urlscan.io logo urlscan.io
SecurityTrails logo

www.totalflow.store Open in urlscan Pro
3.13.177.195  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.totalflow.store/
Effective URL: https://www.totalflow.store/storeclosed
Submission: On May 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 19 HTTP transactions. The main IP is 3.13.177.195, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is www.totalflow.store.
TLS certificate: Issued by R3 on May 10th 2024. Valid for: 3 months.
This is the only time www.totalflow.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 3.13.177.195 16509 (AMAZON-02)
1 2600:9000:244... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 172.67.22.83 13335 (CLOUDFLAR...)
1 18.65.39.29 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.65.39.65 16509 (AMAZON-02)
19 7
12    3.13.177.195 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-177-195.us-east-2.compute.amazonaws.com
www.totalflow.store
www.totalflow.shop
1    2600:9000:2449:b800:f:6dc5:9bc8:f821 (United States)

ASN16509 (AMAZON-02, US)
d0.awsstatic.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    172.67.22.83 (United States)

ASN13335 (CLOUDFLARENET, US)
apps.elfsight.com
static.elfsight.com
1    18.65.39.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-29.ams1.r.cloudfront.net
js.stripe.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.65.39.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-65.ams1.r.cloudfront.net
js.stripe.com
Apex Domain
Subdomains		 Transfer
11 totalflow.store
www.totalflow.store
342 KB
2 gstatic.com
fonts.gstatic.com
67 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1088
148 KB
2 elfsight.com
apps.elfsight.com — Cisco Umbrella Rank: 19260
static.elfsight.com — Cisco Umbrella Rank: 14073
17 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
1 awsstatic.com
d0.awsstatic.com — Cisco Umbrella Rank: 212587
4 KB
1 totalflow.shop
www.totalflow.shop
4 KB
19 7
Domain Requested by
11 www.totalflow.store 1 redirects www.totalflow.store
2 fonts.gstatic.com fonts.googleapis.com
2 js.stripe.com www.totalflow.store
js.stripe.com
2 fonts.googleapis.com www.totalflow.store
1 static.elfsight.com www.totalflow.store
1 apps.elfsight.com 1 redirects
1 d0.awsstatic.com www.totalflow.store
1 www.totalflow.shop www.totalflow.store
19 8

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.youtube.com
www.pinterest.com
www.instagram.com
Subject Issuer Validity Valid
www.totalflowusa.com
R3		 2024-05-10 -
2024-08-08		 3 months crt.sh
d0.awsstatic.com
Amazon RSA 2048 M03		 2024-04-05 -
2025-05-04		 a year crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-03-27 -
2024-06-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.totalflow.store/storeclosed
Frame ID: 264D8244238DAB63A2C4927B17C412F4
Requests: 18 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 7BC0F3CD2C75224516CF54903FE6B930
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Store closed|

Page URL History Show full URLs

  1. https://www.totalflow.store/ HTTP 302
    https://www.totalflow.store/storeclosed Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

43 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

581 kB
Transfer

1746 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.totalflow.store/ HTTP 302
    https://www.totalflow.store/storeclosed Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://apps.elfsight.com/p/platform.js HTTP 301
  • https://static.elfsight.com/platform/platform.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request storeclosed
www.totalflow.store/
Redirect Chain
  • https://www.totalflow.store/
  • https://www.totalflow.store/storeclosed
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
82af67894d696b1fbcaff90e24f03071513f1a7e694062602c3da38fc115b191
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
content-encoding
br
content-language
en-US
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Fri, 24 May 2024 08:21:40 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
pragma
no-cache
referrer-policy
same-origin
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-miniprofiler-ids
["6fefb418-95eb-449e-98f9-c0a6fbf12e81"]
x-xss-protection
1; mode=block

