urlscan.io logo urlscan.io
SecurityTrails logo

livingflo.com Open in urlscan Pro
107.180.4.55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://auth.livingflo.com/
Effective URL: https://livingflo.com/
Submission: On October 07 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 19 HTTP transactions. The main IP is 107.180.4.55, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is livingflo.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 18th 2020. Valid for: a year.
This is the only time livingflo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 44.228.7.2 16509 (AMAZON-02)
8 107.180.4.55 26496 (AS-26496-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 152.199.21.2 15133 (EDGECAST)
5 35.243.158.225 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 7
1    44.228.7.2 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-7-2.us-west-2.compute.amazonaws.com
auth.livingflo.com
8    107.180.4.55 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-4-55.ip.secureserver.net
livingflo.com
1    2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    152.199.21.2 (United States)

ASN15133 (EDGECAST, US)
hello.myfonts.net
5    35.243.158.225 (United States)

ASN15169 (GOOGLE, US)
PTR: 225.158.243.35.bc.googleusercontent.com
livingflo.wpengine.com
2    2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
Domain Requested by
8 livingflo.com livingflo.com
5 livingflo.wpengine.com livingflo.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 img.youtube.com
1 stats.g.doubleclick.net www.google-analytics.com
1 hello.myfonts.net livingflo.com
1 www.googletagmanager.com livingflo.com
1 auth.livingflo.com 1 redirects
19 8

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
qa.livingflo.com
Subject Issuer Validity Valid
livingflo.com
Go Daddy Secure Certificate Authority - G2		 2020-06-18 -
2021-08-17		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
hello.myfonts.net
DigiCert SHA2 Secure Server CA		 2019-06-03 -
2021-06-07		 2 years crt.sh
*.wpengine.com
RapidSSL RSA CA 2018		 2019-07-01 -
2021-08-29		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://livingflo.com/
Frame ID: 3D2FBD9BA1A1EC3E086F6B10E829C49A
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://auth.livingflo.com/ HTTP 302
    https://livingflo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

19
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

407 kB
Transfer

1217 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth.livingflo.com/ HTTP 302
    https://livingflo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
livingflo.com/
Redirect Chain
  • https://auth.livingflo.com/
  • https://livingflo.com/
969 B
778 B 		Document
General
Check archive.org
Download Go to
Full URL
https://livingflo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.4.55 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-4-55.ip.secureserver.net
Software
Apache /
Resource Hash
b61dab18605cad0e490d67763a84b33d88563d229bd56c338f96d38a1bd15275

Request headers

:method
GET
:authority
livingflo.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 07 Oct 2020 14:59:05 GMT
server
Apache
last-modified
Tue, 13 Aug 2019 21:04:28 GMT
etag
"8fc2c00-3c9-59005fc7b890b-gzip"
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-encoding
gzip
access-control-allow-origin
*
content-length
624
content-type
text/html

Redirect headers

Server
openresty
Date
Wed, 07 Oct 2020 14:59:05 GMT
Content-Type
text/html; charset=utf-8
Content-Length
88
Connection
keep-alive
ot-tracer-spanid
4bf912ee4bca1cd5
ot-tracer-traceid
790b8cf33ce85847
ot-tracer-sampled
true
ot-baggage-auth0-request-id
6080-1602082745.295-185.156.175.107-574-606383002-1-0.000
X-Auth0-RequestId
9797184738069b017d22
Location
https://livingflo.com/
Vary
Accept
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
Strict-Transport-Security
max-age=31536000
main.c788ba07.js
livingflo.com/static/js/ 		950 KB
239 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livingflo.com/static/js/main.c788ba07.js
Requested by
Host: livingflo.com
URL: https://livingflo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.4.55 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-4-55.ip.secureserver.net
Software
Apache /
Resource Hash
5569899faa3813156e3e3449efc66051e9774944b14c461917cb56e77f334514

