login.shelfpentest.com Open in urlscan Pro
52.222.236.31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://apollo.07694.shelfpentest.com/
Effective URL:
https://login.shelfpentest.com/?subdomain=apollo
Submission: On October 18 via manual (October 18th 2021, 2:07:57 pm UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 10 domains to perform 47 HTTP transactions. The main IP is 52.222.236.31, located in United States and belongs to AMAZON-02, US. The main domain is login.shelfpentest.com.
TLS certificate: Issued by Amazon on June 6th 2021. Valid for: a year.

This is the only time login.shelfpentest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	13.32.99.114 13.32.99.114	16509 (AMAZON-02) (AMAZON-02)
7	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
1	104.26.3.186 104.26.3.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	13.32.99.47 13.32.99.47	16509 (AMAZON-02) (AMAZON-02)
3	18.66.139.109 18.66.139.109	16509 (AMAZON-02) (AMAZON-02)
1	3.233.145.238 3.233.145.238	14618 (AMAZON-AES) (AMAZON-AES)
4	52.222.236.31 52.222.236.31	16509 (AMAZON-02) (AMAZON-02)
1	3.233.144.219 3.233.144.219	14618 (AMAZON-AES) (AMAZON-AES)
7	54.173.11.185 54.173.11.185	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.1.26 151.101.1.26	54113 (FASTLY) (FASTLY)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
2	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
1	13.32.99.9 13.32.99.9	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.141 142.250.185.141	15169 (GOOGLE) (GOOGLE)
1	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
47	15

5 13.32.99.114 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-114.fra60.r.cloudfront.net

apollo.07694.shelfpentest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.3.186 (United States)

ASN13335 (CLOUDFLARENET, US)

app.getbeamer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.47 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-47.fra60.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.139.109 (United States)

ASN16509 (AMAZON-02, US)

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.145.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-145-238.compute-1.amazonaws.com

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.236.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-31.fra56.r.cloudfront.net

login.shelfpentest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.144.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-144-219.compute-1.amazonaws.com

browser-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.173.11.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-11-185.compute-1.amazonaws.com

api.shelfpentest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.26 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-9.fra60.r.cloudfront.net

static.shelfpentest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.141 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f13.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	shelfpentest.com 1 redirects apollo.07694.shelfpentest.com static.shelfpentest.com Failed api.shelfpentest.com Failed login.shelfpentest.com Failed	3 MB
7	googleapis.com fonts.googleapis.com	5 KB
4	google.com apis.google.com accounts.google.com	41 KB
3	intercomcdn.com js.intercomcdn.com	118 KB
2	gstatic.com fonts.gstatic.com ssl.gstatic.com	84 KB
2	datadoghq.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com	188 B
1	polyfill.io cdn.polyfill.io	612 B
1	intercom.io 1 redirects widget.intercom.io	249 B
1	getbeamer.com app.getbeamer.com	19 KB
0	stripe.com Failed js.stripe.com Failed
47	10

	Domain	Requested by
7	api.shelfpentest.com	apollo.07694.shelfpentest.com login.shelfpentest.com
7	fonts.googleapis.com	apollo.07694.shelfpentest.com client login.shelfpentest.com
5	apollo.07694.shelfpentest.com	1 redirects apollo.07694.shelfpentest.com
4	login.shelfpentest.com	apollo.07694.shelfpentest.com login.shelfpentest.com
3	js.intercomcdn.com	widget.intercom.io
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	apis.google.com	login.shelfpentest.com apis.google.com
1	ssl.gstatic.com	accounts.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.polyfill.io	login.shelfpentest.com
1	browser-http-intake.logs.datadoghq.com	apollo.07694.shelfpentest.com
1	rum-http-intake.logs.datadoghq.com	apollo.07694.shelfpentest.com
1	static.shelfpentest.com	apollo.07694.shelfpentest.com login.shelfpentest.com
1	widget.intercom.io	1 redirects
1	app.getbeamer.com	apollo.07694.shelfpentest.com
0	js.stripe.com Failed	apollo.07694.shelfpentest.com
47	16

This site contains links to these domains. Also see Links.

Domain
go.shelf.io

Subject Issuer	Validity	Valid
shelfpentest.com Amazon	`2021-06-06` - `2022-07-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.intercomcdn.com Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 3 frames:

Primary Page: https://login.shelfpentest.com/?subdomain=apollo
Frame ID: 52EE305A9A89EBA2E7115D1B1D592DA6
Requests: 36 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.1e8fdc80.js
Frame ID: 0999B3E9E7843CD50274FF6EB9C81614
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: F6B6BC1A268E2C07F07A2A1A71809351
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

shelf.io

Page URL History Show full URLs

http://apollo.07694.shelfpentest.com/ HTTP 301
https://apollo.07694.shelfpentest.com/ Page URL
https://login.shelfpentest.com/?subdomain=apollo Page URL

Detected technologies

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

^https?://cdn\.polyfill\.io/
/polyfill\.min\.js

Page Statistics

47
Requests

68 %
HTTPS

0 %
IPv6

10
Domains

16
Subdomains

15
IPs

1
Countries

3779 kB
Transfer

14657 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://go.shelf.io/l/880622/2020-09-25/5mz8
Title: Request Demo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://apollo.07694.shelfpentest.com/ HTTP 301
https://apollo.07694.shelfpentest.com/ Page URL
https://login.shelfpentest.com/?subdomain=apollo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://apollo.07694.shelfpentest.com/ HTTP 301
https://apollo.07694.shelfpentest.com/

Request Chain 9

https://widget.intercom.io/widget/f3sn6rzl HTTP 302
https://js.intercomcdn.com/shim.latest.js

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
apollo.07694.shelfpentest.com/
Redirect Chain

http://apollo.07694.shelfpentest.com/
https://apollo.07694.shelfpentest.com/

5 KB
4 KB

433ms
409ms

Document
text/html

13.32.99.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apollo.07694.shelfpentest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-114.fra60.r.cloudfront.net