Redirect headers

content-language
en-US
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
date
Fri, 24 May 2024 08:21:40 GMT
location
/storeclosed
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
referrer-policy
same-origin
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-miniprofiler-ids
["7ea37531-b957-4930-8d16-0c172f6f7054"]
x-xss-protection
1; mode=block
venture-font.woff
www.totalflow.store/Themes/Venture/Content/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.store/Themes/Venture/Content/fonts/venture-font.woff
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
433e3ab4d1d2d75ac304c6074d3e712c791a1a1bea07d2eea0c58d62a7434eee
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.totalflow.store/storeclosed
Origin
https://www.totalflow.store
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 23 Feb 2023 15:00:21 GMT
server
Microsoft-IIS/10.0
date
Fri, 24 May 2024 08:21:40 GMT
etag
"1d947978cae1968"
x-frame-options
SAMEORIGIN
content-type
application/font-woff
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
10728
x-xss-protection
1; mode=block
w21zeuhfvwzjeypxzcbmbq.styles.css
www.totalflow.store/css/ 		262 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.store/css/w21zeuhfvwzjeypxzcbmbq.styles.css?v=VgSdKFT_NMLt4PnUbBgymJRgyVw
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
9cdfca5aa57e35bf729983ef75669bad136cfd744f2ba578e7e658675c70982e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.totalflow.store/storeclosed
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
last-modified
Wed, 27 Dec 2023 04:04:52 GMT
server
Microsoft-IIS/10.0
date
Fri, 24 May 2024 08:21:40 GMT
referrer-policy
same-origin
etag
"VgSdKFT_NMLt4PnUbBgymJRgyVw"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000,immutable
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
x-xss-protection
1; mode=block
0016817_TOTALFLOW.jpeg
www.totalflow.shop/images/thumbs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totalflow.shop/images/thumbs/0016817_TOTALFLOW.jpeg
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
39f79be37387dadf2af10e7e930108447a4d407ae3f6362a92670303888a36d8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
server
Microsoft-IIS/10.0
date
Fri, 24 May 2024 08:21:40 GMT
x-frame-options
SAMEORIGIN
content-type
image/avif
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
content-length
3553
x-xss-protection
1; mode=block
VMAD.png.webp
www.totalflow.store/images/uploaded/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totalflow.store/images/uploaded/VMAD.png.webp
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
aae65f38e6f32d400fc3be3e7052207d773287da40a134b107ba7c0102c13fc7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.totalflow.store/storeclosed
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 16 Dec 2022 12:52:53 GMT
server
Microsoft-IIS/10.0
date
Fri, 24 May 2024 08:21:40 GMT
etag
"1d9114d4f9d142a"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
21674
x-xss-protection
1; mode=block
USAF.png.webp
www.totalflow.store/images/uploaded/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totalflow.store/images/uploaded/USAF.png.webp
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
3d87fef583d2017cf9a8bac133fabe517fcf1897bbf09a2b9a23af245fc06db5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.totalflow.store/storeclosed
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 16 Dec 2022 12:52:52 GMT
server
Microsoft-IIS/10.0
date
Fri, 24 May 2024 08:21:40 GMT
etag
"1d9114d4f04a6e6"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
3302
x-xss-protection
1; mode=block
powered-by-aws-white.png
d0.awsstatic.com/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d0.awsstatic.com/logos/powered-by-aws-white.png
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:b800:f:6dc5:9bc8:f821 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
764532442dcbaa3b49cf400314d8d82697802c2a4d7caefee845be91a2ec9c5c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-sha1
84e327ff56180cce3616c360143e2d92910f6296
x-amz-version-id
_5mTEAvqnxUyCxF3OphbWiYO._y73K8H
date
Fri, 24 May 2024 06:42:31 GMT
via
1.1 435254ceec69c136096ca9b455fd3534.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
5952
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
3151
last-modified
Tue, 03 Oct 2017 21:31:58 GMT
server
AmazonS3
etag
"96c7fe68f885c20c1a868b40f7d9dc16"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
D8oaiRFFCdTJBCrmHjaJmIMCpAbQ8wk8pxSbmzdNCcauuHeZH-idMA==
css
fonts.googleapis.com/ 		1 KB
597 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fjalla+One&subset=latin-ext&display=swap
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f13234dabd5e0c1168d32682fd179b8e279d1f4a660afd642406d4ffd80bf772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 May 2024 08:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 May 2024 08:21:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 May 2024 08:21:40 GMT
css
fonts.googleapis.com/ 		761 B
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&subset=latin-ext&display=swap
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 May 2024 08:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 May 2024 07:40:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 May 2024 08:21:40 GMT
platform.js
static.elfsight.com/platform/
Redirect Chain
  • https://apps.elfsight.com/p/platform.js
  • https://static.elfsight.com/platform/platform.js
48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.elfsight.com/platform/platform.js
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H3
Server
172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb7a4c81cad32e268d69dab0797be43a729e94bf17884e2c33f5a4de1f4823c1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Fri, 24 May 2024 08:21:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx0000063f6382663e95bc2-00660d1c98-54a6894a-sfo2a
age
2039
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 13 Feb 2024 12:43:55 GMT
server
cloudflare
etag
W/"ea938560ae1a20790bf6327458b05878"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type
Normal
cache-control
max-age=3600
cf-ray
888bdfa36c7b8f33-FRA

