elfontheshelf.com Open in urlscan Pro
18.66.248.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://elfontheshelf.com/
Effective URL:
https://elfontheshelf.com/
Submission: On December 05 via manual (December 5th 2023, 1:49:18 pm UTC) from US — Scanned from DE

Summary HTTP 42 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 42 HTTP transactions. The main IP is 18.66.248.90, located in United States and belongs to AMAZON-02, US. The main domain is elfontheshelf.com. The Cisco Umbrella rank of the primary domain is 190987.
TLS certificate: Issued by Amazon RSA 2048 M01 on September 13th 2023. Valid for: a year.

This is the only time elfontheshelf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.66.248.14 18.66.248.14	16509 (AMAZON-02) (AMAZON-02)
6	18.66.248.90 18.66.248.90	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
16	18.66.248.4 18.66.248.4	16509 (AMAZON-02) (AMAZON-02)
1	52.0.200.16 52.0.200.16	14618 (AMAZON-AES) (AMAZON-AES)
7	2606:4700:440... 2606:4700:4400::ac40:936c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	108.157.4.80 108.157.4.80	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
42	11

1 18.66.248.14 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-14.dus51.r.cloudfront.net

elfontheshelf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.248.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-90.dus51.r.cloudfront.net

elfontheshelf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.66.248.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-4.dus51.r.cloudfront.net

media.elfontheshelf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.200.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: privo.com

privohub.privo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::ac40:936c (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.80 (Germany)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-80.dus51.r.cloudfront.net

uyc31i9b5j.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	elfontheshelf.com 1 redirects elfontheshelf.com — Cisco Umbrella Rank: 190987 media.elfontheshelf.com — Cisco Umbrella Rank: 233899	1 MB
7	cookiepro.com cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 7128	103 KB
3	gstatic.com fonts.gstatic.com	120 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	259 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	300 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 548	303 B
1	amazonaws.com uyc31i9b5j.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 460670	457 B
1	privo.com privohub.privo.com — Cisco Umbrella Rank: 137049	66 KB
42	9

	Domain	Requested by
16	media.elfontheshelf.com	elfontheshelf.com
7	cookie-cdn.cookiepro.com	elfontheshelf.com cookie-cdn.cookiepro.com
7	elfontheshelf.com	1 redirects elfontheshelf.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	elfontheshelf.com www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
2	fonts.googleapis.com	elfontheshelf.com
1	geolocation.onetrust.com	cookie-cdn.cookiepro.com
1	uyc31i9b5j.execute-api.us-east-1.amazonaws.com	media.elfontheshelf.com
1	privohub.privo.com	elfontheshelf.com
42	10

This site contains links to these domains. Also see Links.

Domain
www.santasnorthpole.com
shop.elfontheshelf.com
web.roblox.com
lumistella.com
portal.ccaandb.com
privo.com
cookiepedia.co.uk
www.cookiepro.com

Subject Issuer	Validity	Valid
*.elfontheshelf.com Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
privo.com Amazon RSA 2048 M02	`2023-09-01` - `2024-09-30`	a year	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2023-03-20` - `2024-03-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon RSA 2048 M01	`2023-02-08` - `2024-03-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://elfontheshelf.com/
Frame ID: DD5871037DD825FE8706F9FB53CBDE95
Requests: 43 HTTP requests in this frame

Frame: https://elfontheshelf.com/wp-content/themes/eots2020/assets/images/logo.svg
Frame ID: 9D5EE4B03B3999E9C84AB59E7624750D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Elf on the Shelf | A Christmas Tradition

Page URL History Show full URLs

http://elfontheshelf.com/ HTTP 301
https://elfontheshelf.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Page Statistics

42
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

10
Subdomains

11
IPs

2
Countries

1943 kB
Transfer

3126 kB
Size

6
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.santasnorthpole.com/?from=rolegate
Title: Kids

Search URL Search Domain Scan URL

URL: https://www.santasnorthpole.com/
Title: Kids

Search URL Search Domain Scan URL

URL: https://shop.elfontheshelf.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://shop.elfontheshelf.com/collections/elf-mates/?from=hpblock

Search URL Search Domain Scan URL

URL: http://www.santasnorthpole.com/?from=hpblock

Search URL Search Domain Scan URL

URL: https://web.roblox.com/games/7581658375

Search URL Search Domain Scan URL

URL: https://shop.elfontheshelf.com/?from=hpblock

Search URL Search Domain Scan URL

URL: https://lumistella.com/?from=eotssite
Title: Corporate Information

Search URL Search Domain Scan URL

URL: https://portal.ccaandb.com/NewAccount.aspx
Title: Sales Inquiries

Search URL Search Domain Scan URL

URL: http://privo.com/privo-site-validation/?company=343

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.cookiepro.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://elfontheshelf.com/ HTTP 301
https://elfontheshelf.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
elfontheshelf.com/
Redirect Chain

http://elfontheshelf.com/
https://elfontheshelf.com/

46 KB
11 KB

45ms
23ms

Document
text/html

18.66.248.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fba29e92ba6f6b66a503d528cfbaf21c842c5e6f39b21c8d130e46689b409280

