shellshock.io Open in urlscan Pro
2606:4700:20::681a:894 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shellshock.io/
Effective URL:
https://shellshock.io/
Submission: On April 04 via manual (April 4th 2023, 7:38:58 am UTC) from IL — Scanned from DE

Summary HTTP 307 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 83 IPs in 8 countries across 54 domains to perform 307 HTTP transactions. The main IP is 2606:4700:20::681a:894, located in United States and belongs to CLOUDFLARENET, US. The main domain is shellshock.io. The Cisco Umbrella rank of the primary domain is 91926.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 15th 2022. Valid for: a year.

This is the only time shellshock.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:994	13335 (CLOUDFLAR...) (CLOUDFLARENET)
105	2606:4700:20:... 2606:4700:20::681a:894	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
2	2606:4700:310... 2606:4700:3108::ac42:2b42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	93.119.15.97 93.119.15.97	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
37	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
2	213.19.147.43 213.19.147.43	3356 (LEVEL3) (LEVEL3)
1	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	3.67.166.194 3.67.166.194	16509 (AMAZON-02) (AMAZON-02)
2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1 4	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	13.32.106.197 13.32.106.197	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	104.18.11.47 104.18.11.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.19.228.187 2.19.228.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2.19.228.175 2.19.228.175	16625 (AKAMAI-AS) (AKAMAI-AS)
20	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.97.88 18.66.97.88	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:2e00:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
2 7	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 5	52.46.128.147 52.46.128.147	() ()
3	35.71.131.137 35.71.131.137	() ()
8 10	142.250.185.130 142.250.185.130	() ()
5 5	37.157.6.242 37.157.6.242	() ()
1 2	2a05:d018:d29... 2a05:d018:d29:3602:a2bd:f7af:253c:4fd	() ()
1	185.86.138.150 185.86.138.150	() ()
1 1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	() ()
1	104.18.10.47 104.18.10.47	() ()
2 2	213.155.156.184 213.155.156.184	() ()
4	185.64.189.110 185.64.189.110	() ()
1 1	185.29.134.248 185.29.134.248	() ()
2	185.64.190.80 185.64.190.80	() ()
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
3 5	67.220.226.238 67.220.226.238	() ()
1	34.251.239.167 34.251.239.167	() ()
2 2	34.111.129.221 34.111.129.221	() ()
1	34.111.131.239 34.111.131.239	() ()
3 4	54.235.69.38 54.235.69.38	() ()
1	35.204.74.118 35.204.74.118	() ()
3	2a00:1450:400... 2a00:1450:4001:812::2006	() ()
3 5	69.173.144.139 69.173.144.139	() ()
4 4	69.173.144.165 69.173.144.165	() ()
1	2620:1ec:22::14 2620:1ec:22::14	() ()
1 2	34.120.135.53 34.120.135.53	() ()
1 2	2a02:2638:3::c 2a02:2638:3::c	() ()
2	35.190.39.111 35.190.39.111	() ()
1	162.19.138.116 162.19.138.116	() ()
1	34.248.76.14 34.248.76.14	() ()
1	178.250.1.11 178.250.1.11	() ()
1	2a00:1450:400... 2a00:1450:4001:80f::2002	() ()
1	185.64.190.81 185.64.190.81	() ()
307	83

1 2606:4700:20::681a:994 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

shellshock.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

105 2606:4700:20::681a:894 (United States)

ASN13335 (CLOUDFLARENET, US)

shellshock.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

sdk.crazygames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:2b42 (United States)

ASN13335 (CLOUDFLARENET, US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.119.15.97 (Leiden, Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 93-119-15-97.colo.transip.net

stats.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.43 (Castricum, Netherlands)

ASN3356 (LEVEL3, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.166.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-166-194.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.212 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adinplay-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.106.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-106-197.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.228.187 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.228.175 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-175.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:2e00:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.128.147 (None, ) 3 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.130 (None, ) 8 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.242 (None, ) 5 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:a2bd:f7af:253c:4fd (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.150 (None, )

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (None, ) 1 redirects

ASN- ()

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.47 (None, )

ASN- ()

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.220.226.238 (None, ) 3 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.239.167 (None, )

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (None, ) 2 redirects

ASN- ()

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (None, )

ASN- ()

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.235.69.38 (None, ) 3 redirects

ASN- ()

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (None, ) 3 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (None, ) 4 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (None, ) 1 redirects

ASN- ()

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (None, ) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (None, )

ASN- ()

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.76.14 (None, )

ASN- ()

