urlscan.io logo urlscan.io
SecurityTrails logo

www.totalflow.company Open in urlscan Pro
3.13.177.195  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://totalflow.company/
Effective URL: https://www.totalflow.company/storeclosed
Submission: On July 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 19 HTTP transactions. The main IP is 3.13.177.195, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is www.totalflow.company.
TLS certificate: Issued by R10 on July 3rd 2024. Valid for: 3 months.
This is the only time www.totalflow.company was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13 3.13.177.195 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 172.67.22.83 13335 (CLOUDFLAR...)
1 151.101.192.176 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.160.150.20 16509 (AMAZON-02)
19 7
13    3.13.177.195 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-177-195.us-east-2.compute.amazonaws.com
totalflow.company
www.totalflow.company
www.totalflow.shop
1    2600:9000:2251:de00:f:6dc5:9bc8:f821 (United States)

ASN16509 (AMAZON-02, US)
d0.awsstatic.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    172.67.22.83 (United States)

ASN13335 (CLOUDFLARENET, US)
apps.elfsight.com
static.elfsight.com
1    151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    3.160.150.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-20.fra60.r.cloudfront.net
js.stripe.com
Apex Domain
Subdomains		 Transfer
12 totalflow.company
totalflow.company
www.totalflow.company
342 KB
2 gstatic.com
fonts.gstatic.com
67 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2856
151 KB
2 elfsight.com
apps.elfsight.com — Cisco Umbrella Rank: 32775
static.elfsight.com — Cisco Umbrella Rank: 20466
17 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 awsstatic.com
d0.awsstatic.com — Cisco Umbrella Rank: 190136
4 KB
1 totalflow.shop
www.totalflow.shop
4 KB
19 7
Domain Requested by
11 www.totalflow.company 1 redirects www.totalflow.company
2 fonts.gstatic.com fonts.googleapis.com
2 js.stripe.com www.totalflow.company
js.stripe.com
2 fonts.googleapis.com www.totalflow.company
1 static.elfsight.com www.totalflow.company
1 apps.elfsight.com 1 redirects
1 d0.awsstatic.com www.totalflow.company
1 www.totalflow.shop www.totalflow.company
1 totalflow.company 1 redirects
19 9

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.youtube.com
www.pinterest.com
www.instagram.com
Subject Issuer Validity Valid
www.totalflowusa.com
R10		 2024-07-03 -
2024-10-01		 3 months crt.sh
d0.awsstatic.com
Amazon RSA 2048 M03		 2024-04-05 -
2025-05-04		 a year crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2024-09-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.totalflow.company/storeclosed
Frame ID: 038C3590582148429AE7C9792D906171
Requests: 18 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 41C02EF81D6F885DC95F8D843C3E1321
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Store closed|

Page URL History Show full URLs

  1. https://totalflow.company/ HTTP 301
    https://www.totalflow.company/ HTTP 302
    https://www.totalflow.company/storeclosed Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

43 %
IPv6

7
Domains

9
Subdomains

7
IPs

2
Countries

585 kB
Transfer

1764 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://totalflow.company/ HTTP 301
    https://www.totalflow.company/ HTTP 302
    https://www.totalflow.company/storeclosed Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://apps.elfsight.com/p/platform.js HTTP 301
  • https://static.elfsight.com/platform/platform.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request storeclosed
www.totalflow.company/
Redirect Chain
  • https://totalflow.company/
  • https://www.totalflow.company/
  • https://www.totalflow.company/storeclosed
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.company/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
23f2d5da476e12ad329c81b54ea2c6a59b90ab3404d6845769ff7001af6d828e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
br
content-language
en-US
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Mon, 15 Jul 2024 10:23:30 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
pragma
no-cache
referrer-policy
same-origin
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-miniprofiler-ids
["e2ad3ae5-cab4-4ca9-8486-3837a24fe627"]
x-xss-protection
1; mode=block

