urlscan.io logo urlscan.io
SecurityTrails logo

payment.totalreturn-capital.com Open in urlscan Pro
52.28.1.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://payment.totalreturn-capital.com/
Effective URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Submission: On October 27 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 45 HTTP transactions. The main IP is 52.28.1.67, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is payment.totalreturn-capital.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on October 27th 2023. Valid for: a year.
This is the only time payment.totalreturn-capital.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    52.28.1.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
payment.totalreturn-capital.com
3    52.219.75.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com
elopage-storage-production.s3.eu-central-1.amazonaws.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    18.165.227.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-227-79.lhr61.r.cloudfront.net
fonts.elopage.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o407470.ingest.sentry.io
11    18.195.106.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-106-67.eu-central-1.compute.amazonaws.com
api.elopage.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
16 totalreturn-capital.com
payment.totalreturn-capital.com
2 MB
14 elopage.com
fonts.elopage.com
api.elopage.com
88 KB
3 amazonaws.com
elopage-storage-production.s3.eu-central-1.amazonaws.com
91 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225
944 B
2 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 562
40 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6862
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
265 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
265 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
90 KB
1 sentry.io
o407470.ingest.sentry.io
333 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 364
31 KB
45 13
Domain Requested by
16 payment.totalreturn-capital.com 1 redirects payment.totalreturn-capital.com
11 api.elopage.com payment.totalreturn-capital.com
3 fonts.elopage.com payment.totalreturn-capital.com
3 elopage-storage-production.s3.eu-central-1.amazonaws.com payment.totalreturn-capital.com
2 bam.nr-data.net api.elopage.com
payment.totalreturn-capital.com
2 js-agent.newrelic.com api.elopage.com
payment.totalreturn-capital.com
2 connect.facebook.net payment.totalreturn-capital.com
connect.facebook.net
1 www.facebook.com payment.totalreturn-capital.com
1 www.google.de payment.totalreturn-capital.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.googletagmanager.com payment.totalreturn-capital.com
1 o407470.ingest.sentry.io payment.totalreturn-capital.com
1 ajax.googleapis.com payment.totalreturn-capital.com
45 14

This site contains no links.

Subject Issuer Validity Valid
payment.totalreturn-capital.com
GeoTrust TLS RSA CA G1		 2023-10-27 -
2024-10-26		 a year crt.sh
*.s3.eu-central-1.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-08-12		 10 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.elopage.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-03-24		 a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-25 -
2024-08-24		 a year crt.sh
api.elopage.com
Amazon RSA 2048 M01		 2023-04-10 -
2024-05-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-05 -
2023-11-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://payment.totalreturn-capital.com/s/mhtotalreturn
Frame ID: 7E370057D6F30F386287DD2393E37B2D
Requests: 37 HTTP requests in this frame

Frame: https://api.elopage.com/hsm
Frame ID: 42E2E86400737A74B7399B8E8195531D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

mhtotalreturn

Page URL History Show full URLs

  1. https://payment.totalreturn-capital.com/ HTTP 301
    https://payment.totalreturn-capital.com/s/mhtotalreturn Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

100 %
HTTPS

50 %
IPv6

13
Domains

14
Subdomains

14
IPs

3
Countries

2021 kB
Transfer

6860 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://payment.totalreturn-capital.com/ HTTP 301
    https://payment.totalreturn-capital.com/s/mhtotalreturn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mhtotalreturn
payment.totalreturn-capital.com/s/
Redirect Chain
  • https://payment.totalreturn-capital.com/
  • https://payment.totalreturn-capital.com/s/mhtotalreturn
142 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.1.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
Software
nginx / Next.js
Resource Hash
a0e73e174cc21f9c4fd1984299695b518823843b9e2024725e7b42cfd56b2454
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
s-maxage=60, max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 27 Oct 2023 13:42:44 GMT
etag
"6mc1sshp1e34ar"
server
nginx
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-powered-by
Next.js