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
106	shellshock.io 1 redirects shellshock.io — Cisco Umbrella Rank: 91926	29 MB
37	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	1 MB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145	208 KB
21	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 ad.doubleclick.net — Cisco Umbrella Rank: 172 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net	197 KB
14	amazon-adsystem.com 6 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 309 aax.amazon-adsystem.com — Cisco Umbrella Rank: 412 s.amazon-adsystem.com aax-eu.amazon-adsystem.com	66 KB
12	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 498 eus.rubiconproject.com — Cisco Umbrella Rank: 577 pixel.rubiconproject.com token.rubiconproject.com	14 KB
12	pubmatic.com 1 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 500 ads.pubmatic.com — Cisco Umbrella Rank: 509 image6.pubmatic.com — Cisco Umbrella Rank: 779 image2.pubmatic.com simage2.pubmatic.com simage4.pubmatic.com	27 KB
8	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 526 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463 dsum-sec.casalemedia.com dsum.casalemedia.com	8 KB
7	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4000 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 90	2 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	204 KB
5	adform.net 5 redirects c1.adform.net dmp.adform.net	3 KB
5	openx.net 1 redirects adinplay-d.openx.net — Cisco Umbrella Rank: 31965 u.openx.net — Cisco Umbrella Rank: 651 oajs.openx.net google-bidout-d.openx.net	1 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 acdn.adnxs.com — Cisco Umbrella Rank: 581	21 KB
4	audrte.com 3 redirects a.audrte.com	3 KB
4	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 718 gum.criteo.com mug.criteo.com	8 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	249 B
4	google.de www.google.de — Cisco Umbrella Rank: 5216 adservice.google.de — Cisco Umbrella Rank: 7832	1 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 imasdk.googleapis.com — Cisco Umbrella Rank: 473	124 KB
3	2mdn.net s0.2mdn.net	79 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr idsync.frontend.weborama.fr	898 B
3	adsrvr.org match.adsrvr.org	793 B
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1289 sync.crwdcntrl.net bcp.crwdcntrl.net	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	244 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 940 api.btloader.com — Cisco Umbrella Rank: 1036	7 KB
3	adinplay.com api.adinplay.com — Cisco Umbrella Rank: 17847 stats.adinplay.com — Cisco Umbrella Rank: 65039 Failed	138 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	166 KB
2	rtbhouse.com esp.rtbhouse.com	315 B
2	de17a.com 2 redirects d5p.de17a.com	562 B
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	1 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1045 id5-sync.com	17 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 650 cdn.indexww.com	2 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 828	361 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 541 eb2.3lift.com — Cisco Umbrella Rank: 387	645 B
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 886	161 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 677 script.hotjar.com — Cisco Umbrella Rank: 927	72 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1016	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	155 KB
1	googletagservices.com www.googletagservices.com	49 KB
1	linkedin.com px.ads.linkedin.com	866 B
1	simpli.fi um.simpli.fi	610 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 712	590 B
1	mathtag.com 1 redirects sync.mathtag.com	737 B
1	dotomi.com 1 redirects casale-match.dotomi.com	181 B
1	smartadserver.com ssbsync.smartadserver.com	75 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3449	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 4136	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 670	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3194	8 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 646	400 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1030	6 KB
1	crazygames.com sdk.crazygames.com — Cisco Umbrella Rank: 49430	8 KB
307	54

	Domain	Requested by
106	shellshock.io	1 redirects shellshock.io static.cloudflareinsights.com api.adinplay.com
37	i.ytimg.com
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net shellshock.io 991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com tpc.googlesyndication.com
10	cm.g.doubleclick.net	8 redirects eus.rubiconproject.com
6	www.google-analytics.com	shellshock.io www.google-analytics.com
5	pixel.rubiconproject.com	3 redirects eus.rubiconproject.com
5	aax-eu.amazon-adsystem.com	3 redirects ads.pubmatic.com eus.rubiconproject.com
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com eus.rubiconproject.com
5	www.google.com	2 redirects shellshock.io tpc.googlesyndication.com 991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com
5	securepubads.g.doubleclick.net	api.adinplay.com securepubads.g.doubleclick.net shellshock.io
4	token.rubiconproject.com	4 redirects
4	a.audrte.com	3 redirects ads.pubmatic.com
4	image2.pubmatic.com	ads.pubmatic.com
4	c1.adform.net	4 redirects
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	ib.adnxs.com	1 redirects api.adinplay.com acdn.adnxs.com
4	www.facebook.com	shellshock.io
4	www.gstatic.com	shellshock.io
3	s0.2mdn.net	tpc.googlesyndication.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	match.adsrvr.org	ssum-sec.casalemedia.com ads.pubmatic.com eus.rubiconproject.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	googleads.g.doubleclick.net	1 redirects 991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com
3	www.google.de	shellshock.io
3	connect.facebook.net	shellshock.io connect.facebook.net
3	c.amazon-adsystem.com	api.adinplay.com c.amazon-adsystem.com
3	cdnjs.cloudflare.com	shellshock.io cdnjs.cloudflare.com
3	fonts.googleapis.com	shellshock.io www.gstatic.com tpc.googlesyndication.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
2	cr.frontend.weborama.fr	2 redirects
2	simage2.pubmatic.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	image6.pubmatic.com	1 redirects ads.pubmatic.com
2	eus.rubiconproject.com	api.adinplay.com eus.rubiconproject.com
2	ads.pubmatic.com	api.adinplay.com ads.pubmatic.com
2	991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	onetag-sys.com	api.adinplay.com
2	targeting.unrulymedia.com	api.adinplay.com
2	api.btloader.com	btloader.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	ad-delivery.net	shellshock.io
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.jsdelivr.net	api.adinplay.com securepubads.g.doubleclick.net
2	www.googletagmanager.com	shellshock.io
2	api.adinplay.com	shellshock.io api.adinplay.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	www.googletagservices.com	991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	um.simpli.fi	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	ssbsync.smartadserver.com	ssum-sec.casalemedia.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	acdn.adnxs.com	api.adinplay.com
1	u.openx.net	api.adinplay.com
1	eb2.3lift.com	api.adinplay.com
1	js-sec.indexww.com	api.adinplay.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	fastlane.rubiconproject.com	api.adinplay.com
1	adinplay-d.openx.net	api.adinplay.com
1	tlx.3lift.com	api.adinplay.com
1	ap.lijit.com	api.adinplay.com
1	hbopenbid.pubmatic.com	api.adinplay.com
1	htlb.casalemedia.com	api.adinplay.com
1	stats.adinplay.com	api.adinplay.com
1	script.hotjar.com	static.hotjar.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	ad.doubleclick.net	shellshock.io
1	btloader.com	api.adinplay.com
1	imasdk.googleapis.com	api.adinplay.com
1	static.cloudflareinsights.com	shellshock.io
1	sdk.crazygames.com	shellshock.io
307	95

This site contains links to these domains. Also see Links.

