 16 Dec 2022 12:52:53 GMT
server
Microsoft-IIS/10.0
date
Tue, 18 Jun 2024 06:20:16 GMT
etag
"1d9114d4f9d142a"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
21674
x-xss-protection
1; mode=block
USAF.png.webp
www.totalflow.store/images/uploaded/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totalflow.store/images/uploaded/USAF.png.webp
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
3d87fef583d2017cf9a8bac133fabe517fcf1897bbf09a2b9a23af245fc06db5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.totalflow.store/storeclosed
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 16 Dec 2022 12:52:52 GMT
server
Microsoft-IIS/10.0
date
Tue, 18 Jun 2024 06:20:16 GMT
etag
"1d9114d4f04a6e6"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
3302
x-xss-protection
1; mode=block
powered-by-aws-white.png
d0.awsstatic.com/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d0.awsstatic.com/logos/powered-by-aws-white.png
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:3c00:f:6dc5:9bc8:f821 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
764532442dcbaa3b49cf400314d8d82697802c2a4d7caefee845be91a2ec9c5c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1
84e327ff56180cce3616c360143e2d92910f6296
x-amz-version-id
_5mTEAvqnxUyCxF3OphbWiYO._y73K8H
date
Mon, 17 Jun 2024 08:01:38 GMT
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
80327
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
3151
last-modified
Tue, 03 Oct 2017 21:31:58 GMT
server
AmazonS3
etag
"96c7fe68f885c20c1a868b40f7d9dc16"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
L0k7PIn__xUPqkhyYmt8v9i-H5jgsoH0_xBs3LSKDTeNZH58-haXsw==
css
fonts.googleapis.com/ 		1 KB
574 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fjalla+One&subset=latin-ext&display=swap
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f13234dabd5e0c1168d32682fd179b8e279d1f4a660afd642406d4ffd80bf772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jun 2024 06:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jun 2024 06:20:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jun 2024 06:20:17 GMT
css
fonts.googleapis.com/ 		761 B
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&subset=latin-ext&display=swap
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jun 2024 06:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jun 2024 06:20:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jun 2024 06:20:17 GMT
platform.js
static.elfsight.com/platform/
Redirect Chain
  • https://apps.elfsight.com/p/platform.js
  • https://static.elfsight.com/platform/platform.js
48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.elfsight.com/platform/platform.js
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H3
Server
172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec24a06e2e9c6dbe79ac537c1c0906c2896eb331ebe94fc3077075d78dc5a6f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 18 Jun 2024 06:20:17 GMT
strict-transport-security
max-age=0
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000002a63ac2e41ebfe12-006667e1f3-5ad5d8b6-sfo2a
age
1542
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 11 Jun 2024 05:32:12 GMT
server
cloudflare
etag
W/"9cb6cdfa853ae05f7abcff41c1cfd0af"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type
Normal
cache-control
max-age=3600
cf-ray
89592c2faaf468f7-FRA