Software

Resource Hash

9ee297e435832f2d66c0e2eca7d02a18d4945eb3fe0a7c540e69e03d210ac6c1

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' http://*.s3.amazonaws.com https://*.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.amazonaws.com https://*.amazonaws.com http://*.google.com https://*.google.com http://*.googleapis.com https://*.googleapis.com http://*.gstatic.com https://*.gstatic.com http://*.intercom.io https://*.intercom.io http://*.intercomcdn.com https://*.intercomcdn.com http://*.stripe.com https://*.stripe.com http://*.pendo.io https://*.pendo.io http://*.getbeamer.com https://*.getbeamer.com http://*.shelf.io https://*.shelf.io http://*.shelfpentest.com https://*.shelfpentest.com http://*.s3.amazonaws.com https://*.s3.amazonaws.com; connect-src * 'self' http://*.s3.amazonaws.com https://*.s3.amazonaws.com; img-src data: 'self' blob: http://*.s3.amazonaws.com https://*.s3.amazonaws.com http://* https://*; style-src 'self' 'unsafe-inline' http://*.s3.amazonaws.com https://*.s3.amazonaws.com http://* https://*; object-src 'self' http://*.amazonaws.com https://*.amazonaws.com http://*.google.com https://*.google.com http://*.googleapis.com https://*.googleapis.com http://*.gstatic.com https://*.gstatic.com http://*.intercom.io https://*.intercom.io http://*.intercomcdn.com https://*.intercomcdn.com http://*.stripe.com https://*.stripe.com http://*.pendo.io https://*.pendo.io http://*.getbeamer.com https://*.getbeamer.com http://*.shelf.io https://*.shelf.io http://*.shelfpentest.com https://*.shelfpentest.com http://*.s3.amazonaws.com https://*.s3.amazonaws.com; media-src 'self' http://*.s3.amazonaws.com https://*.s3.amazonaws.com http://* https://*; font-src 'self' http://*.s3.amazonaws.com https://*.s3.amazonaws.com http://* https://*; frame-src 'self' http://*.s3.amazonaws.com https://*.s3.amazonaws.com http://* https://*;

X-Content-Type-Options

nosniff

Request headers

:method: GET
:authority: apollo.07694.shelfpentest.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Mon, 18 Oct 2021 14:07:42 GMT
set-cookie: AWSALB=mrzB+hNEc9RLw+95OiER/QifwVVPSgzCHd6+1wQk4/untI+wPxpNLCV/WIu7SqHeBJcaqB2DB3t804+8VDYLW4NT1VuwlR9Op9FZFtHlRHMDLs6UqvAM08tg2QFT; Expires=Mon, 25 Oct 2021 14:07:42 GMT; Path=/ AWSALBCORS=mrzB+hNEc9RLw+95OiER/QifwVVPSgzCHd6+1wQk4/untI+wPxpNLCV/WIu7SqHeBJcaqB2DB3t804+8VDYLW4NT1VuwlR9Op9FZFtHlRHMDLs6UqvAM08tg2QFT; Expires=Mon, 25 Oct 2021 14:07:42 GMT; Path=/; SameSite=None; Secure
x-content-type-options: nosniff
content-security-policy: default-src 'self' http://*.s3.amazonaws.com https://*.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.amazonaws.com https://*.amazonaws.com http://*.google.com https://*.google.com http://*.googleapis.com https://*.googleapis.com http://*.gstatic.com https://*.gstatic.com http://*.intercom.io https://*.intercom.io http://*.intercomcdn.com https://*.intercomcdn.com http://*.stripe.com https://*.stripe.com http://*.pendo.io https://*.pendo.io http://*.getbeamer.com https://*.getbeamer.com http://*.shelf.io https://*.shelf.io http://*.shelfpentest.com https://*.shelfpentest.com http://*.s3.amazonaws.com https://*.s3.amazonaws.com; connect-src * 'self' http://*.s3.amazonaws.com https://*.s3.amazonaws.com; img-src data: 'self' blob: http://*.s3.amazonaws.com https://*.s3.amazonaws.com http://* https://*; style-src 'self' 'unsafe-inline' http://*.s3.amazonaws.com https://*.s3.amazonaws.com http://* https://*; object-src 'self' http://*.amazonaws.com https://*.amazonaws.com http://*.google.com https://*.google.com http://*.googleapis.com https://*.googleapis.com http://*.gstatic.com https://*.gstatic.com http://*.intercom.io https://*.intercom.io http://*.intercomcdn.com https://*.intercomcdn.com http://*.stripe.com https://*.stripe.com http://*.pendo.io https://*.pendo.io http://*.getbeamer.com https://*.getbeamer.com http://*.shelf.io https://*.shelf.io http://*.shelfpentest.com https://*.shelfpentest.com http://*.s3.amazonaws.com https://*.s3.amazonaws.com; media-src 'self' http://*.s3.amazonaws.com https://*.s3.amazonaws.com http://* https://*; font-src 'self' http://*.s3.amazonaws.com https://*.s3.amazonaws.com http://* https://*; frame-src 'self' http://*.s3.amazonaws.com https://*.s3.amazonaws.com http://* https://*;
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 319f376925908156190f5fc160137b43.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 0NXAxzEfnyW64LU3_hfGoJWSTsMr8GON_loeqCUQKotdubIDTZTyig==

Redirect headers

Server: CloudFront
Date: Mon, 18 Oct 2021 14:07:42 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://apollo.07694.shelfpentest.com/
X-Cache: Redirect from cloudfront
Via: 1.1 319f376925908156190f5fc160137b43.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: hoSueAMPhCs-TavH7LSXETWpzjOC2pJr1r3Zuw_QRgbVOYpvkfsYaA==

GET
H2 200 b89cce7554fcf52e63ebb9cb83c84f8baf4a8909.css
apollo.07694.shelfpentest.com/ 283 KB
43 KB 19ms
18ms Stylesheet
text/css 13.32.99.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apollo.07694.shelfpentest.com/b89cce7554fcf52e63ebb9cb83c84f8baf4a8909.css?meteor_css_resource=true