Redirect headers

content-length
162
content-type
text/html
date
Fri, 27 Oct 2023 13:42:43 GMT
location
https://payment.totalreturn-capital.com/s/mhtotalreturn
server
nginx
strict-transport-security
max-age=15768000
0bc0287a2811cead.css
payment.totalreturn-capital.com/_next/static/css/ 		949 KB
166 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.totalreturn-capital.com/_next/static/css/0bc0287a2811cead.css
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.1.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2dfcbd8b72af77ce9d252cef9ae5485f56aeaa45f0a136a49027b8d50f3419c2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/s/mhtotalreturn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:44 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Thu, 26 Oct 2023 12:40:47 GMT
server
nginx
etag
W/"ed4a6-18b6c006498"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
a81a23231da6ef13.css
payment.totalreturn-capital.com/_next/static/css/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.totalreturn-capital.com/_next/static/css/a81a23231da6ef13.css
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.1.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4ab097a1bb8d5d55373de78dcf859b3914fd996b7705a8f91b25d40edf11d4f8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/s/mhtotalreturn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:44 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Thu, 26 Oct 2023 12:40:47 GMT
server
nginx
etag
W/"302a-18b6c006498"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
webpack-13bd4b9706830e71.js
payment.totalreturn-capital.com/_next/static/chunks/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.totalreturn-capital.com/_next/static/chunks/webpack-13bd4b9706830e71.js
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.1.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
16f0c955d0a0054e3fb881fed483078b36efe0dd2a4c6ef31ffd46cfbbec504a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/s/mhtotalreturn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:44 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Thu, 26 Oct 2023 12:40:47 GMT
server
nginx
etag
W/"2f79-18b6c006498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
framework-8cbb90d1953e9520.js
payment.totalreturn-capital.com/_next/static/chunks/ 		137 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.totalreturn-capital.com/_next/static/chunks/framework-8cbb90d1953e9520.js
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.1.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0834a38638bc21212da63c5160279d961a1a45bf43b4516f6b0a628c78975a94
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/s/mhtotalreturn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:44 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Thu, 26 Oct 2023 12:40:47 GMT
server
nginx
etag
W/"224ba-18b6c006498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
main-f44ccff1bb02e984.js
payment.totalreturn-capital.com/_next/static/chunks/ 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.totalreturn-capital.com/_next/static/chunks/main-f44ccff1bb02e984.js
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.1.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ee33ed8995d697538f52dab8c5b527124095be6741185f1caabd47d27a7d68b7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/s/mhtotalreturn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:44 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Thu, 26 Oct 2023 12:40:47 GMT
server
nginx
etag
W/"1d7b3-18b6c006498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_app-05df3f0c0b2c170f.js
payment.totalreturn-capital.com/_next/static/chunks/pages/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.totalreturn-capital.com/_next/static/chunks/pages/_app-05df3f0c0b2c170f.js
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.1.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3c071fa77cbeece157f0cfcd5df1830efef368aa0423eb88085f2a7374a359b0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/s/mhtotalreturn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:44 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Thu, 26 Oct 2023 12:40:47 GMT
server
nginx
etag
W/"4115f8-18b6c006498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
2275-4eeb18298f8a28ac.js
payment.totalreturn-capital.com/_next/static/chunks/ 		140 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.totalreturn-capital.com/_next/static/chunks/2275-4eeb18298f8a28ac.js
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.1.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d0359e391f617b22788501ca84f1262bd63680b88ef90fde0f2abe8a9ec53c88