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62214
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 20:32:19 GMT
etag: W/"b852cb92a401e13e9506727ce5ef9f37"
last-modified: Mon, 04 Dec 2023 20:31:49 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
x-amz-cf-id: -DNTG4nWF2TzKd32Inh7ZLlwRCIcg0thF6WsJJbx5j4VGzzcXlNiHw==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Tue, 05 Dec 2023 13:49:12 GMT
Location: https://elfontheshelf.com/
Server: CloudFront
Via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: kTeExd6qXY3NfdUdaQgSY_vGt_Z1WFnWBKoZRPEEvP2ZCBZtyXdmSw==
X-Amz-Cf-Pop: DUS51-P1
X-Cache: Redirect from cloudfront

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
839 B 181ms
60ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Courgette&family=Delius&display=swap

Requested by

Host: elfontheshelf.com
URL: https://elfontheshelf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5a8aaba299d2e0e40b26e42402b78c4685d46efe17adc99da130be5eee056f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 13:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 13:49:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 13:49:13 GMT

GET
H2 200 style.css
elfontheshelf.com/wp-content/themes/eots2020/ 179 KB
30 KB 11ms
11ms Stylesheet
text/css 18.66.248.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elfontheshelf.com/wp-content/themes/eots2020/style.css?ver=1.2.22
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72fa3ec86fc738e363503042c90732e387b2673372332d67eb09fa7331cb9367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:32:15 GMT
content-encoding: gzip
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 20:31:52 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 62218
etag: W/"1dd5f1397e6d1b83874d55be2e766e2a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: c2SEf3YyEhgG6uSgerD2p-PrZGnezxewslnYo4mtyoDc3_SlDD2Q3w==

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 185ms
65ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Barlow+Condensed:ital,wght@0,500;1,500

Requested by

Host: elfontheshelf.com
URL: https://elfontheshelf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c931f61f57e7ec99601012169c72b99c3ea9176b5addc5618adca7464379bcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 13:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 13:49:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 13:49:13 GMT

GET
H2 200 embed.min.js Show response
media.elfontheshelf.com/libraries/role-gate/ 13 KB
5 KB 74ms
10ms Script
application/javascript 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.elfontheshelf.com/libraries/role-gate/embed.min.js?1
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f2753c195c17ccf4e1b5fab13061b747e027e1e339c9da5fe5b56b57af5edac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: J3nEblrZU.BNjy5x0TWXsZIURZZs9NZd
content-encoding: gzip
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
date: Mon, 04 Dec 2023 19:38:49 GMT
x-amz-cf-pop: DUS51-P1
age: 65424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-meta-server-side-encryption: AES256
last-modified: Mon, 09 Oct 2023 13:15:07 GMT
server: AmazonS3
etag: W/"9a7b6e17ecf30547a4d68a78f7a6979b-1"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-amz-meta-version-id: cl93EheGFicG2RapUqqnYcdDaDXT0YiS
x-amz-cf-id: 9H6XolO0u09qRTTabVzUuJ9auM5WK6hU8GAczhPNEEBKkJq-2P4UvQ==

GET
H2 200 embed.min.js Show response
media.elfontheshelf.com/libraries/location/ 6 KB
3 KB 42ms
42ms Script
application/javascript 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.elfontheshelf.com/libraries/location/embed.min.js?1
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9949b2cd1bc22fd9240fe1be55a0dde17fbfdd8e7750752f1f13a865f942e1a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: Pp_NeC.XR_3jIFoXnMUkovrJApb27dTP
content-encoding: gzip
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
date: Mon, 04 Dec 2023 17:22:01 GMT
x-amz-cf-pop: DUS51-P1
age: 73632
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-meta-server-side-encryption: AES256
last-modified: Thu, 09 Nov 2023 14:11:24 GMT
server: AmazonS3
etag: W/"1a8d82a302044f27df1183b19284c605"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-amz-meta-version-id: vqnpVG1Od9rZ6hccDdTUCyA6afO_tL8x
x-amz-cf-id: YkaCkTzyDcSkXSZBDtHfgwXFciB7hChpoi1kUt0m9q8tFm-1ia2oxA==

GET
H2 200 EOTS-Extraordinary-Noorah-2023-banner-hero.jpg
media.elfontheshelf.com/wp-content/uploads/2023/11/ 186 KB
186 KB 99ms
35ms Image
image/jpeg 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.elfontheshelf.com/wp-content/uploads/2023/11/EOTS-Extraordinary-Noorah-2023-banner-hero.jpg
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88514f3efdbd87c6fc46c218ec2062f43f399b38d30585129962b2ed3e9a786c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: vRn6f3939vINcCXWnKRBQ6G09D0p5J2v
date: Tue, 05 Dec 2023 13:42:40 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
last-modified: Wed, 01 Nov 2023 14:57:00 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 26314
x-amz-server-side-encryption: AES256
etag: "44a7c65f0001401e992d3e1d0478d125"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 190033
x-amz-cf-id: j6Zbl8Pyd1AhPdqMaL1giSzK1tWAUH7eV4WgTICdS4F46O7bUauVdA==