Requested by

Host: apollo.07694.shelfpentest.com
URL: https://apollo.07694.shelfpentest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-114.fra60.r.cloudfront.net

Software

Resource Hash

acaa1505aab20fe95c8805891e23fb5690d903a087e9a1d31d1255576a3114c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /b89cce7554fcf52e63ebb9cb83c84f8baf4a8909.css?meteor_css_resource=true
pragma: no-cache
cookie: AWSALB=mrzB+hNEc9RLw+95OiER/QifwVVPSgzCHd6+1wQk4/untI+wPxpNLCV/WIu7SqHeBJcaqB2DB3t804+8VDYLW4NT1VuwlR9Op9FZFtHlRHMDLs6UqvAM08tg2QFT; AWSALBCORS=mrzB+hNEc9RLw+95OiER/QifwVVPSgzCHd6+1wQk4/untI+wPxpNLCV/WIu7SqHeBJcaqB2DB3t804+8VDYLW4NT1VuwlR9Op9FZFtHlRHMDLs6UqvAM08tg2QFT
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: apollo.07694.shelfpentest.com
referer: https://apollo.07694.shelfpentest.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://apollo.07694.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 10:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1393879
etag: "b89cce7554fcf52e63ebb9cb83c84f8baf4a8909"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
via: 1.1 319f376925908156190f5fc160137b43.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
x-amz-cf-id: dHX6rm7MZodbeElnWpMrLTSMfBkxw7LvgF7UCmib8ouv5r9EUVw3vQ==

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 127ms
25ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese

Requested by

Host: apollo.07694.shelfpentest.com
URL: https://apollo.07694.shelfpentest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

8c0e5c2f898c9c6ae0c1aff2eca3068d28c9545f8b8c4458d912b27f93d7280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apollo.07694.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 14:06:46 GMT
server: ESF
date: Mon, 18 Oct 2021 14:07:44 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 18 Oct 2021 14:07:44 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
441 B 128ms
26ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: apollo.07694.shelfpentest.com
URL: https://apollo.07694.shelfpentest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apollo.07694.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 14:07:44 GMT
server: ESF
date: Mon, 18 Oct 2021 14:07:44 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 18 Oct 2021 14:07:44 GMT

GET
H2 200 beamer-embed.js Show response
app.getbeamer.com/js/ 78 KB
19 KB 141ms
28ms Script
application/javascript 104.26.3.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.getbeamer.com/js/beamer-embed.js

Requested by

Host: apollo.07694.shelfpentest.com
URL: https://apollo.07694.shelfpentest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.186 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b566bba689dcc65fc4b6d15c53158ed4fd7670213f0f6657fc1fd78860081ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apollo.07694.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 14:07:44 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592
cf-polished: origSize=80412
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 18 Oct 2021 13:40:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4aIh3xInP2f35TdJXINL3TWJrtUdxGuedGantBN5qEfcvcMzCqVzRQu4s1OUhcksuzarh09RyoZy5845dCCGT6GrLvttWNtwmDnPdeg1A18xvdYhevp53LSWhUQlUgXFxld"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cf-ray: 6a0255ac99944108-PRG
cf-bgj: minify

GET
H2 200 76b3af26c6829e9a231208e50bec313b546a280b.js Show response
apollo.07694.shelfpentest.com/ 12 MB
3 MB 33ms
33ms Script
application/javascript 13.32.99.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apollo.07694.shelfpentest.com/76b3af26c6829e9a231208e50bec313b546a280b.js?meteor_js_resource=true

Requested by

Host: apollo.07694.shelfpentest.com
URL: https://apollo.07694.shelfpentest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-114.fra60.r.cloudfront.net

Software

Resource Hash

b2434c4a5b159400ab8f676ba033cb1ee3900be2df354705d38ba802955b1405

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /76b3af26c6829e9a231208e50bec313b546a280b.js?meteor_js_resource=true
pragma: no-cache
cookie: AWSALB=mrzB+hNEc9RLw+95OiER/QifwVVPSgzCHd6+1wQk4/untI+wPxpNLCV/WIu7SqHeBJcaqB2DB3t804+8VDYLW4NT1VuwlR9Op9FZFtHlRHMDLs6UqvAM08tg2QFT; AWSALBCORS=mrzB+hNEc9RLw+95OiER/QifwVVPSgzCHd6+1wQk4/untI+wPxpNLCV/WIu7SqHeBJcaqB2DB3t804+8VDYLW4NT1VuwlR9Op9FZFtHlRHMDLs6UqvAM08tg2QFT
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: apollo.07694.shelfpentest.com
referer: https://apollo.07694.shelfpentest.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://apollo.07694.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 10:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1393879
etag: "76b3af26c6829e9a231208e50bec313b546a280b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 319f376925908156190f5fc160137b43.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
x-amz-cf-id: x8kJEB_hUFDfgdU271JzQ4QZkBtAx1WuqQgV6pYruLNjmhMOL4TiIA==

GET
H2 200 css
fonts.googleapis.com/ 8 KB
801 B 22ms
22ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apollo.07694.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 13:20:30 GMT
server: ESF
date: Mon, 18 Oct 2021 14:07:48 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 18 Oct 2021 14:07:48 GMT

GET
H3 200 css
fonts.googleapis.com/ 5 KB
661 B 24ms
24ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apollo.07694.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 12:14:03 GMT
server: ESF
date: Mon, 18 Oct 2021 14:07:48 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 18 Oct 2021 14:07:48 GMT

GET
H3 200 css
fonts.googleapis.com/ 8 KB
705 B 18ms
17ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apollo.07694.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 12:42:43 GMT
server: ESF
date: Mon, 18 Oct 2021 14:07:48 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 18 Oct 2021 14:07:48 GMT

GET
H2

200

shim.latest.js
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/f3sn6rzl
https://js.intercomcdn.com/shim.latest.js