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/s/mhtotalreturn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:44 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Thu, 26 Oct 2023 12:40:47 GMT
server
nginx
etag
W/"22ed6-18b6c006498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
%5Busername%5D-971d03c0afe0f2be.js
payment.totalreturn-capital.com/_next/static/chunks/pages/s/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.totalreturn-capital.com/_next/static/chunks/pages/s/%5Busername%5D-971d03c0afe0f2be.js
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.1.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
417a1e1de02967ce983a5be8774f9e31afbe9a70145f98fa7e6fc8296855e565
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/s/mhtotalreturn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:44 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Thu, 26 Oct 2023 12:40:47 GMT
server
nginx
etag
W/"6a0-18b6c006498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_buildManifest.js
payment.totalreturn-capital.com/_next/static/5-P22ibe5UqArLc07v5aG/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.totalreturn-capital.com/_next/static/5-P22ibe5UqArLc07v5aG/_buildManifest.js
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.1.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f04404269e0536f63470416a9a2674caa0b43528ad0448c661013625336fbc16
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/s/mhtotalreturn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:44 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Thu, 26 Oct 2023 12:40:47 GMT
server
nginx
etag
W/"17fb-18b6c006498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_ssgManifest.js
payment.totalreturn-capital.com/_next/static/5-P22ibe5UqArLc07v5aG/ 		91 B
331 B 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.totalreturn-capital.com/_next/static/5-P22ibe5UqArLc07v5aG/_ssgManifest.js
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.1.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/s/mhtotalreturn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:44 GMT
strict-transport-security
max-age=15768000
last-modified
Thu, 26 Oct 2023 12:41:36 GMT
server
nginx
etag
W/"5b-18b6c012400"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
91
3ru7T2VfJ73bkfBVM3R281XZ
elopage-storage-production.s3.eu-central-1.amazonaws.com/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elopage-storage-production.s3.eu-central-1.amazonaws.com/3ru7T2VfJ73bkfBVM3R281XZ
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.75.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
86132efbb217181a1c9a9462bd66118c80380a659ae6ab910c6af7e1f7a181a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 13:42:45 GMT
x-amz-version-id
tMWzBIK_YNm.aQ9gLYUds7gOQ8bi6V10
Last-Modified
Fri, 27 Oct 2023 11:15:47 GMT
Server
AmazonS3
x-amz-request-id
X7169033VK6DN2EM
ETag
"1c7c22bdedfd55f5fedf0d052d780c9c"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Cache-Control
max-age=7200
Accept-Ranges
bytes
Content-Length
59121
x-amz-id-2
VViBkSs6ftG+ScLC4MkLNEJ9w+7Xk4NNG5dJLAiOqzEpG6/8j8gQ6mU8yM0CbhAJv+nLJFMExuE=
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 22:23:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 22:23:48 GMT
fa-solid-900.ed22a484.woff2
payment.totalreturn-capital.com/_next/static/media/ 		134 KB
134 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://payment.totalreturn-capital.com/_next/static/media/fa-solid-900.ed22a484.woff2
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/css/0bc0287a2811cead.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.1.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://payment.totalreturn-capital.com/_next/static/css/0bc0287a2811cead.css
Origin
https://payment.totalreturn-capital.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:44 GMT
strict-transport-security
max-age=15768000
last-modified
Thu, 26 Oct 2023 12:40:47 GMT
server
nginx
etag
W/"21678-18b6c006498"
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
136824
GothaProMed.otf
fonts.elopage.com/woff/gotha-pro-med/ 		46 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.elopage.com/woff/gotha-pro-med/GothaProMed.otf
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/css/0bc0287a2811cead.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.227.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-227-79.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d6693cb498e2a4e05358475c986adfa058901ebc392a95e25d1a55a13406566