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:59:05 GMT
content-encoding
gzip
last-modified
Tue, 13 Aug 2019 21:04:29 GMT
server
Apache
status
200
etag
"8fc2e22-ed683-59005fc8b9e3f-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KRTP27X
Requested by
Host: livingflo.com
URL: https://livingflo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3c73eb8c0cb87e85e2b0cdf2024da4cc5fd0aec9dea1ab2df0460e2adb93a71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:59:05 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32606
x-xss-protection
0
last-modified
Wed, 07 Oct 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Oct 2020 14:59:05 GMT
383085
hello.myfonts.net/count/ 		0
162 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/383085
Requested by
Host: livingflo.com
URL: https://livingflo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C53) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:59:07 GMT
last-modified
Fri, 17 Apr 2020 15:38:14 GMT
server
ECAcc (mil/6C53)
age
14514300
etag
"3364556309"
status
200
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
0
expires
Wed, 07 Oct 2020 14:59:06 GMT
site-identity
livingflo.wpengine.com/client/wp-json/wp/v2/ 		69 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://livingflo.wpengine.com/client/wp-json/wp/v2/site-identity
Requested by
Host: livingflo.com
URL: https://livingflo.com/static/js/main.c788ba07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.158.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
225.158.243.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
99898856fed465af9f63b2a3744ecded3a5f26b4f27518e22d30455fcc390d0f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:59:08 GMT
x-content-type-options
nosniff
x-cacheable
SHORT
x-powered-by
WP Engine
x-cache
MISS
status
200
content-length
69
x-cache-group
normal
access-control-allow-headers
Authorization, Content-Type
allow
GET
server
nginx
vary
Accept-Encoding,Cookie
access-control-allow-methods
GET, POST, PUT, PATCH, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
cache-control
max-age=600, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
x-robots-tag
noindex
link
<https://livingflo.wpengine.com/client/wp-json/>; rel="https://api.w.org/"
brand-identity
livingflo.wpengine.com/wp-json/acf/v3/options/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://livingflo.wpengine.com/wp-json/acf/v3/options/brand-identity
Requested by
Host: livingflo.com
URL: https://livingflo.com/static/js/main.c788ba07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.158.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
225.158.243.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
4052648ebe510b92915ca7ed0d1ae3f73b04d2685699fcf679d58c7e0cd17de6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
SHORT
x-powered-by
WP Engine
x-cache
MISS
status
200
x-cache-group
normal
access-control-allow-headers
Authorization, Content-Type
allow
GET
server
nginx
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
access-control-allow-methods
GET, POST, PUT, PATCH, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
cache-control
max-age=600, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
link
<https://livingflo.wpengine.com/wp-json/>; rel="https://api.w.org/"
main-menu
livingflo.wpengine.com/client/wp-json/wp/v2/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://livingflo.wpengine.com/client/wp-json/wp/v2/main-menu
Requested by
Host: livingflo.com
URL: https://livingflo.com/static/js/main.c788ba07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.158.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
225.158.243.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
6e806e41813e39d5ea04fe11e57b838f97195d3aea720cb422e200735ef43332
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
SHORT
x-powered-by
WP Engine
x-cache
MISS
status
200
x-cache-group
normal
access-control-allow-headers
Authorization, Content-Type
allow
GET
server
nginx
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
access-control-allow-methods
GET, POST, PUT, PATCH, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
cache-control
max-age=600, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
link
<https://livingflo.wpengine.com/client/wp-json/>; rel="https://api.w.org/"
pages
livingflo.wpengine.com/client//wp-json/wp/v2/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://livingflo.wpengine.com/client//wp-json/wp/v2/pages?slug=home&_embed
Requested by
Host: livingflo.com
URL: https://livingflo.com/static/js/main.c788ba07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.158.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
225.158.243.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
a1d6cb09eed19e8a6f79be4b0873e9e5c8de861caff4301304ec9d8d0ee40c42
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
SHORT
x-powered-by
WP Engine
x-cache
MISS
status
200
x-cache-group
normal
access-control-allow-headers
Authorization, Content-Type
allow
GET
server
nginx
x-wp-totalpages
1
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
access-control-allow-methods
GET, POST, PUT, PATCH, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
cache-control
max-age=600, must-revalidate
x-wp-total
1
access-control-allow-credentials
true
x-robots-tag
noindex
link
<https://livingflo.wpengine.com/client/wp-json/>; rel="https://api.w.org/"
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRTP27X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
1528
date
Wed, 07 Oct 2020 14:33:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Wed, 07 Oct 2020 16:33:40 GMT
383085_6_0.1553a189.woff2
livingflo.com/static/media/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://livingflo.com/static/media/383085_6_0.1553a189.woff2
Requested by
Host: livingflo.com
URL: https://livingflo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.4.55 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-4-55.ip.secureserver.net
Software
Apache /
Resource Hash
cac8c27795688632295ecdec0b089b539ff66db41596cde9e7128ce87c3542df