18 KB
6 KB

26ms
9ms

Script
application/javascript

18.66.139.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apollo.07694.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 18 Oct 2021 14:06:03 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 12:40:59 GMT
server: AmazonS3
age: 109
etag: "10a173fb9b6f8aa110f3a836989abe3e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 6049
x-amz-cf-id: r8p9ynahoRHEcAzoeNxC2sDcCKZDgIYjFmA7vHTiVQadvJUotdRAmw==

Redirect headers

date: Sat, 02 Oct 2021 13:03:53 GMT
via: 1.1 89f400f550feb1d74a18ecb2070103ad.cloudfront.net (CloudFront)
server: AmazonS3
age: 1386239
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: FRA60-P3
content-length: 0
x-amz-cf-id: snsj3pShcpcbnVIlmHOvsE-mLwKqWNHMlAx3IAyIpQk5n2oO2sZe1w==

GET styles.min.css
static.shelfpentest.com/icon-font/ 0
0

GET /
js.stripe.com/v3/ 0
0

GET
H2 200 info
apollo.07694.shelfpentest.com/sockjs/ 78 B
725 B 112ms
111ms XHR
application/json 13.32.99.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apollo.07694.shelfpentest.com/sockjs/info?cb=5zv1jjju2f
Requested by: Host: apollo.07694.shelfpentest.com
URL: https://apollo.07694.shelfpentest.com/76b3af26c6829e9a231208e50bec313b546a280b.js?meteor_js_resource=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

:path: /sockjs/info?cb=5zv1jjju2f
pragma: no-cache
cookie: AWSALB=mrzB+hNEc9RLw+95OiER/QifwVVPSgzCHd6+1wQk4/untI+wPxpNLCV/WIu7SqHeBJcaqB2DB3t804+8VDYLW4NT1VuwlR9Op9FZFtHlRHMDLs6UqvAM08tg2QFT; AWSALBCORS=mrzB+hNEc9RLw+95OiER/QifwVVPSgzCHd6+1wQk4/untI+wPxpNLCV/WIu7SqHeBJcaqB2DB3t804+8VDYLW4NT1VuwlR9Op9FZFtHlRHMDLs6UqvAM08tg2QFT; dd_cookie_test_68abf737-7b31-4211-b59e-8a35ec96cc33=test; _dd_s=logs=1&id=26eb24ce-355c-4018-8248-d899f7a62989&created=1634566065201&expire=1634566970359&rum=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: apollo.07694.shelfpentest.com
referer: https://apollo.07694.shelfpentest.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://apollo.07694.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 14:07:51 GMT
via: 1.1 319f376925908156190f5fc160137b43.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, no-transform, must-revalidate, max-age=0
set-cookie: AWSALB=cshI+BaznXwVJoGyjdSMD2MRUG9Fj2T0RdUjm9q99GzvmfBQrKGrtvAQ5O1uIM7aCGt1+2HPyicK19jUenW2n56BY7LT8M11tkD7Cb/TpFy3Lg7cVxj8xSLdEUOS; Expires=Mon, 25 Oct 2021 14:07:51 GMT; Path=/ AWSALBCORS=cshI+BaznXwVJoGyjdSMD2MRUG9Fj2T0RdUjm9q99GzvmfBQrKGrtvAQ5O1uIM7aCGt1+2HPyicK19jUenW2n56BY7LT8M11tkD7Cb/TpFy3Lg7cVxj8xSLdEUOS; Expires=Mon, 25 Oct 2021 14:07:51 GMT; Path=/; SameSite=None; Secure
x-amz-cf-id: 36GVMfs9yz_s3xvZ8vu1iIB2AjxAIaJa6tmCN7BgeLTgY8nkqQ09JA==

GET /
api.shelfpentest.com/auth/v1/user/ 0
0

GET /
api.shelfpentest.com/accounts/v1/accounts/self/ 0
0

GET /
login.shelfpentest.com/ 0
0

POST
H2 200 pub872aee3e5ae537da8e8975bca928a8fc
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
94 B 387ms
145ms Ping
application/json 3.233.145.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub872aee3e5ae537da8e8975bca928a8fc?ddsource=browser&ddtags=sdk_version%3A2.17.0%2Cenv%3Aprod&batch_time=1634566070888
Requested by: Host: apollo.07694.shelfpentest.com
URL: https://apollo.07694.shelfpentest.com/76b3af26c6829e9a231208e50bec313b546a280b.js?meteor_js_resource=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.145.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-145-238.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://apollo.07694.shelfpentest.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 18 Oct 2021 14:07:51 GMT
content-length: 2
content-type: application/json

GET /
api.shelfpentest.com/auth/v1/user/ 0
0

GET /
api.shelfpentest.com/accounts/v1/accounts/self/ 0
0

GET
H2 200 Primary Request / Show response
login.shelfpentest.com/ 2 KB
1 KB 221ms
130ms Document
text/html 52.222.236.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.shelfpentest.com/?subdomain=apollo
Requested by: Host: apollo.07694.shelfpentest.com
URL: https://apollo.07694.shelfpentest.com/76b3af26c6829e9a231208e50bec313b546a280b.js?meteor_js_resource=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 571ede154437c116ad0cc439861a325475922345742c8b26a10edacc69d89235

Request headers

:method: GET
:authority: login.shelfpentest.com
:scheme: https
:path: /?subdomain=apollo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://apollo.07694.shelfpentest.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://apollo.07694.shelfpentest.com/

Response headers

content-type: text/html
date: Mon, 18 Oct 2021 14:07:52 GMT
cache-control: no-cache
last-modified: Sun, 03 Oct 2021 12:48:19 GMT
etag: W/"c3338a1bde5a9125da42a5cc16114b0b"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a823be133adad65df6d3bf471a742793.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: wUykvk-R3HN0fobB1Oni8Heq0YFrL5H2PmTI1YilXxN1wx9RnlDVtw==