Request headers

Referer
https://payment.totalreturn-capital.com/
Origin
https://payment.totalreturn-capital.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:45 GMT
x-amz-version-id
80rcFm6qi2F1uUX2C3B0k_hwwQO_nmDz
content-encoding
gzip
via
1.1 c80b94673c56b595b4d6fe9bc222a57c.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P5
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Nov 2022 10:17:52 GMT
server
AmazonS3
etag
W/"dd3d9ca53a246950706e94726bb1403e"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
font/otf
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
V3vApLj4hepQZD7mUbI43d5u9qH0uImpBxUd6nRMqQysWoCHUibYHw==
raleway-v28-latin-regular.woff2
fonts.elopage.com/woff/raleway/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.elopage.com/woff/raleway/raleway-v28-latin-regular.woff2
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/css/0bc0287a2811cead.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.227.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-227-79.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf

Request headers

Referer
https://payment.totalreturn-capital.com/
Origin
https://payment.totalreturn-capital.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:45 GMT
x-amz-version-id
oTpY5tcry5x5CToKBbFRLeQNr9KM2Ozy
via
1.1 c80b94673c56b595b4d6fe9bc222a57c.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P5
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
21280
last-modified
Tue, 01 Nov 2022 10:17:55 GMT
server
AmazonS3
etag
"16911581ab7ea10687a5aee74cbc5612"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
919YXzeSdk402WFURRk3pptcksKx0MSuznaiJo1iZaW59iiHwBAP-Q==
b21ba330599e19f674ffe0147a41965f87b4a0656bc65d7ced999fbf88ea50fe
elopage-storage-production.s3.eu-central-1.amazonaws.com/variants/eA3uyVWGTSCTtPH4jVzBQdHT/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elopage-storage-production.s3.eu-central-1.amazonaws.com/variants/eA3uyVWGTSCTtPH4jVzBQdHT/b21ba330599e19f674ffe0147a41965f87b4a0656bc65d7ced999fbf88ea50fe
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.75.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f1d56c8ee504fe4617fde8372da702f2a31179becca597a613d7c1f4ea9ca0cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 13:42:45 GMT
x-amz-version-id
a2m23.Xew5BEJ4Mdhv_CCqN_ySUjCU5h
Last-Modified
Thu, 26 Oct 2023 15:39:30 GMT
Server
AmazonS3
x-amz-request-id
X71A1T3W8AP2TA3K
ETag
"0ade4ea59ee378a7d935208ade038fb9"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Cache-Control
max-age=7200
Accept-Ranges
bytes
Content-Length
2146
x-amz-id-2
5AgR+fc2r8lLnSXwfceK07Nf1Lgrr0kYG9ItcchaTIKG3bXHRQRDbaKyxgsEMdjHviJDoVTLGHU=
/
o407470.ingest.sentry.io/api/6599603/envelope/ 		2 B
333 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o407470.ingest.sentry.io/api/6599603/envelope/?sentry_key=aafd9266a0544f6eb19d5fa618912e7e&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.71.0
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/chunks/pages/_app-05df3f0c0b2c170f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://payment.totalreturn-capital.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 27 Oct 2023 13:42:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
hsm
api.elopage.com/ Frame 42E2 		47 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.elopage.com/hsm
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/chunks/pages/_app-05df3f0c0b2c170f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-106-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3d82235901114eb2554e0822130103229a2da593d5453ad97a78a272c1c0a19e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payment.totalreturn-capital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 27 Oct 2023 13:42:45 GMT
etag
W/"3d82235901114eb2554e082213010322"
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
0de30dcc-60ff-4488-93d4-d2fdbd423226
x-runtime
0.011574
x-xss-protection
1; mode=block
tracking_log
api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/tracking_log
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-106-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
user-session-id
Access-Control-Request-Method
POST
Origin
https://payment.totalreturn-capital.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers
user-session-id
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
https://payment.totalreturn-capital.com
access-control-expose-headers
access-control-max-age
1728000
date
Fri, 27 Oct 2023 13:42:45 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
fbevents.js
connect.facebook.net/en_US/ 		199 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/chunks/pages/_app-05df3f0c0b2c170f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
851e24d0eb8956c4a1b01a9118837f4a1b5a68a69eb0af0f858644240a07f785
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 27 Oct 2023 13:42:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53586
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
tgNEP+tgJnV8C65xvaHiKRinUNaqne6GMpcr9hY1//gY0JL9jCEPZv5lahx5zNwJ5hze3pP6fQxT/SUfISQTUQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		267 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y9PFX2096Q
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/chunks/pages/_app-05df3f0c0b2c170f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ffb8477f7533fb081a3a12b54881f04fc47f716983a16a6e9bfded7e905bca8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91348
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 27 Oct 2023 13:42:45 GMT
tracking_log
api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/ 		328 B
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/tracking_log
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/chunks/pages/_app-05df3f0c0b2c170f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-106-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ef694b356f11bfd79228eb976e8a7823e3343f8d75bd1876112182763be03e2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

user-session-id
99e3e381-e429-4763-8cc2-62a1b58ac969
Accept
application/json, text/plain, */*
Content-Language
de
Referer
https://payment.totalreturn-capital.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary7uDnQS2e6PyKVkwA

Response headers

date
Fri, 27 Oct 2023 13:42:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
0158cfde-459c-4e42-b9e2-dc7a8f190b3f
x-runtime
0.030297
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"ef694b356f11bfd79228eb976e8a7823"
x-download-options
noopen
access-control-max-age
1728000
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
https://payment.totalreturn-capital.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-type
application/json; charset=utf-8
tracking_log
api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/ 		329 B
961 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/tracking_log
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/chunks/pages/_app-05df3f0c0b2c170f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-106-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7e95a9b59861789e679c807c87b68c35efe2c401e762d594607a64c714e63ab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

user-session-id
99e3e381-e429-4763-8cc2-62a1b58ac969
Accept
application/json, text/plain, */*
Content-Language
de
Referer
https://payment.totalreturn-capital.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary8XwMxMmQvyMawfqP

Response headers

date
Fri, 27 Oct 2023 13:42:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
0278f675-feb1-4a71-aee9-d80f490a7fe3
x-runtime
0.023507
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"7e95a9b59861789e679c807c87b68c35"
x-download-options
noopen
access-control-max-age
1728000
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
https://payment.totalreturn-capital.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-type
application/json; charset=utf-8
view_logs
api.elopage.com/v1/common/ 		37 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.elopage.com/v1/common/view_logs
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/chunks/pages/_app-05df3f0c0b2c170f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-106-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a9f6375548f25c6e2f8ce81799012f52e64bccbca9de501befac6a8e22a2e8bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

user-session-id
99e3e381-e429-4763-8cc2-62a1b58ac969
Accept
application/json, text/plain, */*
Content-Language
de
Referer
https://payment.totalreturn-capital.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryIn6oB52emt4B6zOD