Redirect headers

content-language
en-US
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
date
Mon, 15 Jul 2024 10:23:30 GMT
location
/storeclosed
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
referrer-policy
same-origin
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-miniprofiler-ids
["157d5936-5da1-4126-bcf0-4db37ad3250f"]
x-xss-protection
1; mode=block
venture-font.woff
www.totalflow.company/Themes/Venture/Content/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.company/Themes/Venture/Content/fonts/venture-font.woff
Requested by
Host: www.totalflow.company
URL: https://www.totalflow.company/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
433e3ab4d1d2d75ac304c6074d3e712c791a1a1bea07d2eea0c58d62a7434eee
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.totalflow.company/storeclosed
Origin
https://www.totalflow.company
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 23 Feb 2023 15:00:21 GMT
server
Microsoft-IIS/10.0
date
Mon, 15 Jul 2024 10:23:30 GMT
etag
"1d947978cae1968"
x-frame-options
SAMEORIGIN
content-type
application/font-woff
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
10728
x-xss-protection
1; mode=block
9hwk-3fxyidlkwcf2locmw.styles.css
www.totalflow.company/css/ 		262 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.company/css/9hwk-3fxyidlkwcf2locmw.styles.css?v=2w0PUATjAEoCV4UhJt7F71ygHcE
Requested by
Host: www.totalflow.company
URL: https://www.totalflow.company/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
9cdfca5aa57e35bf729983ef75669bad136cfd744f2ba578e7e658675c70982e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.totalflow.company/storeclosed
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
last-modified
Wed, 27 Dec 2023 03:08:44 GMT
server
Microsoft-IIS/10.0
date
Mon, 15 Jul 2024 10:23:30 GMT
referrer-policy
same-origin
etag
"2w0PUATjAEoCV4UhJt7F71ygHcE"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000,immutable
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
x-xss-protection
1; mode=block
0016817_TOTALFLOW.jpeg
www.totalflow.shop/images/thumbs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totalflow.shop/images/thumbs/0016817_TOTALFLOW.jpeg
Requested by
Host: www.totalflow.company
URL: https://www.totalflow.company/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
39f79be37387dadf2af10e7e930108447a4d407ae3f6362a92670303888a36d8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
server
Microsoft-IIS/10.0
date
Mon, 15 Jul 2024 10:23:31 GMT
x-frame-options
SAMEORIGIN
content-type
image/avif
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
content-length
3553
x-xss-protection
1; mode=block
VMAD.png.webp
www.totalflow.company/images/uploaded/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totalflow.company/images/uploaded/VMAD.png.webp
Requested by
Host: www.totalflow.company
URL: https://www.totalflow.company/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
aae65f38e6f32d400fc3be3e7052207d773287da40a134b107ba7c0102c13fc7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.totalflow.company/storeclosed
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 16 Dec 2022 12:52:53 GMT
server
Microsoft-IIS/10.0
date
Mon, 15 Jul 2024 10:23:30 GMT
etag
"1d9114d4f9d142a"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
21674
x-xss-protection
1; mode=block
USAF.png.webp
www.totalflow.company/images/uploaded/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totalflow.company/images/uploaded/USAF.png.webp
Requested by
Host: www.totalflow.company
URL: https://www.totalflow.company/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
3d87fef583d2017cf9a8bac133fabe517fcf1897bbf09a2b9a23af245fc06db5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.totalflow.company/storeclosed
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 16 Dec 2022 12:52:52 GMT
server
Microsoft-IIS/10.0
date
Mon, 15 Jul 2024 10:23:30 GMT
etag
"1d9114d4f04a6e6"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
3302
x-xss-protection
1; mode=block
powered-by-aws-white.png
d0.awsstatic.com/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d0.awsstatic.com/logos/powered-by-aws-white.png
Requested by
Host: www.totalflow.company
URL: https://www.totalflow.company/storeclosed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:de00:f:6dc5:9bc8:f821 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
764532442dcbaa3b49cf400314d8d82697802c2a4d7caefee845be91a2ec9c5c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-meta-sha1
84e327ff56180cce3616c360143e2d92910f6296
x-amz-version-id
_5mTEAvqnxUyCxF3OphbWiYO._y73K8H
date
Mon, 15 Jul 2024 07:02:38 GMT
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
12060
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
3151
last-modified
Tue, 03 Oct 2017 21:31:58 GMT
server
AmazonS3
etag
"96c7fe68f885c20c1a868b40f7d9dc16"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
X-UiBxfRd9MqPuzY-PrJiJD7WEp7AKWzup36yDUCg1H9l6wGp6JGPw==
css
fonts.googleapis.com/ 		1 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fjalla+One&subset=latin-ext&display=swap
Requested by
Host: www.totalflow.company
URL: https://www.totalflow.company/storeclosed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f13234dabd5e0c1168d32682fd179b8e279d1f4a660afd642406d4ffd80bf772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 10:23:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 10:16:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 10:23:30 GMT
css
fonts.googleapis.com/ 		761 B
456 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&subset=latin-ext&display=swap
Requested by
Host: www.totalflow.company
URL: https://www.totalflow.company/storeclosed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 10:23:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 10:23:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 10:23:30 GMT
platform.js
static.elfsight.com/platform/
Redirect Chain
  • https://apps.elfsight.com/p/platform.js
  • https://static.elfsight.com/platform/platform.js
48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.elfsight.com/platform/platform.js
Requested by
Host: www.totalflow.company
URL: https://www.totalflow.company/storeclosed
Protocol
H3
Server
172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec24a06e2e9c6dbe79ac537c1c0906c2896eb331ebe94fc3077075d78dc5a6f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 10:23:30 GMT
strict-transport-security
max-age=0
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000005ce1cef2e62d911c-0066850a00-5cc45812-sfo2a
age
2084
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 11 Jun 2024 05:32:12 GMT
server
cloudflare
etag
W/"9cb6cdfa853ae05f7abcff41c1cfd0af"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type
Normal
cache-control
max-age=3600
cf-ray
8a3909999f3a6958-FRA