POST
H2 200 pubd5e1d5ae2d9865e9b521a8abe5232cda
browser-http-intake.logs.datadoghq.com/v1/input/ 2 B
94 B 385ms
154ms Ping
application/json 3.233.144.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pubd5e1d5ae2d9865e9b521a8abe5232cda?ddsource=browser&ddtags=sdk_version%3A2.17.0
Requested by: Host: apollo.07694.shelfpentest.com
URL: https://apollo.07694.shelfpentest.com/76b3af26c6829e9a231208e50bec313b546a280b.js?meteor_js_resource=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.144.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-144-219.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://apollo.07694.shelfpentest.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 18 Oct 2021 14:07:51 GMT
content-length: 2
content-type: application/json

POST pub872aee3e5ae537da8e8975bca928a8fc
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0

GET /
api.shelfpentest.com/favorites/ 0
0

OPTIONS
H2 200 /
api.shelfpentest.com/auth/v1/user/ Frame 0
0 489ms
124ms Preflight
application/json 54.173.11.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shelfpentest.com/auth/v1/user/
Protocol: H2
Server: 54.173.11.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-11-185.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://apollo.07694.shelfpentest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 18 Oct 2021 14:07:51 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 864bf382-8dfc-4996-9cb2-a4c4ebde235c
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: HaDksFm6IAMF_eA=
access-control-allow-methods: OPTIONS,GET
x-amzn-trace-id: Root=1-616d7fb7-2bc8a7d04969632b4b9e3539

OPTIONS
H2 200 /
api.shelfpentest.com/accounts/v1/accounts/self/ Frame 0
0 475ms
110ms Preflight
application/json 54.173.11.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shelfpentest.com/accounts/v1/accounts/self/
Protocol: H2
Server: 54.173.11.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-11-185.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://apollo.07694.shelfpentest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 18 Oct 2021 14:07:51 GMT
content-type: application/json
content-length: 21
x-amzn-requestid: cc1e294e-21d5-4896-aeb3-ce44871f585c
access-control-allow-origin: https://apollo.07694.shelfpentest.com
content-encoding: gzip
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: HaDksF_5oAMF2Bg=
access-control-allow-methods: OPTIONS,GET
x-amzn-trace-id: Root=1-616d7fb7-40433bcb481483972273880f

OPTIONS
H2 200 /
api.shelfpentest.com/auth/v1/user/ Frame 0
0 453ms
108ms Preflight
application/json 54.173.11.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shelfpentest.com/auth/v1/user/
Protocol: H2
Server: 54.173.11.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-11-185.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://apollo.07694.shelfpentest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 18 Oct 2021 14:07:51 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 52611e82-33f8-4d28-8280-871ccec0ee16
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: HaDksGpYIAMFz-Q=
access-control-allow-methods: OPTIONS,GET
x-amzn-trace-id: Root=1-616d7fb7-1fa056453f1857e0035728c4

OPTIONS
H2 200 /
api.shelfpentest.com/accounts/v1/accounts/self/ Frame 0
0 606ms
262ms Preflight
application/json 54.173.11.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shelfpentest.com/accounts/v1/accounts/self/
Protocol: H2
Server: 54.173.11.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-11-185.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://apollo.07694.shelfpentest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 18 Oct 2021 14:07:51 GMT
content-type: application/json
content-length: 21
x-amzn-requestid: 71106be9-ac06-47cb-a410-9d2a22d2094a
access-control-allow-origin: https://apollo.07694.shelfpentest.com
content-encoding: gzip
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: HaDktEHToAMFgQA=
access-control-allow-methods: OPTIONS,GET
x-amzn-trace-id: Root=1-616d7fb7-29831eac5e835763702cb912

OPTIONS
H2 200 /
api.shelfpentest.com/favorites/ Frame 0
0 410ms
106ms Preflight
application/json 54.173.11.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shelfpentest.com/favorites/
Protocol: H2
Server: 54.173.11.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-11-185.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://apollo.07694.shelfpentest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 18 Oct 2021 14:07:51 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: b589c00b-7cab-4d14-90da-54f041bdf47a
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: HaDksFFDIAMFnSg=
access-control-allow-methods: OPTIONS,GET,POST
x-amzn-trace-id: Root=1-616d7fb7-5ab2ebb320171c91267792d4

GET
H2 200 frame-modern.1e8fdc80.js
js.intercomcdn.com/ Frame 0999 271 KB
73 KB 8ms
7ms Script
application/javascript 18.66.139.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.1e8fdc80.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/f3sn6rzl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 18 Oct 2021 12:41:03 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 12:31:23 GMT
server: AmazonS3
age: 5209
etag: "442ae05dd3f8ff05f5b47b09ca94ed5e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 74252
x-amz-cf-id: CGZ5vNXQbaV2jSgaaYvi0M1RyT--97QcRKB9q_lMmaXeeB0mMoRI5Q==

GET
H2 200 vendor-modern.50181e45.js
js.intercomcdn.com/ Frame 0999 125 KB
38 KB 17ms
17ms Script
application/javascript 18.66.139.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.50181e45.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/f3sn6rzl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 18 Oct 2021 12:41:03 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 12:31:23 GMT
server: AmazonS3
age: 5209
etag: "0bdeb284c23cf87d9546e78b8421ebc0"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 38683
x-amz-cf-id: FjPErl0BwxJM9bhBjeTXFcy13wDBuG7QGBQbal23lGQNlfUliyfubg==

POST pubd5e1d5ae2d9865e9b521a8abe5232cda
browser-http-intake.logs.datadoghq.com/v1/input/ 0
0

POST pub872aee3e5ae537da8e8975bca928a8fc
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0

GET
H2 200 main.67a4a7f9.chunk.css
login.shelfpentest.com/static/css/ 10 KB
3 KB 139ms
138ms Stylesheet
text/css 52.222.236.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.shelfpentest.com/static/css/main.67a4a7f9.chunk.css
Requested by: Host: login.shelfpentest.com
URL: https://login.shelfpentest.com/?subdomain=apollo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29affbbd5c303820ca22c68297922e8cf1c73d56047eca2a99c2c07065a977a2