Response headers

date
Fri, 27 Oct 2023 13:42:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
839e868b-f32f-4abf-994a-29ae95f0a659
x-runtime
0.023187
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"a9f6375548f25c6e2f8ce81799012f52"
x-download-options
noopen
access-control-max-age
1728000
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
https://payment.totalreturn-capital.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-type
application/json; charset=utf-8
tracking_log
api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/tracking_log
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-106-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
user-session-id
Access-Control-Request-Method
POST
Origin
https://payment.totalreturn-capital.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers
user-session-id
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
https://payment.totalreturn-capital.com
access-control-expose-headers
access-control-max-age
1728000
date
Fri, 27 Oct 2023 13:42:45 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
view_logs
api.elopage.com/v1/common/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.elopage.com/v1/common/view_logs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-106-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
user-session-id
Access-Control-Request-Method
POST
Origin
https://payment.totalreturn-capital.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers
user-session-id
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
https://payment.totalreturn-capital.com
access-control-expose-headers
access-control-max-age
1728000
date
Fri, 27 Oct 2023 13:42:45 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
roboto-v30-latin-regular.woff2
fonts.elopage.com/woff/roboto/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.elopage.com/woff/roboto/roboto-v30-latin-regular.woff2
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/css/0bc0287a2811cead.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.227.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-227-79.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

Referer
https://payment.totalreturn-capital.com/
Origin
https://payment.totalreturn-capital.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:46 GMT
x-amz-version-id
yDfyCH654WjqT0Z7fGUD9G_qEGuVbUOc
via
1.1 c80b94673c56b595b4d6fe9bc222a57c.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P5
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15744
last-modified
Tue, 01 Nov 2022 10:17:55 GMT
server
AmazonS3
etag
"15d9f621c3bd1599f0169dcf0bd5e63e"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
SrH_rhKyQmYbZPSKNtyCr1dJOzP8X5hRLdS6EcCfe9d8OIll3OHxgw==
d508b20ed2aead6dd1793323b66b7fa7e9666e6438a9dd788afad43d25251d21
elopage-storage-production.s3.eu-central-1.amazonaws.com/variants/eA3uyVWGTSCTtPH4jVzBQdHT/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elopage-storage-production.s3.eu-central-1.amazonaws.com/variants/eA3uyVWGTSCTtPH4jVzBQdHT/d508b20ed2aead6dd1793323b66b7fa7e9666e6438a9dd788afad43d25251d21
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.75.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f7bcdee51ed90f5a41eb366bfcbdd545b13736290590bf52e49f859f6626dfc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 13:42:46 GMT
x-amz-version-id
VSeHKKoaEnn7PTInGT27dnVKQLoYEa1f
Last-Modified
Thu, 26 Oct 2023 15:39:31 GMT
Server
AmazonS3
x-amz-request-id
02P4SRHEVDFQQD1Z
ETag
"fbb1e471a69b7ced118508a51b1922c9"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Cache-Control
max-age=7200
Accept-Ranges
bytes
Content-Length
30548
x-amz-id-2
ZewkmBbcR7iA041lb5BuGOT7O186idaRVdj/1kOtrNj7miJ7O6EJ78bCIdmsWR2rz6x0wES1oCs=
%5B%5B...slug%5D%5D-960ff55a4cb0c3ef.js
payment.totalreturn-capital.com/_next/static/chunks/pages/s/%5Busername%5D/%5BproductId%5D/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://payment.totalreturn-capital.com/_next/static/chunks/pages/s/%5Busername%5D/%5BproductId%5D/%5B%5B...slug%5D%5D-960ff55a4cb0c3ef.js
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/chunks/main-f44ccff1bb02e984.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.1.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/s/mhtotalreturn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:45 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Thu, 26 Oct 2023 12:40:47 GMT
server
nginx
etag
W/"917-18b6c006498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
nr-full-1.246.0.min.js
js-agent.newrelic.com/ Frame 42E2 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-full-1.246.0.min.js
Requested by
Host: api.elopage.com
URL: https://api.elopage.com/hsm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2db519fc82183a0b68c1a41724332e9d28bfdd5fd0433a1a4055b95c09e53310
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.elopage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
pdAr4wQqBW2beoyPX3ckfg7gIDlXlDkG
content-encoding
br
via
1.1 varnish
date
Fri, 27 Oct 2023 13:42:45 GMT
strict-transport-security
max-age=300
x-amz-request-id
442QNWMEER8YSX4Q
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
24566
x-amz-id-2
qHul6v/TjZfWK5xdDuPflKLqKd8XUhO1nFbW+Y2bQLgQLYOJy1QMYVL9YAi4fUJdEX5ebeP+si0=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Tue, 24 Oct 2023 13:50:56 GMT
server
AmazonS3
x-timer
S1698414165.292294,VS0,VE0
etag
"9611904aec7ebb402e37e0764e131525"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
36630
748498073105896
connect.facebook.net/signals/config/ 		138 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/748498073105896?v=2.9.135&r=c2&domain=payment.totalreturn-capital.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d56c2d7fc9b3c6f140d5df4e962d6af79728d4373af46aac59bdcadb3e918b0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 27 Oct 2023 13:42:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
0L4+Pvjf4b3AxJ5gHL709CD7KkLVPz+b+nWy46n4Bq+4BCqaRO7NxfEXP9NLafPHSGeThiPkbKXRumthUx6wpw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tracking_log
api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/ 		382 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/tracking_log
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/chunks/pages/_app-05df3f0c0b2c170f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-106-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d992583397b0105564cba30e582b8b15ba42e1f3852b774468012f8bf09c7870
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