Request headers

Origin
https://livingflo.com
Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:59:08 GMT
content-encoding
gzip
last-modified
Tue, 13 Aug 2019 21:04:30 GMT
server
Apache
status
200
etag
"8fc2c09-7a57-59005fc8f99c8-gzip"
vary
Accept-Encoding,User-Agent
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
31342
383085_7_0.4f0bf84c.woff2
livingflo.com/static/media/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://livingflo.com/static/media/383085_7_0.4f0bf84c.woff2
Requested by
Host: livingflo.com
URL: https://livingflo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.4.55 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-4-55.ip.secureserver.net
Software
Apache /
Resource Hash
5c02ce112cb0ed71a311dd5ba47a1d3c7d96ebbf22a1b083e6103b7effc167b0

Request headers

Origin
https://livingflo.com
Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:59:08 GMT
content-encoding
gzip
last-modified
Tue, 13 Aug 2019 21:04:31 GMT
server
Apache
status
200
etag
"8fc2c0f-78e3-59005fca0feed-gzip"
vary
Accept-Encoding,User-Agent
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
30970
collect
www.google-analytics.com/j/ 		2 B
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=25551631&t=pageview&_s=1&dl=https%3A%2F%2Flivingflo.com%2F&ul=en-us&de=UTF-8&dt=Flo%C2%AE%20%7C%20Financial%20Freedom%20Redefined.%E2%84%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2129018682&gjid=478177480&cid=1787158021.1602082748&tid=UA-125251041-1&_gid=1820393502.1602082748&_r=1&gtm=2wg9n1KRTP27X&z=298886567
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Oct 2020 14:59:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://livingflo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-125251041-1&cid=1787158021.1602082748&jid=2129018682&gjid=478177480&_gid=1820393502.1602082748&_u=YEBAAEAAAAAAAC~&z=755443358
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 07 Oct 2020 14:59:08 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://livingflo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
footer_sidebar
livingflo.wpengine.com/client/wp-json/acf/v3/options/custom-widgets/ 		634 B
948 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://livingflo.wpengine.com/client/wp-json/acf/v3/options/custom-widgets/footer_sidebar
Requested by
Host: livingflo.com
URL: https://livingflo.com/static/js/main.c788ba07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.158.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
225.158.243.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
6e436e9420fa28056c34d8e718a363d7d2b34da01dcb8a06f494187b43e4e1a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
SHORT
x-powered-by
WP Engine
x-cache
MISS
status
200
x-cache-group
normal
access-control-allow-headers
Authorization, Content-Type
allow
GET
server
nginx
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
access-control-allow-methods
GET, POST, PUT, PATCH, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
cache-control
max-age=600, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
link
<https://livingflo.wpengine.com/client/wp-json/>; rel="https://api.w.org/"
graph.bc5c3d83.svg
livingflo.com/static/media/ 		10 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livingflo.com/static/media/graph.bc5c3d83.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.4.55 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-4-55.ip.secureserver.net
Software
Apache /
Resource Hash
25960661ab1a5a58e4b7417b07021c311ceeaacbacee1c92a2698020c9aeceba

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:59:08 GMT
content-encoding
gzip
last-modified
Tue, 13 Aug 2019 21:04:32 GMT
server
Apache
status
200
etag
"8fc2c18-28c6-59005fcbbf934-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
2128
graph-mobile.56df1120.svg
livingflo.com/static/media/ 		2 KB
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livingflo.com/static/media/graph-mobile.56df1120.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.4.55 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-4-55.ip.secureserver.net
Software
Apache /
Resource Hash
621c1cf3ed08bc8f26b48ea4662450ef49714793ea850e51a966d439ceed1c2c