Redirect headers

date
Mon, 15 Jul 2024 10:23:30 GMT
strict-transport-security
max-age=0
server
cloudflare
vary
Accept-Encoding
content-type
text/html
location
https://static.elfsight.com/platform/platform.js
cache-control
max-age=3600
cf-ray
8a3909994ef76958-FRA
alt-svc
h3=":443"; ma=86400
content-length
167
expires
Mon, 15 Jul 2024 11:23:30 GMT
9zoylgbnvryeyexla2bcdq.scripts.js
www.totalflow.company/js/ 		699 KB
238 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.company/js/9zoylgbnvryeyexla2bcdq.scripts.js?v=Y8QzlKuW5rXtIgOdftkbkylpPNI
Requested by
Host: www.totalflow.company
URL: https://www.totalflow.company/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5c30d452186df974e78130458a151d9afa07b5c5742dcdf482600d476c68fa3e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.totalflow.company/storeclosed
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
last-modified
Thu, 12 Oct 2023 17:07:24 GMT
server
Microsoft-IIS/10.0
date
Mon, 15 Jul 2024 10:23:30 GMT
referrer-policy
same-origin
etag
"Y8QzlKuW5rXtIgOdftkbkylpPNI"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000,immutable
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
x-xss-protection
1; mode=block
jquery.maskedinput.min.js
www.totalflow.company/Plugins/FoxNetSoft.PhoneNumberMask/Scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.company/Plugins/FoxNetSoft.PhoneNumberMask/Scripts/jquery.maskedinput.min.js?v=ZII3BQj_S3l2y0b1pFtX7GAGW3U
Requested by
Host: www.totalflow.company
URL: https://www.totalflow.company/storeclosed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
828007f4e370135715804211afc57dd58f3bbf12b68a9444b10c0ee2911c2b19
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.totalflow.company/storeclosed
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
last-modified
Fri, 28 Apr 2017 11:58:11 GMT
server
Microsoft-IIS/10.0
date
Mon, 15 Jul 2024 10:23:30 GMT
referrer-policy
same-origin
etag
"ZII3BQj_S3l2y0b1pFtX7GAGW3U"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000,immutable
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
x-xss-protection
1; mode=block
/
js.stripe.com/v3/ 		622 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.totalflow.company
URL: https://www.totalflow.company/storeclosed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3166eecdcbf2e0e9c156c45526150bc3b181462cf76777fcff39c0829eda4959
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Jul 2024 10:23:30 GMT
via
1.1 varnish
age
5
x-cache
HIT
content-length
154550
x-request-id
16c5c6b1-62bb-473a-b556-d254ff9ee8be
x-served-by
cache-fra-etou8220048-FRA
last-modified
Fri, 12 Jul 2024 20:19:25 GMT
server
Fastly
etag
"8d70d579ba2b8df39256290c4ac00be8"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
search-button.svg
www.totalflow.company/Themes/Venture/Content/img/ 		949 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totalflow.company/Themes/Venture/Content/img/search-button.svg
Requested by
Host: www.totalflow.company
URL: https://www.totalflow.company/css/9hwk-3fxyidlkwcf2locmw.styles.css?v=2w0PUATjAEoCV4UhJt7F71ygHcE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
6a783653a713b82df0c46e0735d1651b57c9d80305e2d1fe1abebc2e8a50fe2f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.totalflow.company/css/9hwk-3fxyidlkwcf2locmw.styles.css?v=2w0PUATjAEoCV4UhJt7F71ygHcE
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 23 Feb 2023 15:00:21 GMT
server
Microsoft-IIS/10.0
date
Mon, 15 Jul 2024 10:23:31 GMT
etag
"1d947978cae3335"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
949
x-xss-protection
1; mode=block