user-session-id
99e3e381-e429-4763-8cc2-62a1b58ac969
Accept
application/json, text/plain, */*
Content-Language
de
Referer
https://payment.totalreturn-capital.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryIsqNixuhzZOpJteZ

Response headers

date
Fri, 27 Oct 2023 13:42:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
da0810a3-25d3-4b48-9047-e98103a3fa57
x-runtime
0.022244
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"d992583397b0105564cba30e582b8b15"
x-download-options
noopen
access-control-max-age
1728000
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
https://payment.totalreturn-capital.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-type
application/json; charset=utf-8
tracking_log
api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/tracking_log
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-106-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
user-session-id
Access-Control-Request-Method
POST
Origin
https://payment.totalreturn-capital.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers
user-session-id
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
https://payment.totalreturn-capital.com
access-control-expose-headers
access-control-max-age
1728000
date
Fri, 27 Oct 2023 13:42:45 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
collect
region1.analytics.google.com/g/ 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-Y9PFX2096Q&gtm=45je3ap0v892275192&_p=441876432&_gaz=1&gcd=11l1l1l1l1&cid=933375569.1698414165&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=1&sid=1698414165&sct=1&seg=0&dl=https%3A%2F%2Fpayment.totalreturn-capital.com%2Fs%2Fmhtotalreturn&dt=mhtotalreturn&en=scroll&_fv=1&_nsi=1&_ss=1&ep.anonymize_ip=true&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y9PFX2096Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 13:42:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payment.totalreturn-capital.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y9PFX2096Q&cid=933375569.1698414165&gtm=45je3ap0v892275192&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y9PFX2096Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 13:42:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payment.totalreturn-capital.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y9PFX2096Q&cid=933375569.1698414165&gtm=45je3ap0v892275192&aip=1&z=272224379
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 13:42:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
%5B%5B...slug%5D%5D-960ff55a4cb0c3ef.js
payment.totalreturn-capital.com/_next/static/chunks/pages/s/%5Busername%5D/%5BproductId%5D/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.totalreturn-capital.com/_next/static/chunks/pages/s/%5Busername%5D/%5BproductId%5D/%5B%5B...slug%5D%5D-960ff55a4cb0c3ef.js
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/chunks/main-f44ccff1bb02e984.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.1.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5e06421a8406d73b83f5537fbf50132ee72c348b6144ae8e2855ccac4d910288
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/s/mhtotalreturn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 13:42:45 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Thu, 26 Oct 2023 12:40:47 GMT
server
nginx
etag
W/"917-18b6c006498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
a81a23231da6ef13.css
payment.totalreturn-capital.com/_next/static/css/ 		12 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://payment.totalreturn-capital.com/_next/static/css/a81a23231da6ef13.css
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/chunks/pages/_app-05df3f0c0b2c170f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.1.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4ab097a1bb8d5d55373de78dcf859b3914fd996b7705a8f91b25d40edf11d4f8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://payment.totalreturn-capital.com/s/mhtotalreturn
accept-language
de-DE,de;q=0.9
baggage
sentry-environment=production,sentry-release=5-P22ibe5UqArLc07v5aG,sentry-public_key=aafd9266a0544f6eb19d5fa618912e7e,sentry-trace_id=028361d5d78441d6a638bf1a58804024,sentry-transaction=%2Fs%2F%5Busername%5D,sentry-sampled=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
sentry-trace
028361d5d78441d6a638bf1a58804024-89832300e9115c44-0

Response headers

date
Fri, 27 Oct 2023 13:42:45 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Thu, 26 Oct 2023 12:40:47 GMT
server
nginx
etag
W/"302a-18b6c006498"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
81380ed1db
bam.nr-data.net/1/ Frame 42E2 		40 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/81380ed1db?a=17287220&v=1.246.0&to=cVxXRhdZVFlWRBlTWkJHQB0WU0tGWllY&rst=357&ck=0&s=5877aebb39eb0617&ref=https://api.elopage.com/hsm&af=err,xhr,stn,ins&ap=12&be=120&fe=142&dc=140&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1698414164977,%22n%22:0,%22f%22:46,%22dn%22:72,%22dne%22:72,%22c%22:72,%22s%22:78,%22ce%22:88,%22rq%22:88,%22rp%22:121,%22rpe%22:123,%22di%22:260,%22ds%22:260,%22de%22:260,%22dc%22:261,%22l%22:261,%22le%22:262%7D,%22navigation%22:%7B%7D%7D
Requested by
Host: api.elopage.com
URL: https://api.elopage.com/hsm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d

