urlscan.io logo urlscan.io
SecurityTrails logo

st1-a.clients.primeflow.io Open in urlscan Pro
35.189.207.31  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://st1-a.clients.primeflow.io/
Effective URL: https://st1-a.clients.primeflow.io/sv/
Submission: On March 25 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 35.189.207.31, located in Brussels, Belgium and belongs to GOOGLE, US. The main domain is st1-a.clients.primeflow.io.
TLS certificate: Issued by R3 on March 25th 2022. Valid for: 3 months.
This is the only time st1-a.clients.primeflow.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 35.189.207.31 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 52.218.97.218 16509 (AMAZON-02)
9 3
Apex Domain
Subdomains		 Transfer
4 amazonaws.com
s3-eu-west-1.amazonaws.com
319 KB
4 primeflow.io
st1-a.clients.primeflow.io
6 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
9 3
Domain Requested by
4 s3-eu-west-1.amazonaws.com st1-a.clients.primeflow.io
4 st1-a.clients.primeflow.io 1 redirects s3-eu-west-1.amazonaws.com
2 fonts.googleapis.com st1-a.clients.primeflow.io
9 3

This site contains no links.

Subject Issuer Validity Valid
st1-a.clients.primeflow.io
R3		 2022-03-25 -
2022-06-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon		 2021-12-17 -
2022-12-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://st1-a.clients.primeflow.io/sv/
Frame ID: 031993EBA872B3AD2AD0E77BB032401D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

start |

Page URL History Show full URLs

  1. https://st1-a.clients.primeflow.io/ HTTP 302
    https://st1-a.clients.primeflow.io/sv/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

9
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

327 kB
Transfer

1501 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://st1-a.clients.primeflow.io/ HTTP 302
    https://st1-a.clients.primeflow.io/sv/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
st1-a.clients.primeflow.io/sv/
Redirect Chain
  • https://st1-a.clients.primeflow.io/
  • https://st1-a.clients.primeflow.io/sv/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://st1-a.clients.primeflow.io/sv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.189.207.31 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
31.207.189.35.bc.googleusercontent.com
Software
nginx/1.15.2 /
Resource Hash
604e2eb88d09b699789a52953283dd56f4c3dc086ce87588c0e9db48e78dc3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.15.2
date
Fri, 25 Mar 2022 09:03:17 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Cookie
content-language
sv
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15724800
content-encoding
gzip

Redirect headers

server
nginx/1.15.2
date
Fri, 25 Mar 2022 09:03:17 GMT
content-type
text/html; charset=utf-8
content-length
0
location
/sv/
x-frame-options
SAMEORIGIN
vary
Cookie
strict-transport-security
max-age=15724800
css
fonts.googleapis.com/ 		26 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,200,200italic,300,300italic,400italic,600,600italic,700,700italic,900,900italic
Requested by
Host: st1-a.clients.primeflow.io
URL: https://st1-a.clients.primeflow.io/sv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c80083bb7293d3d030a9dce409b78e6ccd9abbb2354d94cd1786959fa8aedc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st1-a.clients.primeflow.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 08:45:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Mar 2022 09:03:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Mar 2022 09:03:17 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,300,700
Requested by
Host: st1-a.clients.primeflow.io
URL: https://st1-a.clients.primeflow.io/sv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
932fb1ec913f2d1071db9656b9bc7e8c4fc150d7d8b48d8b4b66c3d82a2e020e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st1-a.clients.primeflow.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 07:27:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Mar 2022 09:03:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Mar 2022 09:03:17 GMT
vendor-e64cf037-e67b-4a21-88cf-9dde266ed0eb.css
s3-eu-west-1.amazonaws.com/cache.st1.smartflow.cc/static/theme/build/ 		94 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-eu-west-1.amazonaws.com/cache.st1.smartflow.cc/static/theme/build/vendor-e64cf037-e67b-4a21-88cf-9dde266ed0eb.css
Requested by
Host: st1-a.clients.primeflow.io
URL: https://st1-a.clients.primeflow.io/sv/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.97.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e18142902aef034273dfb2183c8080e43edcabeee57c4d68c22783a0ce6b1c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st1-a.clients.primeflow.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 25 Mar 2022 09:03:19 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Mar 2022 10:00:13 GMT
Server
AmazonS3
x-amz-request-id
A99CMD8BP0VE1JZ8
ETag
"744443ac3e976b0b06c8c813c0fcc992"
Content-Type
text/css
Cache-Control
public, max-age=1209600
Accept-Ranges
bytes
Content-Length
14279
x-amz-id-2
gyMYmf/KJf5UwH1w8t3LKy6wVivJOuri0QrSUW6qy5ZbOxGqg77ojmwnARYc53CiJWUdpBIFgnU=
app-765958b5-5098-449a-bec3-5f1ae8c277ec.css
s3-eu-west-1.amazonaws.com/cache.st1.smartflow.cc/static/theme/build/ 		233 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-eu-west-1.amazonaws.com/cache.st1.smartflow.cc/static/theme/build/app-765958b5-5098-449a-bec3-5f1ae8c277ec.css
Requested by
Host: st1-a.clients.primeflow.io
URL: https://st1-a.clients.primeflow.io/sv/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.97.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6e6f0fb370324f700a46c6e7a74c61b9f512f57758a64f1fe6b5e6873a69533c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st1-a.clients.primeflow.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 25 Mar 2022 09:03:19 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Mar 2022 10:00:12 GMT
Server
AmazonS3
x-amz-request-id
A990G87GEZX85PY1
ETag
"23b55bf491c72442b4d154fc206f76a1"
Content-Type
text/css
Cache-Control
public, max-age=1209600
Accept-Ranges
bytes
Content-Length
38121
x-amz-id-2
P2Xi7wA3xMacuA+xLLCYoTUR4zsXaYgZAaiGlQQyVhnLUkIHj6bYIQuwURXJ/FEwdXWxtKXGkZA=
vendor-45363fdd-803b-4fd0-9755-862c0c437596.js
s3-eu-west-1.amazonaws.com/cache.st1.smartflow.cc/static/theme/build/ 		1 MB
260 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-eu-west-1.amazonaws.com/cache.st1.smartflow.cc/static/theme/build/vendor-45363fdd-803b-4fd0-9755-862c0c437596.js
Requested by
Host: st1-a.clients.primeflow.io
URL: https://st1-a.clients.primeflow.io/sv/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.97.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
54ad3875c59048fd7edbfa796836b3267705d8b06d67eadb9442f21fefe0d748