Redirect headers

date
Tue, 18 Jun 2024 06:20:17 GMT
strict-transport-security
max-age=0
server
cloudflare
vary
Accept-Encoding
content-type
text/html
location
https://static.elfsight.com/platform/platform.js
cache-control
max-age=3600
cf-ray
89592c2f6ac268f7-FRA
alt-svc
h3=":443"; ma=86400
content-length
167
expires
Tue, 18 Jun 2024 07:20:17 GMT
9zoylgbnvryeyexla2bcdq.scripts.js
www.totalflow.store/js/ 		699 KB
238 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.store/js/9zoylgbnvryeyexla2bcdq.scripts.js?v=Y8QzlKuW5rXtIgOdftkbkylpPNI
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5c30d452186df974e78130458a151d9afa07b5c5742dcdf482600d476c68fa3e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.totalflow.store/storeclosed
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
last-modified
Thu, 12 Oct 2023 17:07:24 GMT
server
Microsoft-IIS/10.0
date
Tue, 18 Jun 2024 06:20:16 GMT
referrer-policy
same-origin
etag
"Y8QzlKuW5rXtIgOdftkbkylpPNI"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000,immutable
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
x-xss-protection
1; mode=block
jquery.maskedinput.min.js
www.totalflow.store/Plugins/FoxNetSoft.PhoneNumberMask/Scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.store/Plugins/FoxNetSoft.PhoneNumberMask/Scripts/jquery.maskedinput.min.js?v=ZII3BQj_S3l2y0b1pFtX7GAGW3U
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
828007f4e370135715804211afc57dd58f3bbf12b68a9444b10c0ee2911c2b19
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.totalflow.store/storeclosed
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
last-modified
Fri, 28 Apr 2017 11:58:11 GMT
server
Microsoft-IIS/10.0
date
Tue, 18 Jun 2024 06:20:16 GMT
referrer-policy
same-origin
etag
"ZII3BQj_S3l2y0b1pFtX7GAGW3U"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000,immutable
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
x-xss-protection
1; mode=block
/
js.stripe.com/v3/ 		613 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-121.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a9db1708eeafe67ede4dcce34d04fff61925d40ccc393a3084de6b2fa885981b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:20:17 GMT
content-encoding
br
via
1.1 b12498b20eb99a0be9023f965d5b2f90.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
37
x-amz-cf-pop
FRA56-P12
x-cache
Hit from cloudfront
last-modified
Mon, 17 Jun 2024 20:41:25 GMT
server
Cloudfront
etag
W/"f41aaa63cb6f9d7a11f89371427b4049"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
1CQI7Jur-oZUeU0VO22P6cDm-JCLkjOn87fBwljCnUHa7CgkwnX-cA==
search-button.svg
www.totalflow.store/Themes/Venture/Content/img/ 		949 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totalflow.store/Themes/Venture/Content/img/search-button.svg
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/css/w21zeuhfvwzjeypxzcbmbq.styles.css?v=VgSdKFT_NMLt4PnUbBgymJRgyVw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
6a783653a713b82df0c46e0735d1651b57c9d80305e2d1fe1abebc2e8a50fe2f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.totalflow.store/css/w21zeuhfvwzjeypxzcbmbq.styles.css?v=VgSdKFT_NMLt4PnUbBgymJRgyVw
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 23 Feb 2023 15:00:21 GMT
server
Microsoft-IIS/10.0
date
Tue, 18 Jun 2024 06:20:17 GMT
etag
"1d947978cae3335"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
949
x-xss-protection
1; mode=block
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.totalflow.store
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 13:54:42 GMT
x-content-type-options
nosniff
age
404735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 13:54:42 GMT
subscribe-button.svg
www.totalflow.store/Themes/Venture/Content/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totalflow.store/Themes/Venture/Content/img/subscribe-button.svg
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/css/w21zeuhfvwzjeypxzcbmbq.styles.css?v=VgSdKFT_NMLt4PnUbBgymJRgyVw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
a4d846ea764e2d8ef79342ddd4b2c353b07307c6f448dd1f76d9057b5c390c54
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.totalflow.store/css/w21zeuhfvwzjeypxzcbmbq.styles.css?v=VgSdKFT_NMLt4PnUbBgymJRgyVw
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 23 Feb 2023 15:00:21 GMT
server
Microsoft-IIS/10.0
date
Tue, 18 Jun 2024 06:20:17 GMT
etag
"1d947978cae342a"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
1194
x-xss-protection
1; mode=block
Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v15/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjalla+One&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.totalflow.store
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 08:18:30 GMT
x-content-type-options
nosniff
age
597707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44584
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 20:46:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 08:18:30 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 3757 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-2.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
163
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 18 Jun 2024 06:17:35 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Thu, 30 May 2024 20:04:59 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 8a7cd2920ac4cbceb2a8f9a130562a4c.cloudfront.net (CloudFront)
x-amz-cf-id
5UF3CCDu-fuHfZbGxa50FPQnh0gSAfxo4Ee8qayQ8NJdxv8SoA2q2g==
x-amz-cf-pop
FRA56-P12
x-cache
Hit from cloudfront
x-content-type-options
nosniff
favicon.ico
www.totalflow.store/icons/icons_0/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.store/icons/icons_0/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5c75565675be05493e398afd032b5674098e0873b435e4218607f0d1127acb1f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.totalflow.store/storeclosed
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 21 May 2023 06:44:22 GMT
server
Microsoft-IIS/10.0
date
Tue, 18 Jun 2024 06:20:18 GMT
etag
"1d98bafacdf637e"
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
1150
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| OpenWindow function| setLocation function| displayAjaxLoading function| displayPopupNotification function| displayJoinedPopupNotifications function| displayPopupContentFromUrl function| displayBarNotification function| htmlEncode function| htmlDecode function| addAntiForgeryToken object| AjaxCart function| createCombinationsBehavior object| cookieHelper function| $ function| jQuery object| kendo object| sevenSpikesCore object| CatalogProducts object| nopAjaxCart object| sevenSpikesThemeModules function| sevenSpikesTheme object| webpackChunkStripeJSouter function| noop function| Stripe boolean| fns_customertracking_eventwassent function| fnssavecustomertracking object| localized_data function| newsletter_subscribe function| fnsPhoneNumberMask object| __core-js_shared__ object| core object| eapps