GET
H2 200 hp2020-scoutelf.jpg
media.elfontheshelf.com/wp-content/uploads/2020/11/ 72 KB
73 KB 75ms
11ms Image
image/jpeg 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.elfontheshelf.com/wp-content/uploads/2020/11/hp2020-scoutelf.jpg
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 980b978ab28ba2a148b55d135fc49f6325dedd8860bef7d11457ba2ce260c89a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 04 Dec 2023 17:57:13 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
last-modified: Mon, 16 Nov 2020 21:44:01 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 71520
etag: "233f5f45eb0745ff35958645ba2b080e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 74034
x-amz-cf-id: mFk44fAbONkiFe4qX_8PYKLNRNHp4udnAaOywTw3fcS1W8ltj3mguA==

GET
H2 200 hp2020-elfpets.jpg
media.elfontheshelf.com/wp-content/uploads/2020/11/ 72 KB
73 KB 92ms
31ms Image
image/jpeg 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.elfontheshelf.com/wp-content/uploads/2020/11/hp2020-elfpets.jpg
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e050a02c31911037b7ce8b51e5b600ecb7dd6af3fe658cbd1996a7e27ea3f285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 04 Dec 2023 17:57:13 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
last-modified: Mon, 16 Nov 2020 21:43:52 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 71520
etag: "1e425fb5c525c26645826712a531aa93"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 73977
x-amz-cf-id: PY3IH8KeR37RvHLjIDQ2Zhy5LeeWKzAawHgS0cXyu7ECc9qBQVSh3g==

GET
H2 200 hp2021-ideas.jpg
media.elfontheshelf.com/wp-content/uploads/2021/10/ 60 KB
61 KB 85ms
23ms Image
image/jpeg 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.elfontheshelf.com/wp-content/uploads/2021/10/hp2021-ideas.jpg
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb9412cef2960dc12aa4583b102b5c0e7336960da6bae18def25db7d390fd442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: Hq6bP809qf_tsC.ODaX9c3S6aivHrsZn
date: Mon, 04 Dec 2023 17:57:13 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
last-modified: Tue, 12 Oct 2021 00:57:32 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 71520
etag: "56d66c3a7d7fc3ec5822a41e25b10912"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 61925
x-amz-cf-id: _Qt1R-kIRtYUYQj4VFS3n2eF8eBcyD21RevX5wYJ3xi0cQ8rH9MPBw==

GET
H2 200 hp2020-elfmates.jpg
media.elfontheshelf.com/wp-content/uploads/2021/10/ 55 KB
55 KB 104ms
43ms Image
image/jpeg 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.elfontheshelf.com/wp-content/uploads/2021/10/hp2020-elfmates.jpg
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59f0d1c993843748433342ea6bb968008cc5166a10b257e00c7b55e3cf7a91e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: VLtPAf30CN6YWcUXy_OSSACWfloSHlDZ
date: Mon, 04 Dec 2023 17:57:13 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
last-modified: Fri, 08 Oct 2021 21:14:24 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 71520
etag: "38a0bd25f981123aa9fdf085ef4fec7f"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 56121
x-amz-cf-id: xCVI_q17wxXB7xSo0FGEjwZ0Mf_GwqmDa1r5UYr4F3tamSuHhg-X0Q==

GET
H2 200 hp2023-teachers-hp-block-us.jpg
media.elfontheshelf.com/wp-content/uploads/2023/09/ 73 KB
74 KB 43ms
43ms Image
image/jpeg 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.elfontheshelf.com/wp-content/uploads/2023/09/hp2023-teachers-hp-block-us.jpg
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd39ae62a749e117366fb041529da42b23cc1c58b8c06c91ce9a26bfc572325a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: b2E_JX5rwxUpRoWTv.lRUZG9bUddHzNs
date: Mon, 04 Dec 2023 17:57:13 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
last-modified: Mon, 18 Sep 2023 12:03:26 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 71520
x-amz-server-side-encryption: AES256
etag: "d843e89bb5afa61ac715265b8c16be5e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 74772
x-amz-cf-id: ClJDziInQFbmgkWrvpXfBshFNY1QhOjM8nc76O-9GmZjTo7WuHxTKw==

GET
H2 200 hp2020-kids.jpg
media.elfontheshelf.com/wp-content/uploads/2020/11/ 86 KB
87 KB 53ms
52ms Image
image/jpeg 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.elfontheshelf.com/wp-content/uploads/2020/11/hp2020-kids.jpg
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b1117d3eed41a8e0347484cd6e2a010f603b72227a78c93f57555a8340b1275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 04 Dec 2023 17:57:13 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
last-modified: Mon, 16 Nov 2020 21:43:59 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 71519
etag: "17169830f833b54fe2df363ee1be4c3d"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 88221
x-amz-cf-id: LzjoUrqWO3MEmR85MDzk25Sh0jRAs8MQKH41ZMT22Wx_aXLHtzhLHQ==

GET
H2 200 hp2022-kids-roblox-yeti2.jpg
media.elfontheshelf.com/wp-content/uploads/2022/11/ 72 KB
72 KB 45ms
44ms Image
image/jpeg 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.elfontheshelf.com/wp-content/uploads/2022/11/hp2022-kids-roblox-yeti2.jpg
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e7374d5e8f9927860da7024563e45de3c188154392a6a8949ea7c006bd37de7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:54:27 GMT
x-amz-version-id: StupHgf.IWfe5uTrh0pj3NTFShQ4CJlT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
last-modified: Fri, 04 Nov 2022 20:07:57 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 17686
etag: "4a08a75d0116f5da257cc806615efab4"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 73602
x-amz-cf-id: FhpkJr4jDZTCFjHn8hIhkwcRMX5ucX3n7VH2otD_DE-XKqbd-IHxgw==