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st1-a.clients.primeflow.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 25 Mar 2022 09:03:19 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Mar 2022 10:00:12 GMT
Server
AmazonS3
x-amz-request-id
A99D8CW7WQ334G97
ETag
"60289b162c2b325e996eebd926369396"
Content-Type
application/javascript
Cache-Control
public, max-age=1209600
Accept-Ranges
bytes
Content-Length
265292
x-amz-id-2
NvBp9+qQogFup2BUf7R6jzSn9XjQe8cLK/jSya3P5PRMA0rk75IAhG5POkS3KXIOcKdFtqo+M+U=
app-a8040966-e1a4-405d-a573-c6d1c08e0ad6.js
s3-eu-west-1.amazonaws.com/cache.st1.smartflow.cc/static/theme/build/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-eu-west-1.amazonaws.com/cache.st1.smartflow.cc/static/theme/build/app-a8040966-e1a4-405d-a573-c6d1c08e0ad6.js
Requested by
Host: st1-a.clients.primeflow.io
URL: https://st1-a.clients.primeflow.io/sv/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.97.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
bd16864bf2e947d6befe21985483569b0deb0d812c71f514ab7a77d0e1fe4038

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st1-a.clients.primeflow.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 25 Mar 2022 09:03:19 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Mar 2022 10:00:12 GMT
Server
AmazonS3
x-amz-request-id
A993YMY9E91P2860
ETag
"028ba62792ffeacc023486ac766f6f86"
Content-Type
application/javascript
Cache-Control
public, max-age=1209600
Accept-Ranges
bytes
Content-Length
7373
x-amz-id-2
aYDxScSaVuGP89MRUqumvEayPJuC6uI5mxqEscc7GfSP8oYYWRslQdTrbcknP1SeQzK7MdlS+aI=
/
st1-a.clients.primeflow.io/api/v1/cart_preview/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://st1-a.clients.primeflow.io/api/v1/cart_preview/
Requested by
Host: s3-eu-west-1.amazonaws.com
URL: https://s3-eu-west-1.amazonaws.com/cache.st1.smartflow.cc/static/theme/build/vendor-45363fdd-803b-4fd0-9755-862c0c437596.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.189.207.31 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
31.207.189.35.bc.googleusercontent.com
Software
nginx/1.15.2 /
Resource Hash
efc531c210f29747b001b5b688a3c5237c152b480f0cbd670f5a21f11df58fa8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://st1-a.clients.primeflow.io/sv/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-CSRFToken
2o5HOcyZJtIhqjic6YYVBEKADFHjvrrbB8O2oDuEQMsVc99BjLp42hSf4PBMenxD

Response headers

date
Fri, 25 Mar 2022 09:03:18 GMT
content-encoding
gzip
vary
Accept-Encoding, Cookie
server
nginx/1.15.2
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15724800
content-type
text/html; charset=utf-8
/
st1-a.clients.primeflow.io/api/v1/manufacturers/pc/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://st1-a.clients.primeflow.io/api/v1/manufacturers/pc/
Requested by
Host: s3-eu-west-1.amazonaws.com
URL: https://s3-eu-west-1.amazonaws.com/cache.st1.smartflow.cc/static/theme/build/vendor-45363fdd-803b-4fd0-9755-862c0c437596.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.189.207.31 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
31.207.189.35.bc.googleusercontent.com
Software
nginx/1.15.2 /
Resource Hash
590058dbaeab1d09f44ec0f4cdd895dd269063c711880a73df2e933868f43983
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://st1-a.clients.primeflow.io/sv/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-CSRFToken
2o5HOcyZJtIhqjic6YYVBEKADFHjvrrbB8O2oDuEQMsVc99BjLp42hSf4PBMenxD

Response headers

date
Fri, 25 Mar 2022 09:03:18 GMT
content-encoding
gzip
vary
Accept-Encoding, Cookie
server
nginx/1.15.2
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15724800
content-type
text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| dataLayer function| $ function| jQuery boolean| mCustomScrollbar object| angular object| jsSocials number| touchTrigger string| sf_catalog_url number| sf_current_page string| sf_add_to_cart string| sf_price_url

1 Cookies

Domain/Path Name / Value
st1-a.clients.primeflow.io/ Name: csrftoken
Value: 2o5HOcyZJtIhqjic6YYVBEKADFHjvrrbB8O2oDuEQMsVc99BjLp42hSf4PBMenxD

2 Console Messages

Source Level URL
Text
network error URL: https://st1-a.clients.primeflow.io/api/v1/manufacturers/pc/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://st1-a.clients.primeflow.io/api/v1/cart_preview/
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800
X-Frame-Options SAMEORIGIN