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:59:08 GMT
content-encoding
gzip
last-modified
Tue, 13 Aug 2019 21:04:30 GMT
server
Apache
status
200
etag
"8fc2c0d-6ca-59005fc9b328b-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
754
reservior.903b156c.svg
livingflo.com/static/media/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livingflo.com/static/media/reservior.903b156c.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.4.55 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-4-55.ip.secureserver.net
Software
Apache /
Resource Hash
8732838e316c084541c1a7d7d2790584b1bc93d75c893914e4589c5f6a16e7f8

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:59:08 GMT
content-encoding
gzip
last-modified
Tue, 13 Aug 2019 21:04:33 GMT
server
Apache
status
200
etag
"8fc2c19-1281-59005fcbd7804-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
1922
maxres1.jpg
img.youtube.com/vi/Q1cRJqxJAQ8/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/Q1cRJqxJAQ8/maxres1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17f7911b4820a8ff5a4e9a8873c6fbec4f40d1122ab019979cffa1ff2e7f74ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:59:08 GMT
x-content-type-options
nosniff
server
sffe
etag
"0"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43474
x-xss-protection
0
expires
Wed, 07 Oct 2020 16:59:08 GMT
undefined
livingflo.com/ 		969 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livingflo.com/undefined
Requested by
Host: livingflo.com
URL: https://livingflo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.4.55 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-4-55.ip.secureserver.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://livingflo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:59:08 GMT
content-encoding
gzip
last-modified
Tue, 13 Aug 2019 21:04:28 GMT
server
Apache
status
200
etag
"8fc2c00-3c9-59005fc7b890b-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
content-length
624

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| dataLayer object| google_tag_manager object| __SECRET_EMOTION__ object| __core-js_shared__ object| FontAwesomeConfig object| ___FONT_AWESOME___ object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://livingflo.com/static/js/main.c788ba07.js(Line 1)
Message:
Content is cached for offline use.
console-api log URL: https://livingflo.com/static/js/main.c788ba07.js(Line 1)
Message:
[object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.livingflo.com
hello.myfonts.net
img.youtube.com
livingflo.com
livingflo.wpengine.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
107.180.4.55
152.199.21.2
2a00:1450:4001:802::200e
2a00:1450:4001:815::2008
2a00:1450:4001:81f::200e
2a00:1450:400c:c06::9a
35.243.158.225
44.228.7.2
17f7911b4820a8ff5a4e9a8873c6fbec4f40d1122ab019979cffa1ff2e7f74ee
25960661ab1a5a58e4b7417b07021c311ceeaacbacee1c92a2698020c9aeceba
4052648ebe510b92915ca7ed0d1ae3f73b04d2685699fcf679d58c7e0cd17de6
5569899faa3813156e3e3449efc66051e9774944b14c461917cb56e77f334514
5c02ce112cb0ed71a311dd5ba47a1d3c7d96ebbf22a1b083e6103b7effc167b0
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
621c1cf3ed08bc8f26b48ea4662450ef49714793ea850e51a966d439ceed1c2c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e436e9420fa28056c34d8e718a363d7d2b34da01dcb8a06f494187b43e4e1a3
6e806e41813e39d5ea04fe11e57b838f97195d3aea720cb422e200735ef43332
8732838e316c084541c1a7d7d2790584b1bc93d75c893914e4589c5f6a16e7f8
99898856fed465af9f63b2a3744ecded3a5f26b4f27518e22d30455fcc390d0f
a1d6cb09eed19e8a6f79be4b0873e9e5c8de861caff4301304ec9d8d0ee40c42
b61dab18605cad0e490d67763a84b33d88563d229bd56c338f96d38a1bd15275
c3c73eb8c0cb87e85e2b0cdf2024da4cc5fd0aec9dea1ab2df0460e2adb93a71
cac8c27795688632295ecdec0b089b539ff66db41596cde9e7128ce87c3542df
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855