GET
H2 200 hp2023-entertainment-hp-block-us.jpg
media.elfontheshelf.com/wp-content/uploads/2023/09/ 104 KB
105 KB 50ms
49ms Image
image/jpeg 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.elfontheshelf.com/wp-content/uploads/2023/09/hp2023-entertainment-hp-block-us.jpg
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b4a7ed79b9130174ed607c6f24f1c096539f1a7ccb2e11ededfa1512bda1326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: tMwnWnr6ImRhny_AN5mCBAfpQrcxou50
date: Mon, 04 Dec 2023 17:57:14 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
last-modified: Mon, 18 Sep 2023 12:03:31 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 71519
x-amz-server-side-encryption: AES256
etag: "fb7e5e4bb83bdb4e0e955b2d555f8b61"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 106573
x-amz-cf-id: E3_3gwUKNcFx6XlPIHdVWUFBWKy6yF91mHpHvq22zH8m0xX-fJH5Kw==

GET
H2 200 hp2020-shop.jpg
media.elfontheshelf.com/wp-content/uploads/2020/11/ 60 KB
60 KB 46ms
45ms Image
image/jpeg 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.elfontheshelf.com/wp-content/uploads/2020/11/hp2020-shop.jpg
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 437125c3d1b56a2e5d7d81bd9689b6809f7057a8e2e05a8441c9ae7bed5a5863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:54:27 GMT
x-amz-version-id: null
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
last-modified: Mon, 16 Nov 2020 21:44:02 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 17686
etag: "cd1755a05ec7b6db7466b5bb6bb6897c"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 61166
x-amz-cf-id: lhUKqXuXkmApMvLjoUQBy9exzMf4WBXj0eCsq9gpLjrBWutkrDDguA==

GET
H2 200 hp2020-temp-email-text.png
media.elfontheshelf.com/wp-content/uploads/2020/11/ 9 KB
10 KB 47ms
47ms Image
image/png 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.elfontheshelf.com/wp-content/uploads/2020/11/hp2020-temp-email-text.png
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acfdbe034720fb2d012f6367ca8ea307e299501a5de5647230a0b4f187c776bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 04 Dec 2023 17:57:14 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
last-modified: Mon, 16 Nov 2020 21:44:03 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 71519
etag: "4351e96ae99aa9c3c7dece3f3cf4ad7b"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 9601
x-amz-cf-id: MlstIEoKne6-GW1aTY2D3XZ6lnaFOyapYnnvQWepkovb6Q7p9MebrA==

GET
H2 200 lumistella-horizontal-logo1.svg
media.elfontheshelf.com/files/managed/ 16 KB
7 KB 48ms
48ms Image
image/svg+xml 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.elfontheshelf.com/files/managed/lumistella-horizontal-logo1.svg
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e141629260bb0f61d9229c1cbc7d959ef907bce9bac0ad35b9eff67665d53d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:38:59 GMT
x-amz-version-id: h67pWKoWV.QZV.6G7xsUhai_zAu9oFX1
content-encoding: br
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 29414
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-meta-file-mtime: 1596462271162000000ns
x-amz-meta-file-atime: 1596462271162000000ns
x-amz-meta-file-group: 65534
last-modified: Mon, 25 Sep 2023 15:40:16 GMT
server: AmazonS3
x-amz-meta-file-permissions: 100755
etag: W/"04ed140914e6737bd3fe4466117b5a00"
x-amz-meta-user-agent: aws-datasync
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-amz-meta-version-id: null
x-amz-meta-file-owner: 65534
x-amz-cf-id: cT9qx4tRooBaf7bS5MhIDzn4PHD6BuNXnWNJg0KgRLXMU7D51eTIZA==

GET
H2 200 COPPA.png
privohub.privo.com/files/images/certSeal2018/ 76 KB
66 KB 332ms
108ms Image
image/png 52.0.200.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://privohub.privo.com/files/images/certSeal2018/COPPA.png

Requested by

Host: elfontheshelf.com
URL: https://elfontheshelf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.200.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