Request headers

:path: /static/css/main.67a4a7f9.chunk.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.shelfpentest.com
referer: https://login.shelfpentest.com/?subdomain=apollo
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://login.shelfpentest.com/?subdomain=apollo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 14:07:52 GMT
content-encoding: gzip
last-modified: Sun, 03 Oct 2021 12:48:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: W/"0d83786c5c296b675797a63103dc6d37"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 a823be133adad65df6d3bf471a742793.cloudfront.net (CloudFront)
cache-control: no-cache
x-amz-cf-id: MV2mxgrwS19V9BnlGNcCKxJ8Nnla5MeSB0pOB2kOzcuiLavhFAS4_g==

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
612 B 46ms
7ms Script
text/javascript 151.101.1.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=default

Requested by

Host: login.shelfpentest.com
URL: https://login.shelfpentest.com/?subdomain=apollo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.26 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2943647
detected-user-agent: Chrome Mobile/93.0.4577
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Tue, 14 Sep 2021 11:57:10 GMT
date: Mon, 18 Oct 2021 14:07:51 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/93.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 2.b4ac83f9.chunk.js Show response
login.shelfpentest.com/static/js/ 2 MB
430 KB 140ms
139ms Script
application/javascript 52.222.236.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.shelfpentest.com/static/js/2.b4ac83f9.chunk.js
Requested by: Host: login.shelfpentest.com
URL: https://login.shelfpentest.com/?subdomain=apollo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c20f98ab1f8941592fff2e88cc19d2c0f83a300584c80e45b690f9f4e5b2310d

Request headers

:path: /static/js/2.b4ac83f9.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.shelfpentest.com
referer: https://login.shelfpentest.com/?subdomain=apollo
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://login.shelfpentest.com/?subdomain=apollo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 14:07:52 GMT
content-encoding: gzip
last-modified: Sun, 03 Oct 2021 12:48:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: W/"74e3d4fb69528d2db208a41443c0a89b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 a823be133adad65df6d3bf471a742793.cloudfront.net (CloudFront)
cache-control: no-cache
x-amz-cf-id: 8u7C1JOu7RaOLv6Eyg8drcOcWzxJJz0-wgCDOnLcrjAR9N6L0As3Ug==

GET
H2 200 main.2980b63a.chunk.js Show response
login.shelfpentest.com/static/js/ 61 KB
15 KB 154ms
153ms Script
application/javascript 52.222.236.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.shelfpentest.com/static/js/main.2980b63a.chunk.js
Requested by: Host: login.shelfpentest.com
URL: https://login.shelfpentest.com/?subdomain=apollo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb732d5158f07b77794c1f837cfef5f159bf7eba148e7e5dd49f583af26497b4

Request headers

:path: /static/js/main.2980b63a.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.shelfpentest.com
referer: https://login.shelfpentest.com/?subdomain=apollo
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://login.shelfpentest.com/?subdomain=apollo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 14:07:52 GMT
content-encoding: gzip
last-modified: Sun, 03 Oct 2021 12:48:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: W/"9a7c788d66d89f92205a211a2ef4a59f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 a823be133adad65df6d3bf471a742793.cloudfront.net (CloudFront)
cache-control: no-cache
x-amz-cf-id: ChEyUrlZEshWyXQV4UwVAow4vzBRWNm_5QLMgaqiSHNoxjJSpSyJZw==

GET
H3 200 css
fonts.googleapis.com/ 8 KB
705 B 17ms
16ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin-ext

Requested by

Host: login.shelfpentest.com
URL: https://login.shelfpentest.com/static/css/main.67a4a7f9.chunk.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

57e18d40b40839e9a7a74d1fdcbe6983c5026354fb439b80d62a0c78aa7c8210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 13:35:53 GMT
server: ESF
date: Mon, 18 Oct 2021 14:07:51 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 18 Oct 2021 14:07:51 GMT

OPTIONS
H2 200 /
api.shelfpentest.com/auth/login-options/ Frame 0
0 113ms
113ms Preflight
application/json 54.173.11.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shelfpentest.com/auth/login-options/?subdomain=apollo
Protocol: H2
Server: 54.173.11.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-11-185.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://login.shelfpentest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 18 Oct 2021 14:07:52 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 54a68616-7144-4f4d-b0d2-ecc3954eced9
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: HaDk4FgiIAMFrbQ=
access-control-allow-methods: OPTIONS,GET
x-amzn-trace-id: Root=1-616d7fb8-15a6149d0fe8312a7f14fcdd

GET
H3 200 css
fonts.googleapis.com/ 8 KB
705 B 18ms
18ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

57e18d40b40839e9a7a74d1fdcbe6983c5026354fb439b80d62a0c78aa7c8210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 13:35:21 GMT
server: ESF
date: Mon, 18 Oct 2021 14:07:52 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 18 Oct 2021 14:07:52 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 32ms
8ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.shelfpentest.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:04:31 GMT
x-content-type-options: nosniff
age: 335001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 14 Oct 2022 17:04:31 GMT

GET
H2 200 / Show response
api.shelfpentest.com/auth/login-options/ 56 B
287 B 149ms
149ms XHR
application/json 54.173.11.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shelfpentest.com/auth/login-options/?subdomain=apollo
Requested by: Host: login.shelfpentest.com
URL: https://login.shelfpentest.com/static/js/2.b4ac83f9.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.11.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-11-185.compute-1.amazonaws.com
Software: /
Resource Hash: 41d0ef84101c1b80341960538abd56e3edeb5b9bd32b69be5858e7fcb658e45b

Request headers

accept: application/json
Referer: https://login.shelfpentest.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Mon, 18 Oct 2021 14:07:52 GMT
content-encoding: gzip
x-amzn-requestid: 6227073b-8759-4ce0-ab08-515d4e0ee647
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-616d7fb8-77a5697c6f0c923e2fcc727a
x-amz-apigw-id: HaDk5GSJoAMFlQg=
content-length: 67

GET
H2 200 api.js Show response
apis.google.com/js/ 12 KB
6 KB 131ms
43ms Script
application/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: login.shelfpentest.com
URL: https://login.shelfpentest.com/static/js/2.b4ac83f9.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