Redirect headers

date
Fri, 24 May 2024 08:21:40 GMT
strict-transport-security
max-age=0
server
cloudflare
vary
Accept-Encoding
content-type
text/html
location
https://static.elfsight.com/platform/platform.js
cache-control
max-age=3600
cf-ray
888bdfa2fba48f33-FRA
alt-svc
h3=":443"; ma=86400
content-length
167
expires
Fri, 24 May 2024 09:21:40 GMT
9zoylgbnvryeyexla2bcdq.scripts.js
www.totalflow.store/js/ 		699 KB
238 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.store/js/9zoylgbnvryeyexla2bcdq.scripts.js?v=Y8QzlKuW5rXtIgOdftkbkylpPNI
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5c30d452186df974e78130458a151d9afa07b5c5742dcdf482600d476c68fa3e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.totalflow.store/storeclosed
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
last-modified
Thu, 12 Oct 2023 17:07:24 GMT
server
Microsoft-IIS/10.0
date
Fri, 24 May 2024 08:21:40 GMT
referrer-policy
same-origin
etag
"Y8QzlKuW5rXtIgOdftkbkylpPNI"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000,immutable
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
x-xss-protection
1; mode=block
jquery.maskedinput.min.js
www.totalflow.store/Plugins/FoxNetSoft.PhoneNumberMask/Scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.store/Plugins/FoxNetSoft.PhoneNumberMask/Scripts/jquery.maskedinput.min.js?v=ZII3BQj_S3l2y0b1pFtX7GAGW3U
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
828007f4e370135715804211afc57dd58f3bbf12b68a9444b10c0ee2911c2b19
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.totalflow.store/storeclosed
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
last-modified
Fri, 28 Apr 2017 11:58:11 GMT
server
Microsoft-IIS/10.0
date
Fri, 24 May 2024 08:21:40 GMT
referrer-policy
same-origin
etag
"ZII3BQj_S3l2y0b1pFtX7GAGW3U"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000,immutable
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
x-xss-protection
1; mode=block
/
js.stripe.com/v3/ 		604 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/storeclosed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-29.ams1.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f63932c42e4f1ca796503f3471c0237d013a7cfc0bb853f004444ddca9d2b2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 08:21:01 GMT
content-encoding
br
via
1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
45
x-amz-cf-pop
AMS1-P1
x-cache
Hit from cloudfront
last-modified
Thu, 23 May 2024 20:45:37 GMT
server
Cloudfront
etag
W/"eb2b556b3375ec7332975caba0c0bef1"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
qHCgvbAnaIIIM_pqfBbfcA21AmFi_4vgWCGi1B9Qp97IoMX-lvqPdA==
search-button.svg
www.totalflow.store/Themes/Venture/Content/img/ 		949 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totalflow.store/Themes/Venture/Content/img/search-button.svg
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/css/w21zeuhfvwzjeypxzcbmbq.styles.css?v=VgSdKFT_NMLt4PnUbBgymJRgyVw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
6a783653a713b82df0c46e0735d1651b57c9d80305e2d1fe1abebc2e8a50fe2f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.totalflow.store/css/w21zeuhfvwzjeypxzcbmbq.styles.css?v=VgSdKFT_NMLt4PnUbBgymJRgyVw
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 23 Feb 2023 15:00:21 GMT
server
Microsoft-IIS/10.0
date
Fri, 24 May 2024 08:21:40 GMT
etag
"1d947978cae3335"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
949
x-xss-protection
1; mode=block
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.totalflow.store
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 08:02:21 GMT
x-content-type-options
nosniff
age
260360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 08:02:21 GMT
subscribe-button.svg
www.totalflow.store/Themes/Venture/Content/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totalflow.store/Themes/Venture/Content/img/subscribe-button.svg
Requested by
Host: www.totalflow.store
URL: https://www.totalflow.store/css/w21zeuhfvwzjeypxzcbmbq.styles.css?v=VgSdKFT_NMLt4PnUbBgymJRgyVw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
a4d846ea764e2d8ef79342ddd4b2c353b07307c6f448dd1f76d9057b5c390c54
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.totalflow.store/css/w21zeuhfvwzjeypxzcbmbq.styles.css?v=VgSdKFT_NMLt4PnUbBgymJRgyVw
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 23 Feb 2023 15:00:21 GMT
server
Microsoft-IIS/10.0
date
Fri, 24 May 2024 08:21:40 GMT
etag
"1d947978cae342a"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
1194
x-xss-protection
1; mode=block
Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v15/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjalla+One&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.totalflow.store
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 08:18:26 GMT
x-content-type-options
nosniff
age
259395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44584
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 20:46:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 08:18:26 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 7BC0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-65.ams1.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
689
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 24 May 2024 08:10:15 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 17 May 2024 20:04:04 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c337a55bb25a3540411fbbf6c8ad1b46.cloudfront.net (CloudFront)
x-amz-cf-id
jGTCemVee_w4bnYfG0mX9B5SHQrF3jzRSBl8UpIm2StD9FyuB1YZ2A==
x-amz-cf-pop
AMS1-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
favicon.ico
www.totalflow.store/icons/icons_0/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.store/icons/icons_0/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5c75565675be05493e398afd032b5674098e0873b435e4218607f0d1127acb1f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.totalflow.store/storeclosed
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 21 May 2023 06:44:22 GMT
server
Microsoft-IIS/10.0
date
Fri, 24 May 2024 08:21:42 GMT
etag
"1d98bafacdf637e"
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
1150
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| OpenWindow function| setLocation function| displayAjaxLoading function| displayPopupNotification function| displayJoinedPopupNotifications function| displayPopupContentFromUrl function| displayBarNotification function| htmlEncode function| htmlDecode function| addAntiForgeryToken object| AjaxCart function| createCombinationsBehavior object| cookieHelper function| $ function| jQuery object| kendo object| sevenSpikesCore object| CatalogProducts object| nopAjaxCart object| sevenSpikesThemeModules function| sevenSpikesTheme object| webpackChunkStripeJSouter function| noop function| Stripe boolean| fns_customertracking_eventwassent function| fnssavecustomertracking object| localized_data function| newsletter_subscribe function| fnsPhoneNumberMask object| __core-js_shared__ object| core object| eapps