Domain
www.bluewizard.com
www.shellshock.io
twitch.tv
www.facebook.com
twitter.com
www.instagram.com
www.tiktok.com
store.steampowered.com
www.twitch.tv
bluewizard.com
discord.gg
html5gamepad.com
www.nvidia.com
support.amd.com
www.intel.com
discordapp.com
crazygames.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
calebokai.com GTS CA 1D4	`2023-03-16` - `2023-06-14`	3 months	crt.sh
adinplay.com Cloudflare Inc ECC CA-3	`2022-06-21` - `2023-06-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-11` - `2023-04-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-02-16` - `2023-05-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
stats.adinplay.com R3	`2023-02-04` - `2023-05-05`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-03-30` - `2023-06-28`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-02-28` - `2023-05-29`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-03-20` - `2023-06-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://shellshock.io/
Frame ID: B44A9B1F7E975AA97654EADFBD176409
Requests: 223 HTTP requests in this frame

Frame: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A5A0B8E71C6A89AEBFAB07BF011CC914
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 522BD9B941A22C813302D02B9E27F21D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Frame ID: 1B09DBB1CAEF94A8C455A13CAF82A9C9
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F4B76922866EB2B3B77B8768C0389025
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: EF891A47887E2E44F0F79D8FF70C2A76
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1680593934065
Frame ID: CCAB5D66F03FD3713FCC159167737F02
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 7D2671AD1714C7A628AB92BE1160FDEF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FDBB072FE3C04B020A5ABA3478323E3C
Requests: 3 HTTP requests in this frame

Frame: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FC939770385FB35A797C84D5FDABE01A
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 5625E711DC82329B6D85D22EE99DDF1C
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486
Frame ID: 2A5E57435F1607FC34D2CE117BEFEF69
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EBF49257EDC755BEC306ABFB27ADB609
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3681197B80C7F48D2FE4B081C2502E8C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9BDE0065BF5C98BDEB137634D988D030
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1579105158369455095
Frame ID: D3DC29307382DF4876B930086608B637
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a389642b-d40f-4100-b28b-b6985cddae48&gdpr=0&gdpr_consent=
Frame ID: 6C575C0069612267A49CE5EBEC98A4BD
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 092BEF10CFB6A816335D5BC2C67055BF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VUevaQdHrW1OQq4_AhCwaQdEpG1OR_k6UhITnXNL
Frame ID: A11E952687E9C70FD3F9DEA0F677B9DF
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=235DB9B2-32DE-449D-8BB5-71352EB0C8C6&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: DA286F105B7D1EF6BA8670043DDF2D64
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=shellshock.io
Frame ID: 16EFC39FE8A828258F09CF207F3FBC0B
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 6053C72A2B757C0D330045DE77B6A71D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shell Shockers | geometry.monster

Page URL History Show full URLs

http://shellshock.io/ HTTP 301
https://shellshock.io/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

307
Requests

93 %
HTTPS

42 %
IPv6

54
Domains

95
Subdomains

83
IPs

8
Countries

33095 kB
Transfer

107123 kB
Size

39
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bluewizard.com/privacypolicy
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.shellshock.io/

Search URL Search Domain Scan URL

URL: https://twitch.tv/talent135
Title: talent135 6 viewers

Search URL Search Domain Scan URL

URL: https://twitch.tv/elixirvolcaner8734
Title: elixirvolcaner8734 2 viewers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bluewizarddigital
Title: Vist Shell Shocker's Facebook page

Search URL Search Domain Scan URL

URL: https://twitter.com/bluewizardgames
Title: Vist Shell Shocker's Twitter page

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bluewizardgames/
Title: Vist Shell Shocker's Instagram page

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@bluewizarddigital
Title: Vist Shell Shocker's TikTok page

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/publisher/bluewizard
Title: Vist Shell Shocker's Steam page

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/bluewizarddigital
Title: Vist Shell Shocker's Twitch page

Search URL Search Domain Scan URL

URL: https://bluewizard.com/subscribe-to-the-new-yolker
Title: Vist Shell Shocker's newYolker page

Search URL Search Domain Scan URL

URL: https://discord.gg/bluewizard
Title: Vist Shell Shocker's Discord page

Search URL Search Domain Scan URL

URL: https://html5gamepad.com/
Title: html5gamepad.com

Search URL Search Domain Scan URL

URL: http://www.nvidia.com/Download/index.aspx
Title: NVIDIA

Search URL Search Domain Scan URL

URL: http://support.amd.com/en-us/download
Title: ATI

Search URL Search Domain Scan URL

URL: https://www.intel.com/content/www/us/en/support/graphics-drivers.html
Title: Intel

Search URL Search Domain Scan URL

URL: https://discordapp.com/invite/bluewizard
Title: Discord server

Search URL Search Domain Scan URL

URL: https://crazygames.com/
Title: CrazyGames

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shellshock.io/ HTTP 301
https://shellshock.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/662950613/?random=1300546616&cv=11&fst=1680593923437&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fshellshock.io%2F&label=u82gCJTLqdcBENWlj7wC&hn=www.googleadservices.com&frm=0&tiba=Shell%20Shockers%20%7C%20geometry.monster&value=0&auid=2064289493.1680593923&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=A9QrZOHFIoWCmLAP7tqq6AQ&sscte=1&crd=&eitems=ChAI8JWvoQYQjc7oxoOq0_VJEh0A2nnacojZduEy6MMBIGWGxeGwX4LZFbtcDkdH_Q&pscrd=Ek9DaEVJOEpXdm9RWVFpX3kzMXN6MXBJaVdBUkltQUcwa3hiTnVhdml4MXJlaU9fVENpN182dTdBMlItLUJjaEJVZUlEMHJ6SE50aGtweU00GlhDaEFJOEpXdm9RWVE3ZmpFanVXUGpkUUhFaTRBX0U4d3NqZTRGVlhVM29kSWEyQWZOamN2R0ItTUJ2QVBld2lQcWNOeWdLci0tU1J5LUZDTHlwRmZMVURy HTTP 302
https://www.google.com/pagead/1p-conversion/662950613/?random=1300546616&cv=11&fst=1680593923437&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fshellshock.io%2F&label=u82gCJTLqdcBENWlj7wC&hn=www.googleadservices.com&frm=0&tiba=Shell%20Shockers%20%7C%20geometry.monster&value=0&auid=2064289493.1680593923&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEpXdm9RWVFpX3kzMXN6MXBJaVdBUkltQUcwa3hiTnVhdml4MXJlaU9fVENpN182dTdBMlItLUJjaEJVZUlEMHJ6SE50aGtweU00GlhDaEFJOEpXdm9RWVE3ZmpFanVXUGpkUUhFaTRBX0U4d3NqZTRGVlhVM29kSWEyQWZOamN2R0ItTUJ2QVBld2lQcWNOeWdLci0tU1J5LUZDTHlwRmZMVURy&is_vtc=1&ocp_id=A9QrZOHFIoWCmLAP7tqq6AQ&eitems=ChAI8JWvoQYQjc7oxoOq0_VJEh0A2nnackIFEKEx-1bXqv0X9jz4ruoqATLaWWRpqw&random=1809020617 HTTP 302
https://www.google.de/pagead/1p-conversion/662950613/?random=1300546616&cv=11&fst=1680593923437&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fshellshock.io%2F&label=u82gCJTLqdcBENWlj7wC&hn=www.googleadservices.com&frm=0&tiba=Shell%20Shockers%20%7C%20geometry.monster&value=0&auid=2064289493.1680593923&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEpXdm9RWVFpX3kzMXN6MXBJaVdBUkltQUcwa3hiTnVhdml4MXJlaU9fVENpN182dTdBMlItLUJjaEJVZUlEMHJ6SE50aGtweU00GlhDaEFJOEpXdm9RWVE3ZmpFanVXUGpkUUhFaTRBX0U4d3NqZTRGVlhVM29kSWEyQWZOamN2R0ItTUJ2QVBld2lQcWNOeWdLci0tU1J5LUZDTHlwRmZMVURy&is_vtc=1&ocp_id=A9QrZOHFIoWCmLAP7tqq6AQ&eitems=ChAI8JWvoQYQjc7oxoOq0_VJEh0A2nnackIFEKEx-1bXqv0X9jz4ruoqATLaWWRpqw&random=1809020617&ipr=y&prhg=0