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.totalflow.company
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:56:54 GMT
x-content-type-options
nosniff
age
501998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 14:56:54 GMT
subscribe-button.svg
www.totalflow.company/Themes/Venture/Content/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totalflow.company/Themes/Venture/Content/img/subscribe-button.svg
Requested by
Host: www.totalflow.company
URL: https://www.totalflow.company/css/9hwk-3fxyidlkwcf2locmw.styles.css?v=2w0PUATjAEoCV4UhJt7F71ygHcE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
a4d846ea764e2d8ef79342ddd4b2c353b07307c6f448dd1f76d9057b5c390c54
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.totalflow.company/css/9hwk-3fxyidlkwcf2locmw.styles.css?v=2w0PUATjAEoCV4UhJt7F71ygHcE
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 23 Feb 2023 15:00:21 GMT
server
Microsoft-IIS/10.0
date
Mon, 15 Jul 2024 10:23:31 GMT
etag
"1d947978cae342a"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
1194
x-xss-protection
1; mode=block
Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v15/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjalla+One&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.totalflow.company
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:48:28 GMT
x-content-type-options
nosniff
age
502504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44584
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 20:46:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 14:48:28 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 41C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-20.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1006
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 15 Jul 2024 10:06:48 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 12 Jul 2024 20:02:25 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
x-amz-cf-id
2rxjOoRTM9eXBVBjXeNpNFiLwNV5lP4LthaEG5Xyk2o-Ua2FYuhlkw==
x-amz-cf-pop
FRA60-P7
x-amz-meta-origin-agent-cluster
?1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
favicon.ico
www.totalflow.company/icons/icons_0/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.totalflow.company/icons/icons_0/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.13.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-177-195.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5c75565675be05493e398afd032b5674098e0873b435e4218607f0d1127acb1f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.totalflow.company/storeclosed
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 21 May 2023 06:44:22 GMT
server
Microsoft-IIS/10.0
date
Mon, 15 Jul 2024 10:23:33 GMT
etag
"1d98bafacdf637e"
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
1150
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| OpenWindow function| setLocation function| displayAjaxLoading function| displayPopupNotification function| displayJoinedPopupNotifications function| displayPopupContentFromUrl function| displayBarNotification function| htmlEncode function| htmlDecode function| addAntiForgeryToken object| AjaxCart function| createCombinationsBehavior object| cookieHelper function| $ function| jQuery object| kendo object| sevenSpikesCore object| CatalogProducts object| nopAjaxCart object| sevenSpikesThemeModules function| sevenSpikesTheme object| webpackChunkStripeJSouter function| noop function| Stripe function| fnssavecustomertracking object| localized_data function| newsletter_subscribe function| fnsPhoneNumberMask object| __core-js_shared__ object| core object| eapps