6 Cookies

Domain/Path Name / Value
www.totalflow.store/ Name: .Nop.Customer
Value: a69b2d0b-7fc5-482c-852f-e3d1c530c0aa
www.totalflow.store/ Name: .Nop.Culture
Value: c%3Den-US%7Cuic%3Den-US
www.totalflow.store/ Name: .Nop.Antiforgery
Value: CfDJ8PcmSdZ5Yv5GjW0jTN4jNASnDXbyM1AmM7WGFzml4BU08ikTG2z49gN9-qJXL_JeZPWEQbo4aP2fvWIrSrE0ESVSjHgOoMud0UFJwslWHeBpvN33bazFPA7P5-quzMoOZx_zV11djg1VigkXqX8gkfc
m.stripe.com/ Name: m
Value: 1cd3aef2-ca12-43c3-96d8-bd0b2ed7b0f319c66a
.www.totalflow.store/ Name: __stripe_mid
Value: 72413cd4-9695-4d95-b2b6-e30f510f45993b8c42
.www.totalflow.store/ Name: __stripe_sid
Value: 1d882a71-7261-4c5b-a35e-5979d0535c21504ff0

1 Console Messages

Source Level URL
Text
other warning URL: https://www.totalflow.store/storeclosed
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.elfsight.com
d0.awsstatic.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
static.elfsight.com
www.totalflow.shop
www.totalflow.store
172.67.22.83
18.65.39.29
18.65.39.65
2600:9000:2449:b800:f:6dc5:9bc8:f821
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200a
3.13.177.195
39f79be37387dadf2af10e7e930108447a4d407ae3f6362a92670303888a36d8
3d87fef583d2017cf9a8bac133fabe517fcf1897bbf09a2b9a23af245fc06db5
433e3ab4d1d2d75ac304c6074d3e712c791a1a1bea07d2eea0c58d62a7434eee
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
5c30d452186df974e78130458a151d9afa07b5c5742dcdf482600d476c68fa3e
5c75565675be05493e398afd032b5674098e0873b435e4218607f0d1127acb1f
6a783653a713b82df0c46e0735d1651b57c9d80305e2d1fe1abebc2e8a50fe2f
764532442dcbaa3b49cf400314d8d82697802c2a4d7caefee845be91a2ec9c5c
828007f4e370135715804211afc57dd58f3bbf12b68a9444b10c0ee2911c2b19
82af67894d696b1fbcaff90e24f03071513f1a7e694062602c3da38fc115b191
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1
9cdfca5aa57e35bf729983ef75669bad136cfd744f2ba578e7e658675c70982e
a4d846ea764e2d8ef79342ddd4b2c353b07307c6f448dd1f76d9057b5c390c54
aae65f38e6f32d400fc3be3e7052207d773287da40a134b107ba7c0102c13fc7
f13234dabd5e0c1168d32682fd179b8e279d1f4a660afd642406d4ffd80bf772
f63932c42e4f1ca796503f3471c0237d013a7cfc0bb853f004444ddca9d2b2f8
fb7a4c81cad32e268d69dab0797be43a729e94bf17884e2c33f5a4de1f4823c1