privo.com

Software

istio-envoy /

Resource Hash

e8eceb3e463eeaf072df2a69d72167c5f07d91f660ee67de307c8cffbf527d8d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';default-src 'none';object-src 'none';media-src 'self' data: https://idn.intellicheck.com https://js.hs-scripts.com https://.privo.com https://.s3.amazonaws.com;worker-src 'self' blob: data:;img-src 'self' blob: data: https://.intellicheck.com https://js.hs-scripts.com https://.privo.com https://.s3.amazonaws.com https://.paypalobjects.com https://.google-analytics.com;style-src 'unsafe-inline' 'self' https://.privo.com https://.s3.amazonaws.com https://fonts.googleapis.com https://cdnjs.cloudflare.com;style-src-elem 'unsafe-inline' 'self' https://js.hs-scripts.com https://.privo.com https://.s3.amazonaws.com https://fonts.googleapis.com https://cdnjs.cloudflare.com;font-src https://js.hs-scripts.com https://.privo.com https://.s3.amazonaws.com https://fonts.googleapis.com https://fonts.gstatic.com;script-src 'unsafe-inline' 'unsafe-eval' https://.privo.com https://www.googletagmanager.com https://www.google-analytics.com https://cdnjs.cloudflare.com https://.s3.amazonaws.com;connect-src 'self' blob: data: https://.privo.com https://.s3.amazonaws.com https://www.google-analytics.com;child-src https: ;frame-ancestors https: ;form-action 'self' https: https://.privo.com http://kawatest.madisonpg.com https://app.buildfire.com http://app.buildfire.com https://app.buildfire.com http://auth.buildfire.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Mon, 10 Dec 2018 17:05:49 GMT
server: istio-envoy
content-security-policy: base-uri 'self';default-src 'none';object-src 'none';media-src 'self' data: https://idn.intellicheck.com https://js.hs-scripts.com https://*.privo.com https://*.s3.amazonaws.com;worker-src 'self' blob: data:;img-src 'self' blob: data: https://*.intellicheck.com https://js.hs-scripts.com https://*.privo.com https://*.s3.amazonaws.com https://*.paypalobjects.com https://*.google-analytics.com;style-src 'unsafe-inline' 'self' https://*.privo.com https://*.s3.amazonaws.com https://fonts.googleapis.com https://cdnjs.cloudflare.com;style-src-elem 'unsafe-inline' 'self' https://js.hs-scripts.com https://*.privo.com https://*.s3.amazonaws.com https://fonts.googleapis.com https://cdnjs.cloudflare.com;font-src https://js.hs-scripts.com https://*.privo.com https://*.s3.amazonaws.com https://fonts.googleapis.com https://fonts.gstatic.com;script-src 'unsafe-inline' 'unsafe-eval' https://*.privo.com https://www.googletagmanager.com https://www.google-analytics.com https://cdnjs.cloudflare.com https://*.s3.amazonaws.com;connect-src 'self' blob: data: https://*.privo.com https://*.s3.amazonaws.com https://www.google-analytics.com;child-src https: ;frame-ancestors https: ;form-action 'self' https: https://*.privo.com http://kawatest.madisonpg.com https://app.buildfire.com http://app.buildfire.com https://app.buildfire.com http://auth.buildfire.com;
referrer-policy: strict-origin
content-type: image/png
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block

GET
H2 200 OtAutoBlock.js Show response
cookie-cdn.cookiepro.com/consent/1790f3be-f100-492b-beaa-1cbb4c97041b/ 8 KB
2 KB 62ms
28ms Script
application/x-javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/1790f3be-f100-492b-beaa-1cbb4c97041b/OtAutoBlock.js

Requested by

Host: elfontheshelf.com
URL: https://elfontheshelf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c04f6ce0c495daf09539f5759e0f9775cecaf68380043ad96a12da0cd21d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Dec 2023 13:49:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: JSWTPPlYE/1Fy8ZQKAFWIQ==
age: 57831
x-ms-lease-status: unlocked
last-modified: Mon, 11 Oct 2021 17:14:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a9348f29-201e-0077-0356-0dedd9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 830cc04bf8364d8d-FRA

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 21 KB
7 KB 55ms
20ms Script
application/javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: elfontheshelf.com
URL: https://elfontheshelf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Dec 2023 13:49:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: /EzX6ku1+i8ak28m1WuIrw==
age: 23717
x-ms-lease-status: unlocked
last-modified: Fri, 01 Dec 2023 17:43:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 70530043-401e-002c-1fdb-24d4e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 830cc04bf8384d8d-FRA
expires: Wed, 06 Dec 2023 13:49:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
90 KB 188ms
71ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-50M00WY8PQ

Requested by

Host: elfontheshelf.com
URL: https://elfontheshelf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd3b9bee484ed358640aebfaef11f87225e733af867abc843c42729630ad6747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:49:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91613
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 13:49:13 GMT

GET
H2 200 global.min.js Show response
elfontheshelf.com/wp-content/themes/eots2020/js/ 24 KB
8 KB 22ms
22ms Script
application/x-javascript 18.66.248.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elfontheshelf.com/wp-content/themes/eots2020/js/global.min.js?ver=1.2.22
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4c302984a2e44175f0d2ec3964bd3181e2bd4c80ad9e2efc830612f9449178d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:32:37 GMT
content-encoding: gzip
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 20:31:52 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 62196
etag: W/"053edd857a0a46dc6276f93b8a5d5243"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-cf-id: gV-zpRn-xD8AGbmOtrETV-z0gTlL6ZWewzrBlNj6PpsDl26lc-PPPw==

GET
H2 200 role-gate-kids-desktop.jpg
media.elfontheshelf.com/files/role-gate/2020/ 147 KB
148 KB 11ms
11ms Image
image/jpeg 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.elfontheshelf.com/files/role-gate/2020/role-gate-kids-desktop.jpg
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b16c505ef90fac85c3029ce9f367e4d8ab5b43034a5b811d5b81ce881d94f48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 04 Dec 2023 18:26:39 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
last-modified: Fri, 13 Nov 2020 14:39:05 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 69755
etag: "237d7df33f51cfe39099e6cfaa50ce6c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 150654
x-amz-cf-id: XIiKzMScDWfzdwKrOqMs1zNcL9S-3ARdqlcE68cEyttYPFdsZvTGxQ==