Request Chain 228

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 230

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 237

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZCvUDvnh71y144ypr7mmfgAAFLEAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZCvUDvnh71y144ypr7mmfgAAFLEAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 239

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZCvUDvnh71y144ypr7mmfgAAFLEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP4i-pNq0c6aJAqFyZrx_DI&google_cver=1

Request Chain 240

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZCvUDvnh71y144ypr7mmfgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDzz4DpaAIJB6X5SevDnlUc&google_cver=1

Request Chain 241

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3849059396235361125&expiration=1681803535

Request Chain 244

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1680680335

Request Chain 248

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1579105158369455095

Request Chain 249

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a389642b-d40f-4100-b28b-b6985cddae48&gdpr=0&gdpr_consent=

Request Chain 251

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VUevaQdHrW1OQq4_AhCwaQdEpG1OR_k6UhITnXNL

Request Chain 252

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=235DB9B2-32DE-449D-8BB5-71352EB0C8C6&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=235DB9B2-32DE-449D-8BB5-71352EB0C8C6&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 253

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I125sjLeRJ2LtXE1LrDIxg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 255

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=414864087 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=235DB9B2-32DE-449D-8BB5-71352EB0C8C6

Request Chain 256

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=235DB9B2-32DE-449D-8BB5-71352EB0C8C6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NjUybWZ3TEpKTjdRdGlKaVpCWUg0QVpWQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=1871226279912368074&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 257

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjM1REI5QjItMzJERS00NDlELThCQjUtNzEzNTJFQjBDOEM2&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 258

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMrZqkEc9pdrdcdCQ-MFJAo&google_cver=1

Request Chain 260

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1871226279912368074

Request Chain 269

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDJy5bRb_xvK8-1Ap7WiiP0&google_cver=1

Request Chain 270

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWMzYmIwMTM1Nzk5OGMyMTI1MjBmM2JlYTVhZTM0Y2Q3OGQwZWExYw

Request Chain 271

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEcxWThJTEItQy1BVjg2 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEZx1WoWxBKKUkuPo9sC-B8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEcxWThJTEItQy1BVjg2&google_push=

Request Chain 272

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=U0ldr7COSPqYK_v85c4V1Q&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=U0ldr7COSPqYK_v85c4V1Q

Request Chain 274

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LG1Y8ILB-C-AV86

Request Chain 275

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=T0u2lwEtQO22wkNPf6WMKg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=T0u2lwEtQO22wkNPf6WMKg

Request Chain 276

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/WJV0RU3e-jEmvimDY7Tx0g?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lqcYpzdE2oLaZBjW_Gj.G2720kzWQaS3evls2w--~A

Request Chain 277

https://oajs.openx.net/esp?url=https%3A%2F%2Fshellshock.io%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fshellshock.io%2F&rid=esp&cc=1

Request Chain 284

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 285

https://gum.criteo.com/sid/json?origin=publishertagids&domain=shellshock.io&sn=ChromeSyncframe&so=0&topUrl=shellshock.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=rVVV2XwrVmExdzBRK1VZVkVBcWZLOEtmZ29sNDlNUUkxL1Jza2FlRFlBMnNheHM3VzFvU2srUUF4ajB2Q1VVRXhGM2tFT3diNkRmNSs2b3I3YjlHYjJWQXlwQzBIY1pQYW5kUVAxNjdUMHBpOGg0QktHb01YakpTUGc5WW5TQkxyMFNTR01YTnBhVUVDYk9vbSt1NklWNUdkZktybjBlcTY4MW5meTYxUDNkTmdrSkE0a3RMTkw0UU1zSXFHeVVkck9sdjdBNXBHYnlodFVuYk91czFlZndhMVg0MTRJOHlWMHlPZlBMazA0UXUzbE1TdHBRNGVZeHRqbjg0MUJwME5NMVl4Q1dTamhQdEVCWFFUK3lOOTVOQXhqQT09fA&cppv=2