6 Cookies

Domain/Path Name / Value
www.totalflow.company/ Name: .Nop.Customer
Value: c4be6bca-ac22-4f7b-83e3-74b9098d861d
www.totalflow.company/ Name: .Nop.Culture
Value: c%3Den-US%7Cuic%3Den-US
www.totalflow.company/ Name: .Nop.Antiforgery
Value: CfDJ8PcmSdZ5Yv5GjW0jTN4jNATkUBleCdkob_NcrwxgfBnTfJTyhjPrE39VisuMWhQ1NZDftLaugEi2qsdHhnhbtaHhddU5wVeA6wfGcD3PKfQCeOHnsDfHerAi4Je5RnZke78yyUtFy6-X4E5xqGxgtGA
m.stripe.com/ Name: m
Value: 33e59f0c-2b88-4dd7-aad1-0a8794efd21c8b0585
.www.totalflow.company/ Name: __stripe_mid
Value: 5e239de8-c6c7-4d27-811e-8b2fa898bd3ec04d58
.www.totalflow.company/ Name: __stripe_sid
Value: a122b6e3-86ad-4430-b970-e3573a8d96fab9056a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.elfsight.com
d0.awsstatic.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
static.elfsight.com
totalflow.company
www.totalflow.company
www.totalflow.shop
151.101.192.176
172.67.22.83
2600:9000:2251:de00:f:6dc5:9bc8:f821
2a00:1450:4001:803::2003
2a00:1450:4001:812::200a
3.13.177.195
3.160.150.20
23f2d5da476e12ad329c81b54ea2c6a59b90ab3404d6845769ff7001af6d828e
3166eecdcbf2e0e9c156c45526150bc3b181462cf76777fcff39c0829eda4959
39f79be37387dadf2af10e7e930108447a4d407ae3f6362a92670303888a36d8
3d87fef583d2017cf9a8bac133fabe517fcf1897bbf09a2b9a23af245fc06db5
433e3ab4d1d2d75ac304c6074d3e712c791a1a1bea07d2eea0c58d62a7434eee
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
5c30d452186df974e78130458a151d9afa07b5c5742dcdf482600d476c68fa3e
5c75565675be05493e398afd032b5674098e0873b435e4218607f0d1127acb1f
6a783653a713b82df0c46e0735d1651b57c9d80305e2d1fe1abebc2e8a50fe2f
764532442dcbaa3b49cf400314d8d82697802c2a4d7caefee845be91a2ec9c5c
828007f4e370135715804211afc57dd58f3bbf12b68a9444b10c0ee2911c2b19
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1
9cdfca5aa57e35bf729983ef75669bad136cfd744f2ba578e7e658675c70982e
a4d846ea764e2d8ef79342ddd4b2c353b07307c6f448dd1f76d9057b5c390c54
aae65f38e6f32d400fc3be3e7052207d773287da40a134b107ba7c0102c13fc7
cec24a06e2e9c6dbe79ac537c1c0906c2896eb331ebe94fc3077075d78dc5a6f
f13234dabd5e0c1168d32682fd179b8e279d1f4a660afd642406d4ffd80bf772