6 Cookies

Domain/Path Name / Value
www.totalflow.store/ Name: .Nop.Customer
Value: c52bb163-6981-45a0-8626-e550f92651ae
www.totalflow.store/ Name: .Nop.Culture
Value: c%3Den-US%7Cuic%3Den-US
www.totalflow.store/ Name: .Nop.Antiforgery
Value: CfDJ8PcmSdZ5Yv5GjW0jTN4jNASOKoTkKD0jMjG7kFjFMti7KdAsbP9KQap_8mxANj9esuakzhvrpRWskfTmXJWQoAwg8nPz6grzXtTLH_ZSqgdGhuWFg-k2lInQaeRyGB-22P9Aq-CT4GW0j7wuIsLd1K0
m.stripe.com/ Name: m
Value: 4163fb69-c8e2-4268-b5d6-71f4b848deb973e895
.www.totalflow.store/ Name: __stripe_mid
Value: 67dce61e-c713-4cbe-8a22-54a331d28b62a7d5c3
.www.totalflow.store/ Name: __stripe_sid
Value: 0220c1c2-e1d6-4156-bb88-32a2eb71f981d0acda

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.elfsight.com
d0.awsstatic.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
static.elfsight.com
www.totalflow.store
172.67.22.83
18.173.205.121
18.173.205.2
2600:9000:2251:3c00:f:6dc5:9bc8:f821
2a00:1450:4001:812::2003
2a00:1450:4001:81d::200a
3.13.177.195
2967640d9a0c660b8839630a74287f061ad1c681f5a78d8c3916287ef148ff3c
3d87fef583d2017cf9a8bac133fabe517fcf1897bbf09a2b9a23af245fc06db5
433e3ab4d1d2d75ac304c6074d3e712c791a1a1bea07d2eea0c58d62a7434eee
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
5c30d452186df974e78130458a151d9afa07b5c5742dcdf482600d476c68fa3e
5c75565675be05493e398afd032b5674098e0873b435e4218607f0d1127acb1f
6a783653a713b82df0c46e0735d1651b57c9d80305e2d1fe1abebc2e8a50fe2f
764532442dcbaa3b49cf400314d8d82697802c2a4d7caefee845be91a2ec9c5c
828007f4e370135715804211afc57dd58f3bbf12b68a9444b10c0ee2911c2b19
82a8261f8fbd98f6ade0f2b7971e753e6fc45391143480aa90f3c99b877b8494
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1
9cdfca5aa57e35bf729983ef75669bad136cfd744f2ba578e7e658675c70982e
a4d846ea764e2d8ef79342ddd4b2c353b07307c6f448dd1f76d9057b5c390c54
a9db1708eeafe67ede4dcce34d04fff61925d40ccc393a3084de6b2fa885981b
aae65f38e6f32d400fc3be3e7052207d773287da40a134b107ba7c0102c13fc7
cec24a06e2e9c6dbe79ac537c1c0906c2896eb331ebe94fc3077075d78dc5a6f
f13234dabd5e0c1168d32682fd179b8e279d1f4a660afd642406d4ffd80bf772