307 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
shellshock.io/
Redirect Chain

http://shellshock.io/
https://shellshock.io/

426 KB
103 KB

60ms
27ms

Document
text/html

2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2da47ba0d59b0d8510be33c0c858ed945dc71c395090b3b17fadf04b939ac7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1981
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7b27e4b1099739f1-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 04 Apr 2023 07:38:42 GMT
last-modified: Tue, 04 Apr 2023 07:05:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BFh49ceBAgBU%2BAS%2FdmrHbqTRd%2FqDm%2B1rclX9iXD7RkLN%2F3jkLXhkBhhOLTOMZPxfsqK7gd0pWyDCFWu5ARxiRsycjgTJlp9SFxjZ%2FqACSNRR7G0ZCNCsMFHp9DJvBaQTLXKLr1obdcoifc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: EXPIRED
CF-RAY: 7b27e4af6a6b9b4b-FRA
Cache-Control: max-age=14400
Connection: keep-alive
Content-Type: text/html
Date: Tue, 04 Apr 2023 07:38:42 GMT
Location: https://shellshock.io/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jl%2Bl%2Bm2CdPbCljPCKGJAAIKuvGFl5ezZKeumVViX0nAxfu2nc52S5n0%2BQ1LxLtTBBqYRkdtnfDx1hQ3U9zLxJb8N2W7EqWKwpEaaFG3WE9UM3NYibsWIXMVu%2BFCnuwcdkke9XiZpA4l9GH0%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 136ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sigmar+One|Nunito:100,200,600,700,900

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82cce7485814c7d5b8ea1a731b02d43c7a1d5157c08b1a503575aa0e0a715537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 04 Apr 2023 07:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 07:32:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Apr 2023 07:38:42 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 58 KB
11 KB 36ms
19ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://shellshock.io/
Origin: https://shellshock.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5365321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10391
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-e637"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tx%2FvZhjth9FXlWQlvHiGhLro6AkwW1tHpsOnkGRfiyOgMbyCTchLALx53GlWY3FKrUT%2Fi3wDat7ygkEHm2Xys0rzWtBOnGz%2Bciu%2Bft7WISeZ5t0MUgJD3PVC5pIaSNQdO5nlqdM%2BQOhFxcTVsbui9x9Y"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b27e4b15bd43603-FRA
expires: Sun, 24 Mar 2024 07:38:42 GMT

GET
H2 200 transitions.css
shellshock.io/styles/ 4 KB
1 KB 25ms
22ms Stylesheet
text/css 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/styles/transitions.css?1676508401
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b8ad27f1376c0ca1de3808d2569b6cb82eb407180e2dfe00af025437cfb83c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6251
etag: W/"63ed7cf1-1174"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afVMwLG9kM2BF6ovA%2FE2A8%2BQ%2FCDTUfgtt2ACdAmrtOnw5dhF8fx2CEBpWEJseznLRovRcFNR3B%2FFxGeklfp7wD%2FEbGLEgQlvsYqGU0ezF8BEIN4Yt2PSN8zpJDHZ9Dl8RhVW1FLseYJ3Y94%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7b27e4b139ca39f1-FRA

GET
H2 200 forms.css
shellshock.io/styles/ 13 KB
3 KB 30ms
28ms Stylesheet
text/css 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/styles/forms.css?1679942598
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87dcce3aa5456b245fe1fbc2eda7172d56dbee07265ee435753e3b62c2e4e693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 266
etag: W/"6421e3c6-332a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cd5SrTnGqMJQ1y0RJCdj2NqxU%2Bxw0WINrv2JOEbuXQ6eqLkvn8vFHCoqq5bAk9XmAgLRnTguFt3z4FDXviLiIckzbg4E7x2MADqnJhTMR9YGSI7l%2B24k26FfL0r3qdmm6yVJp9OdUuOvwrE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7b27e4b139cc39f1-FRA

GET
H2 200 style.css
shellshock.io/styles/ 106 KB
24 KB 22ms
20ms Stylesheet
text/css 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/styles/style.css?1679942598
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddcfb3be6f435a2a7cd9b135f188470178599fcb9941e0ebfb320c7bef605841

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2383
etag: W/"6421e3c6-1a994"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1qAfgdl6IgS6OhCTgb6f1fnroqGCUHO7033aEtEGCJSkoEQDbB2ijknlI%2F2p79PYfkGCxDbGkETCdFw%2BpP%2FquyuHDZjuf9z%2FLLyCO2HRWclWaOKcPNGvEbdy5Tr9LkS%2FQ3BF0JkK%2FPiUgc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7b27e4b139ce39f1-FRA

GET
H2 200 game.css
shellshock.io/styles/ 32 KB
7 KB 25ms
23ms Stylesheet
text/css 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/styles/game.css?1679942598
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a42e9a77a0916f9f3ec7d55244522228037732fb39ddf85c3caab7ff819a55d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4653
etag: W/"6421e3c6-8164"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wA8%2BdEhgd8jY5mHKaN4%2BSClPJDlhQT6K8uGTTmsVls9x%2B1NuTkVhzvi9hFzGGrwguyH6MBjWRyTnDCdTc7axK5iVilfKGQn2N6Zoe0U0FtqSVxhydB%2FbDquDJGZ0k4DJM0SOrwXqNT3IXn4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7b27e4b139d039f1-FRA

GET
H2 200 crazygames-sdk-v1.js Show response
sdk.crazygames.com/ 40 KB
8 KB 37ms
8ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.crazygames.com/crazygames-sdk-v1.js

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2760782fb1e3c1e66ab5e51a5cc15cfbf6c261a067aabf61c6836cb645b0d318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
date: Tue, 04 Apr 2023 07:38:42 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8051
x-served-by: cache-fra-eddf8230043-FRA
last-modified: Thu, 16 Mar 2023 09:50:14 GMT
x-timer: S1680593923.785301,VS0,VE0
etag: "0f43440f76cec069dd721b9cd3fac2ea21ce960563fbe97732576dae79add2e9-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 32

GET
H2 200 tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/ 498 KB
138 KB 74ms
33ms Script
application/javascript 2606:4700:3108::ac42:2b42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3bad9ef6cf93b3409f6bb90caa3b83d9d3f0ec600bc1a2aa79c42c9c91bc2fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 513193
x-host: adinplay-1
last-modified: Thu, 16 Feb 2023 13:24:57 GMT
server: cloudflare
etag: W/"63ee2ea9-7c96b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCT3fxvcWrId1nWIh9HZciPyE9%2BdwlZoQzFYwHl9E%2B5Nh8G0D8v4ZyfZ1mZlR9bIhprIG%2FugPMSEUpzChCGnWbGMdOsMrOgoF5unocUp2PFFF61GXWFLIKWGWK2oc81rmqp5WQa1hdu%2Fn8dGMb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
cf-ray: 7b27e4b25bf0bbc5-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
82 KB 204ms
119ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-79NWRZXYCB