GET
H2 200 role-gate-parent-desktop.jpg
media.elfontheshelf.com/files/role-gate/2020/ 165 KB
166 KB 11ms
11ms Image
image/jpeg 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.elfontheshelf.com/files/role-gate/2020/role-gate-parent-desktop.jpg
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5c188d35ec26f148daa80f64ed58cef7e16f91e582ed315d0c902b393a523c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 04 Dec 2023 18:26:39 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
last-modified: Fri, 13 Nov 2020 14:39:06 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 69755
etag: "693cb0a017d1ae6252f5d7deb2815267"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 169330
x-amz-cf-id: EAPlLHte08Tcgn8EEADAP-wpl01UrZ_L5sE82Yo3fnANefXTOok6Vg==

GET
H2 200 background.jpg
elfontheshelf.com/wp-content/themes/eots2020/assets/images/ 136 KB
137 KB 23ms
23ms Image
image/jpeg 18.66.248.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfontheshelf.com/wp-content/themes/eots2020/assets/images/background.jpg?1
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3f208e04eb49645849186a820ba19473fe624c7c03b429338e8b682f45985b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:32:10 GMT
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 20:31:52 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 62224
etag: "70edc2a5d06d2aa1a26df1b966570c5e"
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 139499
x-amz-cf-id: 94xy6bIxNAxpoq4kMSFNvIp3rq1PQz-sIESWSsoPo-XSdd6yZgov-A==

GET
DATA 200
OK truncated
/ 43 B
43 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 1790f3be-f100-492b-beaa-1cbb4c97041b.json Show response
cookie-cdn.cookiepro.com/consent/1790f3be-f100-492b-beaa-1cbb4c97041b/ 3 KB
2 KB 60ms
43ms XHR
application/x-javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/1790f3be-f100-492b-beaa-1cbb4c97041b/1790f3be-f100-492b-beaa-1cbb4c97041b.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4a094075570325dd15a9a26c3f7bb05620e90f8636005c90561892a5df49f9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Dec 2023 13:49:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: li+nAln45WRgGatDdenRAQ==
age: 82349
x-ms-lease-status: unlocked
last-modified: Mon, 11 Oct 2021 17:14:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 45fa14a5-701e-0055-09da-1228c6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 830cc04d0f8165c4-FRA

GET
H2 200 country Show response
uyc31i9b5j.execute-api.us-east-1.amazonaws.com/dev/ 17 B
457 B 346ms
306ms XHR
application/json 108.157.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uyc31i9b5j.execute-api.us-east-1.amazonaws.com/dev/country
Requested by: Host: media.elfontheshelf.com
URL: https://media.elfontheshelf.com/libraries/location/embed.min.js?1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.80 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-80.dus51.r.cloudfront.net
Software: /
Resource Hash: 55b8be2fbbb112e5af2264819ddcb9fd9b48a656ec228164514a7d1226d29913

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:49:13 GMT
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
origin: *
x-amz-cf-pop: DUS51-P2
x-amzn-requestid: 887980a3-a89f-49f8-8f4e-ddec1917de06
x-amzn-trace-id: Root=1-656f2a59-6606e3120f11622f3a39ce7a;Sampled=0;lineage=c5ac62bc:0
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-apigw-id: PeOOAGQhoAMEuIg=
content-length: 17
x-amz-cf-id: rgdnb5IRhYGV2MuiIsM72QkCTsWZYDGrOiUJVVVajsg_DkQ5a6FeQg==
access-control-allow-headers: *

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 163ms
53ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Barlow+Condensed:ital,wght@0,500;1,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfontheshelf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:50:21 GMT
x-content-type-options: nosniff
age: 17932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:50:21 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v36/ 49 KB
49 KB 246ms
136ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Barlow+Condensed:ital,wght@0,500;1,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfontheshelf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:12:48 GMT
x-content-type-options: nosniff
age: 2185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50368
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 13:12:48 GMT

GET
H2 200 HTxyL3I-JCGChYJ8VI-L6OO_au7B6xTrK3Lmu4kG.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 22 KB
23 KB 222ms
112ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxyL3I-JCGChYJ8VI-L6OO_au7B6xTrK3Lmu4kG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Barlow+Condensed:ital,wght@0,500;1,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3086a32053f79b6871eec001790b9bf29ef8440a87e339cc33dbd71409ea5cc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfontheshelf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:54:34 GMT
x-content-type-options: nosniff
age: 17679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23020
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:25:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:54:34 GMT

GET
H2 200 logo.svg Show response
elfontheshelf.com/wp-content/themes/eots2020/assets/images/ Frame 9D5E 69 KB
18 KB 22ms
22ms Document
image/svg+xml 18.66.248.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elfontheshelf.com/wp-content/themes/eots2020/assets/images/logo.svg
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b649791837946101a7f6fd166dd5454de95d6a7c8c15e217d89f74b9119cd0e