ESF /

Resource Hash

cd6fc870cdb3257ef57d431bec0c36302f6ebf108508b90516aee9678f8be6be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MJmIeZq1JMBrDCwO2P6VlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 14:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "2166c10732b0739d47bb7146e4459365"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-MJmIeZq1JMBrDCwO2P6VlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Mon, 18 Oct 2021 14:07:52 GMT

GET
H2 200 google_logo.png
static.shelfpentest.com/images/integrations/ 12 KB
12 KB 426ms
426ms Image
image/png 13.32.99.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shelfpentest.com/images/integrations/google_logo.png
Requested by: Host: login.shelfpentest.com
URL: https://login.shelfpentest.com/?subdomain=apollo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-9.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c802411ed6f3566b297307b6e0935db8117a3010cd4ccc45c8b98cc21546671

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 14:07:53 GMT
via: 1.1 3296b04068551f925d5fafd1b785ff31.cloudfront.net (CloudFront)
last-modified: Sat, 02 Oct 2021 14:04:44 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1633183467/ctime:1633183467/gid:0/gname:root/md5:bb8703b3a389e0a98240a387a1f6a5b4/mode:33188/mtime:1633180712/uid:0/uname:root
x-amz-cf-pop: FRA60-P3
etag: "bb8703b3a389e0a98240a387a1f6a5b4"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 11987
x-amz-cf-id: 2zg18wl97r_EL1dwD4nOM8tRzolqYyPURE1FuC4DnVnl5H-WPBqopQ==

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 103 KB
34 KB 48ms
15ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

51809bc55f512c21a3829627405dfec8796820392303908a9e011691de6f79f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.shelfpentest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 22:42:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34990
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Sun, 16 Oct 2022 22:42:09 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame F6B6 513 B
923 B 72ms
27ms Document
text/html 142.250.185.141
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.141 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f13.1e100.net

Software

ESF /

Resource Hash

6efc962e5461d7e62cc9d0632685d1f27e871bb05d75dbb84063f8e413653cc3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jOq6JTqJ/NC28EgOYdOj0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login.shelfpentest.com/
accept-encoding: gzip, deflate, br
cookie: NID=511=pzk6kiLBy3EqH3FYh0gTSY7Xe6rpkiBDzjswhKzo3QGHW4bJ4pP3QnfR_VX9AgU4Z_9qNFran1dZSCaqBNvWWYuXU0U3muAAVYanhia52GbrLFwFP7ZugqYm2-WhGXBM2v641KQrvAEHlkaHZfB4RAxTPcHUAvKWixkNSw3DA_4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://login.shelfpentest.com/

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 18 Oct 2021 14:07:52 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-jOq6JTqJ/NC28EgOYdOj0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1524891944-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame F6B6 114 KB
40 KB 33ms
8ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1524891944-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

f68a7087c8e16af35d54d34e77a08c1b32bc1953336178cb015f2db3acf78de6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 18:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40191
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 04:07:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="federated-signon-mpm-access"
expires: Mon, 17 Oct 2022 18:11:57 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame F6B6 14 B
58 B 51ms
33ms XHR
application/json 142.250.185.141
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Flogin.shelfpentest.com&client_id=106777283700-qori8ssrq8ai04tjt34phvarh1gk7155.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1524891944-idpiframe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.141 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f13.1e100.net

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 14:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 18 Oct 2021 15:07:53 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.shelfpentest.com
URL: https://static.shelfpentest.com/icon-font/styles.min.css

Domain: js.stripe.com
URL: https://js.stripe.com/v3/

Domain: api.shelfpentest.com
URL: https://api.shelfpentest.com/auth/v1/user/

Domain: api.shelfpentest.com
URL: https://api.shelfpentest.com/accounts/v1/accounts/self/

Domain: login.shelfpentest.com
URL: https://login.shelfpentest.com/?subdomain=apollo

Domain: api.shelfpentest.com
URL: https://api.shelfpentest.com/auth/v1/user/

Domain: api.shelfpentest.com
URL: https://api.shelfpentest.com/accounts/v1/accounts/self/

Domain: rum-http-intake.logs.datadoghq.com
URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub872aee3e5ae537da8e8975bca928a8fc?ddsource=browser&ddtags=sdk_version%3A2.17.0%2Cenv%3Aprod&batch_time=1634566070906

Domain: api.shelfpentest.com
URL: https://api.shelfpentest.com/favorites/

Domain: browser-http-intake.logs.datadoghq.com
URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pubd5e1d5ae2d9865e9b521a8abe5232cda?ddsource=browser&ddtags=sdk_version%3A2.17.0

Domain: rum-http-intake.logs.datadoghq.com
URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub872aee3e5ae537da8e8975bca928a8fc?ddsource=browser&ddtags=sdk_version%3A2.17.0%2Cenv%3Aprod&batch_time=1634566071323