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26d676e7bb5f89af2596c4340d93b8a832fd37e5ff04b5bc0f8753657bb0845a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 04 Apr 2023 07:38:42 GMT

GET
H2 200 firebase-app-compat.js Show response
www.gstatic.com/firebasejs/9.17.2/ 28 KB
9 KB 164ms
82ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.17.2/firebase-app-compat.js

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f0fc7385ee9c33cf2549eb2b0e5edf52b15edc6bbabc29bd070402a620a3b97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9289
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Mar 2024 18:09:57 GMT

GET
H2 200 firebase-auth-compat.js Show response
www.gstatic.com/firebasejs/9.17.2/ 123 KB
36 KB 122ms
41ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.17.2/firebase-auth-compat.js

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b76031234284d19d4e4c7a06c89247ba303c523486ef11c27fb5b9c2cb6521bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 01:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36337
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:27:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 01:56:07 GMT

GET
H2 200 firebase-ui-auth.js Show response
www.gstatic.com/firebasejs/ui/6.0.2/ 248 KB
73 KB 174ms
93ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/ui/6.0.2/firebase-ui-auth.js

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb88fa22dd347860068b42f6a2de6efffdcbf70b5543d1da691bdb086e27cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 23:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74948
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 22:27:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 23:42:19 GMT

GET
H2 200 firebase-ui-auth.css
www.gstatic.com/firebasejs/ui/6.0.2/ 41 KB
8 KB 118ms
37ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/ui/6.0.2/firebase-ui-auth.css

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be3e21b39b3e65e5936264bef79dfdc2a42b6f3f275dafd499eb9563c259c30c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7831
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 22:27:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Mar 2024 18:05:46 GMT

GET
H2 200 vue.min.2.6.10.js Show response
shellshock.io/js/vue/ 91 KB
35 KB 25ms
24ms Script
application/javascript 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/js/vue/vue.min.2.6.10.js
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2382
etag: W/"63ed7cef-16deb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fg%2F03QG55cYad2jf0M8EyyS2p4JWmvhi2%2B1sFOAI4oMgwcUMuIyQpsYSjFJvWUOJRnesv5aU5MDV7YtdKZlU8hHi9%2FQf0VnysbHUIt9JNDqzYpbXEYCo7vFbkcSnPFxvPlgN2AnsYPXSeI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7b27e4b139d239f1-FRA

GET
H2 200 eggPose05.png
shellshock.io/img/ 62 KB
63 KB 22ms
21ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/eggPose05.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6383353070129c103b1a78f595ea41b2bbdb5b0c130e04d0076e29bb30ac8c92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:42 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6251
etag: "63ed7ce4-f9ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9%2FBF069Tn6tgT72%2Ba6nGj72uPldBKzEONFyscbdQhKHB0mCg0rO%2Fp9fklMES%2F7QnrrREIuypX9b3A5enOE725Zfqssyc273OpmfddeZG%2BFMJrAsDlAwOxaW46ymNR4c43%2BzeTtLovr%2Bayo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b21b1b39f1-FRA
content-length: 63983

GET
H2 200 eggPose01.png
shellshock.io/img/ 75 KB
75 KB 30ms
29ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/eggPose01.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51cba45ddd3f0fd36ffac9228945b397967fc9f39bffd93ed71e13459dcc4158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:42 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4657
etag: "63ed7ce4-12c28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVwiB%2BGO7U83Goz8bo8IFa2xL2psfqwRrDY%2FbWAehZxi5JGFtFPOLXyF5IpYXcAZKUEL%2BhRSy56iJp678MZ5R68%2BxGpiBxr5oVEoU1ugk8eaOsFGJPoPEQUVx6e9H2ouiYsC7SQDsCctmbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b21b1f39f1-FRA
content-length: 76840

GET
H2 200 black-friday-banner.jpg
shellshock.io/img/ 53 KB
53 KB 26ms
25ms Image
image/jpeg 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/black-friday-banner.jpg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 224581ff43afbd9949ba9fc161fc565053ef15f3e1aacde253bba928231ab5ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:42 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 16 Feb 2023 00:46:27 GMT
server: cloudflare
age: 2380
etag: "63ed7ce3-d250"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWPUo%2FkRR64BjAVzMJKkChSyPgaZu6umiioURUg%2F6O5IZhujMb9Iw4pZQihrcY3GHFvyJdZVtLcJarwn0fVM5yp7IMLTOE8Y2PfHNuBFIjNi7ouzsvbZtrWkVoEZSa78LzIw%2BTgr%2F1aTEtk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b21b2139f1-FRA
content-length: 53840

GET
H2 200 vb26e4fa9e5134444860be286fd8771851679335129114 Show response
static.cloudflareinsights.com/beacon.min.js/ 16 KB
6 KB 70ms
43ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542

Request headers

Referer: https://shellshock.io/
Origin: https://shellshock.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:42 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2023 17:58:49 GMT
server: cloudflare
etag: W/2023.3.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7b27e4b23bdb2c2e-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 199 KB
73 KB 133ms
52ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K5MSJHJ

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

731bd9dfff0848f33e103c5e4f61b050b172511476cb163ce5b1e831e7c5f748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73836
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Apr 2023 07:38:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
755 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/ui/6.0.2/firebase-ui-auth.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

931d2a6a0b4b62f6c408c4d69166f12f9be5894f45fceb005402b86f9fa9cb26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 04 Apr 2023 07:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 07:28:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Apr 2023 07:38:42 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 51ms
21ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230404