Request headers

Referer: https://elfontheshelf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62224
content-encoding: gzip
content-type: image/svg+xml
date: Mon, 04 Dec 2023 20:32:10 GMT
etag: W/"e76ccf1df3277b21c87bcc2ae47834fd"
last-modified: Mon, 04 Dec 2023 20:31:52 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
x-amz-cf-id: AW3LDmxwCpoE0JstrvKR4bWkV7BfcySMv7bGukIU9tcHCojmPe80RQ==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 40ms
24ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://elfontheshelf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:49:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 830cc04d8edf0414-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.8.0/ 332 KB
66 KB 28ms
28ms Script
application/javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.8.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80a4168da3bfeb8a7a3d725ad6aabafc536c28503e6c053b3b8067fd1b5cd0cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Dec 2023 13:49:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: ZxViCiQmz7HefYYdJwAS4g==
age: 33462
x-ms-lease-status: unlocked
last-modified: Mon, 19 Oct 2020 01:51:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e646c953-b01e-0017-3a9f-219146000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 830cc04daae14d8d-FRA
expires: Wed, 06 Dec 2023 13:49:13 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 103ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-50M00WY8PQ&gtm=45je3bt0v9101405558&_p=1701784153243&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=100313783.1701784153&ul=en-us&_geo=1&_rdi=1&_s=1&sid=1701784153&sct=1&seg=0&dl=https%3A%2F%2Felfontheshelf.com%2F&dt=The%20Elf%20on%20the%20Shelf%20%7C%20A%20Christmas%20Tradition&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=423
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-50M00WY8PQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:49:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://elfontheshelf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 242 KB
79 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57T4BK7

Requested by

Host: elfontheshelf.com
URL: https://elfontheshelf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be4de13068f30d183c11b2062073e0eca82d3e83634396b65c3e228ff48a0ee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:49:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81244
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 13:49:13 GMT

GET
H2 200 particle.min.js Show response
elfontheshelf.com/wp-content/themes/eots2020/assets/js/ 23 KB
6 KB 26ms
26ms Script
application/x-javascript 18.66.248.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elfontheshelf.com/wp-content/themes/eots2020/assets/js/particle.min.js
Requested by: Host: elfontheshelf.com
URL: https://elfontheshelf.com/wp-content/themes/eots2020/js/global.min.js?ver=1.2.22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:33:02 GMT
content-encoding: gzip
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 20:31:52 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 62172
etag: W/"00debcf6cf0789a19cee2278011afcd4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-cf-id: plWZgTQRuj2mHWagpPVog4lUWHZf0DG2hh8EaTXLUH00iqaQNNk34A==

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/1790f3be-f100-492b-beaa-1cbb4c97041b/9aba73a7-b6cf-405e-aa26-2f7b6df6c123/ 41 KB
10 KB 26ms
26ms Fetch
application/x-javascript 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/1790f3be-f100-492b-beaa-1cbb4c97041b/9aba73a7-b6cf-405e-aa26-2f7b6df6c123/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05bac0b9c92e0fce27565e0177c4789f13a4014b88a2cc86010d3f50acb0a78c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Dec 2023 13:49:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: /i20UEB2Ebdm6ix+Aa6ieQ==
age: 21661
x-ms-lease-status: unlocked
last-modified: Mon, 11 Oct 2021 17:14:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 107ba584-b01e-00ae-730d-15955c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 830cc04df8a165c4-FRA

GET
H2 200 otFlat.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.8.0/assets/ 12 KB
4 KB 22ms
22ms Fetch
application/json 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.8.0/assets/otFlat.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Dec 2023 13:49:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: MC/cbbO9nlbWDh1quobBbA==
age: 22493
x-ms-lease-status: unlocked
last-modified: Mon, 19 Oct 2020 01:50:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 16a4f207-101e-0088-3548-0ddd44000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 830cc04e28f965c4-FRA
expires: Wed, 06 Dec 2023 13:49:13 GMT

GET
H2 200 otPcPanel.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.8.0/assets/v2/ 45 KB
12 KB 25ms
25ms Fetch
application/json 2606:4700:4400::ac40:936c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.8.0/assets/v2/otPcPanel.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