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
apollo.07694.shelfpentest.com/	1970-01-19 22:02:46	Name: _dd_s Value: logs=1&id=26eb24ce-355c-4018-8248-d899f7a62989&created=1634566065201&expire=1634566970359&rum=1
apollo.07694.shelfpentest.com/	1970-01-19 22:12:50	Name: AWSALB Value: cshI+BaznXwVJoGyjdSMD2MRUG9Fj2T0RdUjm9q99GzvmfBQrKGrtvAQ5O1uIM7aCGt1+2HPyicK19jUenW2n56BY7LT8M11tkD7Cb/TpFy3Lg7cVxj8xSLdEUOS
apollo.07694.shelfpentest.com/	1970-01-19 22:12:50	Name: AWSALBCORS Value: cshI+BaznXwVJoGyjdSMD2MRUG9Fj2T0RdUjm9q99GzvmfBQrKGrtvAQ5O1uIM7aCGt1+2HPyicK19jUenW2n56BY7LT8M11tkD7Cb/TpFy3Lg7cVxj8xSLdEUOS
login.shelfpentest.com/	1970-01-19 22:02:46	Name: _dd_s Value: logs=1&id=2b45fa3e-01d5-4b9a-ba29-fc2b9a4af392&created=1634566072457&expire=1634566972464&rum=1
.google.com/	1970-01-20 02:26:17	Name: NID Value: 511=pzk6kiLBy3EqH3FYh0gTSY7Xe6rpkiBDzjswhKzo3QGHW4bJ4pP3QnfR_VX9AgU4Z_9qNFran1dZSCaqBNvWWYuXU0U3muAAVYanhia52GbrLFwFP7ZugqYm2-WhGXBM2v641KQrvAEHlkaHZfB4RAxTPcHUAvKWixkNSw3DA_4
.login.shelfpentest.com/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	warning	URL: https://apollo.07694.shelfpentest.com/76b3af26c6829e9a231208e50bec313b546a280b.js?meteor_js_resource=true(Line 751) Message: WebSocket connection to 'wss://apollo.07694.shelfpentest.com/sockjs/301/ixva0o0_/websocket' failed: WebSocket is closed before the connection is established.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' http://.s3.amazonaws.com https://.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://.amazonaws.com https://.amazonaws.com http://.google.com https://.google.com http://.googleapis.com https://.googleapis.com http://.gstatic.com https://.gstatic.com http://.intercom.io https://.intercom.io http://.intercomcdn.com https://.intercomcdn.com http://.stripe.com https://.stripe.com http://.pendo.io https://.pendo.io http://.getbeamer.com https://.getbeamer.com http://.shelf.io https://.shelf.io http://.shelfpentest.com https://.shelfpentest.com http://.s3.amazonaws.com https://.s3.amazonaws.com; connect-src * 'self' http://.s3.amazonaws.com https://.s3.amazonaws.com; img-src data: 'self' blob: http://.s3.amazonaws.com https://.s3.amazonaws.com http://* https://; style-src 'self' 'unsafe-inline' http://.s3.amazonaws.com https://.s3.amazonaws.com http:// https://; object-src 'self' http://.amazonaws.com https://.amazonaws.com http://.google.com https://.google.com http://.googleapis.com https://.googleapis.com http://.gstatic.com https://.gstatic.com http://.intercom.io https://.intercom.io http://.intercomcdn.com https://.intercomcdn.com http://.stripe.com https://.stripe.com http://.pendo.io https://.pendo.io http://.getbeamer.com https://.getbeamer.com http://.shelf.io https://.shelf.io http://.shelfpentest.com https://.shelfpentest.com http://.s3.amazonaws.com https://.s3.amazonaws.com; media-src 'self' http://.s3.amazonaws.com https://.s3.amazonaws.com http:// https://; font-src 'self' http://.s3.amazonaws.com https://.s3.amazonaws.com http:// https://; frame-src 'self' http://.s3.amazonaws.com https://.s3.amazonaws.com http:// https://*;
X-Content-Type-Options	nosniff

Header

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.shelfpentest.com
apis.google.com
apollo.07694.shelfpentest.com
app.getbeamer.com
browser-http-intake.logs.datadoghq.com
cdn.polyfill.io
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
js.stripe.com
login.shelfpentest.com
rum-http-intake.logs.datadoghq.com
ssl.gstatic.com
static.shelfpentest.com
widget.intercom.io
api.shelfpentest.com
browser-http-intake.logs.datadoghq.com
js.stripe.com
login.shelfpentest.com
rum-http-intake.logs.datadoghq.com
static.shelfpentest.com
104.26.3.186
13.32.99.114
13.32.99.47
13.32.99.9
142.250.185.141
142.250.185.227
142.250.185.234
142.250.186.110
142.250.186.163
151.101.1.26
18.66.139.109
3.233.144.219
3.233.145.238
52.222.236.31
54.173.11.185
1c802411ed6f3566b297307b6e0935db8117a3010cd4ccc45c8b98cc21546671
29affbbd5c303820ca22c68297922e8cf1c73d56047eca2a99c2c07065a977a2
41d0ef84101c1b80341960538abd56e3edeb5b9bd32b69be5858e7fcb658e45b
51809bc55f512c21a3829627405dfec8796820392303908a9e011691de6f79f7
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
571ede154437c116ad0cc439861a325475922345742c8b26a10edacc69d89235
57e18d40b40839e9a7a74d1fdcbe6983c5026354fb439b80d62a0c78aa7c8210
6efc962e5461d7e62cc9d0632685d1f27e871bb05d75dbb84063f8e413653cc3
8c0e5c2f898c9c6ae0c1aff2eca3068d28c9545f8b8c4458d912b27f93d7280a
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
9ee297e435832f2d66c0e2eca7d02a18d4945eb3fe0a7c540e69e03d210ac6c1
acaa1505aab20fe95c8805891e23fb5690d903a087e9a1d31d1255576a3114c5
b2434c4a5b159400ab8f676ba033cb1ee3900be2df354705d38ba802955b1405
b566bba689dcc65fc4b6d15c53158ed4fd7670213f0f6657fc1fd78860081ce8
c20f98ab1f8941592fff2e88cc19d2c0f83a300584c80e45b690f9f4e5b2310d
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0
cd6fc870cdb3257ef57d431bec0c36302f6ebf108508b90516aee9678f8be6be
f68a7087c8e16af35d54d34e77a08c1b32bc1953336178cb015f2db3acf78de6
fb732d5158f07b77794c1f837cfef5f159bf7eba148e7e5dd49f583af26497b4

login.shelfpentest.com Open in urlscan Pro 52.222.236.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

68 %HTTPS

0 %IPv6

10 Domains

16 Subdomains

15 IPs

1 Countries

3779 kBTransfer

14657 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.shelfpentest.com Open in urlscan Pro
52.222.236.31 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

68 %
HTTPS

0 %
IPv6

10
Domains

16
Subdomains

15
IPs

1
Countries

3779 kB
Transfer

14657 kB
Size

6
Cookies

47 HTTP transactions
0 data transactions