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e16a89b0c6e8402b109c9c7a787a0fdac2c2f79e09ee0289f3a2e22d9e1661d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13075
x-jsd-version: 1.0.1666
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4558-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"635-m8bD5v5dptfR1eHyGubHoAdf8dA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=La8bGUKgO3%2B46dk9b594J4M9f%2FCTuVEDXdw2JwALXconA8BZlDOkAyhpG5AZMnICaGmB3xXfp0k%2B%2BMYuIJhrUEsSknqR4v6a2BW%2Bq4gilbZhFFpIIKQcBSVxJcCuWoHJ3A0nhsVzeb%2BlAk9BOJE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7b27e4b31fa62bb0-FRA

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 224 KB
55 KB 44ms
8ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:13:08 GMT
content-encoding: gzip
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 19:29:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1535
x-amz-server-side-encryption: AES256
etag: W/"9bc5c23889e7664ec16504ac1d3adeb5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: kCGJVDwGqcauqc5d9ReFOCO3aliHecrjDWSnR4d6GDImF76UWXsZfA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 202ms
107ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93b050f8e4409fa77e3fa92ef7d0286807f413033d2343837f2d984aedeed945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25713
x-xss-protection: 0
server: cafe
etag: 407 / 19451 / 31073505 / config-hash: 8099576212240570919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 04 Apr 2023 07:38:43 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
121 KB 125ms
45ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1da28e800518ff1302a3a67c4e4876910229c52554291a25b280dcd01d42ea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123698
x-xss-protection: 0
expires: Tue, 04 Apr 2023 07:38:43 GMT

GET
H2 200 tag Show response
btloader.com/ 16 KB
7 KB 61ms
21ms Script
application/javascript 2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1b892aa1194eb8b1b4b4736479e68786fc31b977ddb667d07a65b3a454fcc85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Apr 2023 07:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1964
etag: W/"68f53824b9c9025691b639fc2a11f2f0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FYoF9Av%2F9JNCOsoTU%2BlZES41o7r7pamqffKWqfSECqLCHVxIDEV3N3h2klWT0xIPyUTDimyrH6eZRS0XS9sAfsgNdZgS7bz4BDv%2BsAk6LdV2UjLlXz8vOScFTYqSaB4nBuaauBCqYj32w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7b27e4b32c42361f-FRA

GET
H2 200 adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ 16 B
371 B 21ms
21ms Script
application/javascript 2606:4700:3108::ac42:2b42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 513199
x-host: adinplay-1
content-length: 16
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
server: cloudflare
etag: "5ac4f9a5-10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grlZvXcXf2BsoAzfzYwVT34uHuKxQP7fM5j9l7ad7z8V%2Fy3vwy9NQsRPQMuYKwxdQLR9tuh3gbK4T1DxkHVGulPGb11QlDi63i0hG8Kd6dExoMGvz8b1VoiKe%2B82Dg4WIUYYFRJ4Xw6mdBaN70o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7b27e4b2ec9ebbc5-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 25ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 04 Apr 2023 07:38:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: YvtmTY00MIu8toOxhY7EC4NseMKGOm2TxlbSih9ZVC/aJPFEsttQfEmnEHDKY6TfzY1iRz56sc1aVfSg7motbw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 shellshock.js Show response
shellshock.io/js/ 3 MB
597 KB 23ms
23ms XHR
application/javascript 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/js/shellshock.js?1680556034
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15b92fe8592ec5916984e9d4a2cd37af9d0df8bffa1dcd9933921fd35f988ef4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 03 Apr 2023 21:07:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4891
etag: W/"642b4002-296c30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zx1HxztRnFFg6z4lq6YCC0CVAL4rDdI4GIL%2BqPZ0q9bJ%2Bsp0DykEPq6szjjHMG7OzJkJRtMD7HMBZ74kafQJadUDHQxXy%2Fmc56wt5fWulkicfbFVY87D8so%2FsfHLC1PJjdy%2FG3fzqNaws1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7b27e4b2fc5f39f1-FRA

GET
H2 200 vip-club-popup-background.png
shellshock.io/img/vip-club/ 163 KB
164 KB 27ms
26ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/vip-club/vip-club-popup-background.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/styles/style.css?1679942598
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd60a19c003cfd7697cf549e7defd622a78765daf0e10f5aec2c6e3f61a364d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/styles/style.css?1679942598
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2370
etag: "63ed7ced-28d07"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnJIRO6MKom4cljzqSbU2UDZJjtvgYXiTtETgqbY%2FSap8VAJ9wJVE6AYbeDiibVKILrZWfGugP6XXRH08Qavd0t0t%2BK6Qd76SvgNlzZtwLXAas2f10rvmsEbduc1E90LT36ys2Rf3sDx3uE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b30c7739f1-FRA
content-length: 167175

GET
H2 200 vip-club-give-stuff-popup-background.jpg
shellshock.io/img/vip-club/ 62 KB
62 KB 26ms
25ms Image
image/jpeg 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/vip-club/vip-club-give-stuff-popup-background.jpg
Requested by: Host: shellshock.io
URL: https://shellshock.io/styles/style.css?1679942598
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ff2f16b4b5d0a7d8dc536209e04d61870f4216ab2c67fe26e31421911b79e22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/styles/style.css?1679942598
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 16 Feb 2023 00:46:37 GMT
server: cloudflare
age: 2370
etag: "63ed7ced-f66c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJ4lHNxL1b5ph6Qato8GCvPF0op3briGbcNJ10374kyzS8aITwlL00hra72645CwR%2BVDyNxli7Zk0ezcuEqzCycUlPBJ21MUcIHT%2F0T8YZx5h549kzJ%2BwHryL01qcZeN8nfbgnMEqYZqWAk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b30c7939f1-FRA
content-length: 63084

GET
H2 200 kotc-bg-popup.png
shellshock.io/img/kotc/ 107 KB
108 KB 25ms
25ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/kotc/kotc-bg-popup.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/styles/style.css?1679942598
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e8ca48ea3cb0c70aed0346f6c9510abf37d1b0db0c2b0c1911da2fd3201def9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/styles/style.css?1679942598
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6252
etag: "63ed7ce6-1ade5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98sXlqW9Y4CatqJuGbuKPdw3mFDWx2LBLnv15t803kcLWYU%2B%2FJLWAvyZ11J4YIYEWbOTrFgBBYxGoSfr23WpXcszLg6zuGpy9ec3CJv2FKBmwTRj2eWk0sbYr77Jen6dpP2gytRMdE5txvY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b30c7a39f1-FRA
content-length: 110053