848ce673f6793eefa540c9e395187180b0687bf60bebdb2cedcc5cd0f535f05e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Dec 2023 13:49:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: iIpQY2ynHNbBkKC/eAKnew==
age: 82348
x-ms-lease-status: unlocked
last-modified: Mon, 19 Oct 2020 01:51:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6cffd6dd-501e-00a6-4641-0d8f53000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 830cc04e28fa65c4-FRA
expires: Wed, 06 Dec 2023 13:49:13 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
89 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0MRQCC9LNF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57T4BK7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6087f07f735e602115982274128367288d237a90b00ac1096b692c4ec6b263a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:49:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91509
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 13:49:13 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 36ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0MRQCC9LNF&gtm=45je3bt0v9101851923z877497800&_p=1701784153243&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=100313783.1701784153&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701784153&sct=1&seg=0&dl=https%3A%2F%2Felfontheshelf.com%2F&dt=The%20Elf%20on%20the%20Shelf%20%7C%20A%20Christmas%20Tradition&en=page_view&_fv=1&_ss=1&tfd=735
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0MRQCC9LNF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elfontheshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 13:49:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://elfontheshelf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.elfontheshelf.com/	1970-01-21 02:19:04	Name: _ga_50M00WY8PQ Value: GS1.1.1701784153.1.0.1701784153.0.0.0
.elfontheshelf.com/	1970-01-21 02:19:04	Name: _ga Value: GA1.1.100313783.1701784153
.elfontheshelf.com/	1970-01-21 01:28:40	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+Dec+05+2023+14%3A49%3A13+GMT%2B0100+(Central+European+Standard+Time)&version=6.8.0&hosts=&landingPath=https%3A%2F%2Felfontheshelf.com%2F&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A1%2CC0004%3A0%2CC0005%3A0
.elfontheshelf.com/	1970-01-20 18:52:40	Name: _gcl_au Value: 1.1.362657628.1701784153
elfontheshelf.com/	1970-01-20 18:09:28	Name: intl_verification Value: 1
.elfontheshelf.com/	1970-01-21 02:19:04	Name: _ga_0MRQCC9LNF Value: GS1.1.1701784153.1.0.1701784153.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cookie-cdn.cookiepro.com
elfontheshelf.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
media.elfontheshelf.com
privohub.privo.com
region1.google-analytics.com
uyc31i9b5j.execute-api.us-east-1.amazonaws.com
www.googletagmanager.com
108.157.4.80
18.66.248.14
18.66.248.4
18.66.248.90
2001:4860:4802:34::36
2606:4700:4400::ac40:936c
2606:4700:4400::ac40:9b77
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2003
52.0.200.16
05bac0b9c92e0fce27565e0177c4789f13a4014b88a2cc86010d3f50acb0a78c
06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0
1b1117d3eed41a8e0347484cd6e2a010f603b72227a78c93f57555a8340b1275
2b649791837946101a7f6fd166dd5454de95d6a7c8c15e217d89f74b9119cd0e
3086a32053f79b6871eec001790b9bf29ef8440a87e339cc33dbd71409ea5cc5
437125c3d1b56a2e5d7d81bd9689b6809f7057a8e2e05a8441c9ae7bed5a5863
4e141629260bb0f61d9229c1cbc7d959ef907bce9bac0ad35b9eff67665d53d9
55b8be2fbbb112e5af2264819ddcb9fd9b48a656ec228164514a7d1226d29913
59f0d1c993843748433342ea6bb968008cc5166a10b257e00c7b55e3cf7a91e0
72fa3ec86fc738e363503042c90732e387b2673372332d67eb09fa7331cb9367
7b16c505ef90fac85c3029ce9f367e4d8ab5b43034a5b811d5b81ce881d94f48
7b4a7ed79b9130174ed607c6f24f1c096539f1a7ccb2e11ededfa1512bda1326
7f2753c195c17ccf4e1b5fab13061b747e027e1e339c9da5fe5b56b57af5edac
80a4168da3bfeb8a7a3d725ad6aabafc536c28503e6c053b3b8067fd1b5cd0cb
848ce673f6793eefa540c9e395187180b0687bf60bebdb2cedcc5cd0f535f05e
88514f3efdbd87c6fc46c218ec2062f43f399b38d30585129962b2ed3e9a786c
980b978ab28ba2a148b55d135fc49f6325dedd8860bef7d11457ba2ce260c89a
9949b2cd1bc22fd9240fe1be55a0dde17fbfdd8e7750752f1f13a865f942e1a4
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9c931f61f57e7ec99601012169c72b99c3ea9176b5addc5618adca7464379bcb
9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334
acfdbe034720fb2d012f6367ca8ea307e299501a5de5647230a0b4f187c776bc
b3f208e04eb49645849186a820ba19473fe624c7c03b429338e8b682f45985b5
bb9412cef2960dc12aa4583b102b5c0e7336960da6bae18def25db7d390fd442
bd3b9bee484ed358640aebfaef11f87225e733af867abc843c42729630ad6747
be4de13068f30d183c11b2062073e0eca82d3e83634396b65c3e228ff48a0ee7
c5c188d35ec26f148daa80f64ed58cef7e16f91e582ed315d0c902b393a523c4
d4a094075570325dd15a9a26c3f7bb05620e90f8636005c90561892a5df49f9b
d4c302984a2e44175f0d2ec3964bd3181e2bd4c80ad9e2efc830612f9449178d
d5a8aaba299d2e0e40b26e42402b78c4685d46efe17adc99da130be5eee056f2
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd39ae62a749e117366fb041529da42b23cc1c58b8c06c91ce9a26bfc572325a
e050a02c31911037b7ce8b51e5b600ecb7dd6af3fe658cbd1996a7e27ea3f285
e0c04f6ce0c495daf09539f5759e0f9775cecaf68380043ad96a12da0cd21d71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7374d5e8f9927860da7024563e45de3c188154392a6a8949ea7c006bd37de7d
e8eceb3e463eeaf072df2a69d72167c5f07d91f660ee67de307c8cffbf527d8d
f6087f07f735e602115982274128367288d237a90b00ac1096b692c4ec6b263a
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6
fba29e92ba6f6b66a503d528cfbaf21c842c5e6f39b21c8d130e46689b409280

elfontheshelf.com Open in urlscan Pro 18.66.248.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

55 %IPv6

9 Domains

10 Subdomains

11 IPs

2 Countries

1943 kBTransfer

3126 kBSize

6 Cookies

12 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

elfontheshelf.com Open in urlscan Pro
18.66.248.90 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

10
Subdomains

11
IPs

2
Countries

1943 kB
Transfer

3126 kB
Size

6
Cookies

42 HTTP transactions
2 data transactions