Request headers

Referer
https://api.elopage.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 27 Oct 2023 13:42:45 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://api.elopage.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
81cb5d360c7090e0-FRA
Content-Length
40
tracking_log
api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/tracking_log
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-106-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
user-session-id
Access-Control-Request-Method
POST
Origin
https://payment.totalreturn-capital.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers
user-session-id
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
https://payment.totalreturn-capital.com
access-control-expose-headers
access-control-max-age
1728000
date
Fri, 27 Oct 2023 13:42:45 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=748498073105896&ev=PageView&dl=https%3A%2F%2Fpayment.totalreturn-capital.com%2Fs%2Fmhtotalreturn&rl=&if=false&ts=1698414165362&sw=1600&sh=1200&v=2.9.135&r=c2&ec=0&o=30&fbp=fb.1.1698414165360.189217538&cs_est=true&ler=empty&it=1698414165255&coo=false&rqm=GET
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 27 Oct 2023 13:42:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
tracking_log
api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/ 		488 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.elopage.com/v1/shop/mhtotalreturn/tracking_codes/tracking_log
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/chunks/pages/_app-05df3f0c0b2c170f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-106-67.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
73f3eb145ce4ff87d77666b60c924ce1c274871ed3178b4372614e8dd4c47e70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

user-session-id
99e3e381-e429-4763-8cc2-62a1b58ac969
Accept
application/json, text/plain, */*
Content-Language
de
Referer
https://payment.totalreturn-capital.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarysFpKe3sbFti8NBrG

Response headers

date
Fri, 27 Oct 2023 13:42:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
2595ba2f-4d46-4eb4-9036-4f21fc9dbbbd
x-runtime
0.040024
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"73f3eb145ce4ff87d77666b60c924ce1"
x-download-options
noopen
access-control-max-age
1728000
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
https://payment.totalreturn-capital.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-type
application/json; charset=utf-8
nr-rum-1.246.0.min.js
js-agent.newrelic.com/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.246.0.min.js
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/s/mhtotalreturn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66a7fe004168863286a13398e307b82f6eba536085b788a391addbf7fb88d42c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.totalreturn-capital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
M35HGbCYaXNoGlYCvB9E9da9dqJbORR1
content-encoding
br
via
1.1 varnish
date
Fri, 27 Oct 2023 13:42:45 GMT
strict-transport-security
max-age=300
x-amz-request-id
SPSQRHJHXFP9B0AG
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15673
x-amz-id-2
lFkNsL5qvkplE9MCwPHKlCxaB4FR14fXsGWgSlIeBuq3t0mNm79D52pjlRS2SX35OLIksYLj5Zg=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Tue, 24 Oct 2023 13:50:56 GMT
server
AmazonS3
x-timer
S1698414165.399733,VS0,VE0
etag
"a149acc96c041ef8c200c297dc1d93b9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
64323
81380ed1db
bam.nr-data.net/1/ 		40 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/81380ed1db?a=1545721793&v=1.246.0&to=ZVZbZhdXVkZSVUJfWFwcblcHcEpUXlNBWUVZZktbSnhdTUdcRRlwd2cWHRYZY0BAU0RYVl9WZA%3D%3D&rst=1793&ck=0&s=b5a94e8b4525f3a8&ref=https://payment.totalreturn-capital.com/s/mhtotalreturn&tt=fc6475170471e859&ap=818.232164&be=912&fe=859&dc=445&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1698414163627,%22n%22:0,%22re%22:62,%22f%22:62,%22dn%22:62,%22dne%22:62,%22c%22:62,%22s%22:62,%22ce%22:62,%22rq%22:63,%22rp%22:913,%22rpe%22:922,%22di%22:1060,%22ds%22:1357,%22de%22:1357,%22dc%22:1770,%22l%22:1770,%22le%22:1771%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1041&fcp=1041
Requested by
Host: payment.totalreturn-capital.com
URL: https://payment.totalreturn-capital.com/_next/static/chunks/pages/_app-05df3f0c0b2c170f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d

Request headers

Referer
https://payment.totalreturn-capital.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 27 Oct 2023 13:42:45 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://payment.totalreturn-capital.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
81cb5d3659871db1-FRA
Content-Length
40

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| NREUM object| webpackChunk:NRBA-1.246.0.PROD object| newrelic function| $ function| jQuery object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __SENTRY__ undefined| __sentryRewritesTunnelPath__ object| SENTRY_RELEASE string| __rewriteFramesAssetPrefixPath__ number| __mobxInstanceCount object| __mobxGlobals number| 2f1acc6c3a606b082e5eef5e54414ffb function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST function| fbq function| _fbq object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady boolean| IS_GA_INITIALIZE object| gaGlobal

8 Cookies

Domain/Path Name / Value
payment.totalreturn-capital.com/ Name: p_user-session-id
Value: 99e3e381-e429-4763-8cc2-62a1b58ac969
.payment.totalreturn-capital.com/ Name: p_cabinet_profile_type
Value: shop
.payment.totalreturn-capital.com/ Name: p_clicker_token
Value: udwg1oqdu6
.elopage.com/ Name: p_cabinet_profile_type
Value: shop
.elopage.com/ Name: p_clicker_token
Value: udwg1oqdu6
.totalreturn-capital.com/ Name: _ga
Value: GA1.1.933375569.1698414165
.totalreturn-capital.com/ Name: _fbp
Value: fb.1.1698414165360.189217538
.totalreturn-capital.com/ Name: _ga_Y9PFX2096Q
Value: GS1.1.1698414165.1.0.1698414165.60.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.elopage.com
bam.nr-data.net
connect.facebook.net
elopage-storage-production.s3.eu-central-1.amazonaws.com
fonts.elopage.com
js-agent.newrelic.com
o407470.ingest.sentry.io
payment.totalreturn-capital.com
region1.analytics.google.com
stats.g.doubleclick.net
www.facebook.com
www.google.de
www.googletagmanager.com
151.101.66.137
162.247.241.14
18.165.227.79
18.195.106.67
2001:4860:4802:32::36
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:400c:c04::9b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
34.120.195.249
52.219.75.116
52.28.1.67
0834a38638bc21212da63c5160279d961a1a45bf43b4516f6b0a628c78975a94
16f0c955d0a0054e3fb881fed483078b36efe0dd2a4c6ef31ffd46cfbbec504a
2db519fc82183a0b68c1a41724332e9d28bfdd5fd0433a1a4055b95c09e53310
2dfcbd8b72af77ce9d252cef9ae5485f56aeaa45f0a136a49027b8d50f3419c2
3c071fa77cbeece157f0cfcd5df1830efef368aa0423eb88085f2a7374a359b0
3d6693cb498e2a4e05358475c986adfa058901ebc392a95e25d1a55a13406566
3d82235901114eb2554e0822130103229a2da593d5453ad97a78a272c1c0a19e
3ffb8477f7533fb081a3a12b54881f04fc47f716983a16a6e9bfded7e905bca8
417a1e1de02967ce983a5be8774f9e31afbe9a70145f98fa7e6fc8296855e565
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ab097a1bb8d5d55373de78dcf859b3914fd996b7705a8f91b25d40edf11d4f8
5d56c2d7fc9b3c6f140d5df4e962d6af79728d4373af46aac59bdcadb3e918b0
5e06421a8406d73b83f5537fbf50132ee72c348b6144ae8e2855ccac4d910288
66a7fe004168863286a13398e307b82f6eba536085b788a391addbf7fb88d42c
73f3eb145ce4ff87d77666b60c924ce1c274871ed3178b4372614e8dd4c47e70
7e95a9b59861789e679c807c87b68c35efe2c401e762d594607a64c714e63ab1
851e24d0eb8956c4a1b01a9118837f4a1b5a68a69eb0af0f858644240a07f785
86132efbb217181a1c9a9462bd66118c80380a659ae6ab910c6af7e1f7a181a6
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
a0e73e174cc21f9c4fd1984299695b518823843b9e2024725e7b42cfd56b2454
a9f6375548f25c6e2f8ce81799012f52e64bccbca9de501befac6a8e22a2e8bc
c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf
d0359e391f617b22788501ca84f1262bd63680b88ef90fde0f2abe8a9ec53c88
d992583397b0105564cba30e582b8b15ba42e1f3852b774468012f8bf09c7870
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d
ee33ed8995d697538f52dab8c5b527124095be6741185f1caabd47d27a7d68b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef694b356f11bfd79228eb976e8a7823e3343f8d75bd1876112182763be03e2f
f04404269e0536f63470416a9a2674caa0b43528ad0448c661013625336fbc16
f1d56c8ee504fe4617fde8372da702f2a31179becca597a613d7c1f4ea9ca0cd
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7bcdee51ed90f5a41eb366bfcbdd545b13736290590bf52e49f859f6626dfc6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d