GET
H2 200 co3DmWZ8kjZuErj9Ta3do6Tppg.woff2
fonts.gstatic.com/s/sigmarone/v16/ 42 KB
42 KB 161ms
76ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sigmarone/v16/co3DmWZ8kjZuErj9Ta3do6Tppg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sigmar+One|Nunito:100,200,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39e7f97482ae0d4ab6990d049c22c207d33578cbb81a52bc6aad349f8bbd6d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shellshock.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 12:05:54 GMT
x-content-type-options: nosniff
age: 588769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43360
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 12:05:54 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 35 KB
36 KB 121ms
36ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sigmar+One|Nunito:100,200,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shellshock.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:35:11 GMT
x-content-type-options: nosniff
age: 594212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:35:11 GMT

GET
H2 200 BlueWizard-Logo-min.png
shellshock.io/img/ 47 KB
47 KB 21ms
20ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/BlueWizard-Logo-min.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f80755760a7307e17dfdcc0e9dba7d81e92a5a72dc864dc9a512199c2c4050d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2370
etag: "63ed7ce3-ba98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bByfh4BQQssBFIieKMGuscDWuMn0ufyKHdIfSuFBVlHMV9ozBCh9ouACfrB%2B58xlBQ6fX20EZmKxoW3oa7FOcqNlZr6tOQR2wGdeKmM0qexm4IpcErIPsZLYLJrxVkaqxmzAeJikvgSMppM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b35cef39f1-FRA
content-length: 47768

GET
H2 200 logo.svg
shellshock.io/img/ 14 KB
6 KB 23ms
22ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/logo.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 186dc3174ad9f21803148ff17b7bb6b3d775da8bbad831d9dd56c7d7cc32e5f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2451
etag: W/"63ed7ce6-3928"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OSZBhNO5y9mc%2BrBkaQ%2FiGbPn4JbXX82GHzz3TmwTUJFD7It54RitwF3hXK46nqME4K74VKRgtfarUQackw9Q%2BHT7n7AxIfUCotpx0WUF5GPVGNUnXNA604HI7gwqj7IHOMDtDmZ5L5z2m4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b36cf239f1-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
38ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 04 Apr 2023 06:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5611
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 04 Apr 2023 08:05:12 GMT

GET
H2 200 en.json Show response
shellshock.io/language/ 56 KB
20 KB 30ms
30ms Fetch
application/json 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/language/en.json?0.45.3
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf1b43ec28f50b5d5d69c8597cfa5da8c4b17c01be103a285fbda151e89d1d78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5961
etag: W/"6421e3c6-e1c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3wKsIJBUeAAMqdcOfEqRYxM76IcxK5eyWZpRLXroHJ9pgztbxXugEWr4QcELWIKmNKKjLbaQZIb8U%2Bf9pZd3wuj0OYzmL8ssi1Gv6%2BBTTtMw4A0frv9rPJHMcVsS%2BHhsHY6WqLsHErZj%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=14400
cf-ray: 7b27e4b45e1c39f1-FRA

GET
H2 200 771186996377132 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 19ms
18ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/771186996377132?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9fb49348506571e1cae7fe87ee3d2ab4c79b64a042ca83250ba5049445a834fb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 04 Apr 2023 07:38:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110240
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: VUhKO9m4X7RZi27ZOJ9e89LpXJjCvYLEp1SyqsHgwbRF+iS6yQEYb6/bhMNendS+iCujLAECE5piQIdpmTf1UA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
308 B 8ms
3ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fshellshock.io&pubid=53b902f9-cf9c-4605-aec3-2c8ce65042b8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 02:08:50 GMT
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 19793
x-cache: Hit from cloudfront
access-control-allow-origin: https://shellshock.io
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: r7QFNaDfTtun8sdf3YTF0pnF1pKqEWQ2qFngXJD924VcII38yQf9Dg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
7ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 21:16:12 GMT
x-amz-version-id: F_FDbbUyUmFtmAPMghF.UJjGVPnjBMtx
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 37352
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 03 Apr 2023 21:14:40 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: m6jhMOaJ2JnBnFe8zi-uxCCXHbRDMzbByomp74CMJy2Q0WGgVXjpcw==

GET
H2 200 px.gif
ad-delivery.net/ 43 B
942 B 62ms
23ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1065194
x-guploader-uploadid: ADPycduKMNA_PU7NldbV0i1WEIlPIOsjtEM86-p_9QwpPEa1_APcDlMi-VDBq92XkYRXqZed3THppS9luNffuUVYTTnlpQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlQZCumTj0DBokg1ID7mv%2FJc74Yl%2FarkjRLLuab%2FaBicQP4p90VvpmDDXTlAIXCrM5UOJlEtRa5ASVroyM6aiscp21r%2Bh%2Bv5R%2Fjs5k4LAobvDt2vmxvE3JCtfVH6NJ6UI1C7YcN9ZimwzxCUTg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7b27e4b52f933636-FRA
expires: Thu, 23 Mar 2023 00:14:54 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 131ms
35ms Image
image/x-icon 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 08:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85122
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Apr 2023 08:00:01 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
340 B 25ms
25ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.26720557554286595
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1065194
x-guploader-uploadid: ADPycduKMNA_PU7NldbV0i1WEIlPIOsjtEM86-p_9QwpPEa1_APcDlMi-VDBq92XkYRXqZed3THppS9luNffuUVYTTnlpQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7tY8QqG9eN5nHuJnhrqWrelkeZpLNcr%2FTgM%2FF1b79x2tq%2BP4DyD6AHw%2FsY0s5s4gzCMNUbWfbnDGh65jI5yLapnJ5hIgyG62CvAnobl95k8Jp%2FCPTfhH6s4lbBRwgAtMXVIvWWbRGv5DmXKhA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7b27e4b52fa03636-FRA
expires: Thu, 23 Mar 2023 00:14:54 GMT

GET
H2 200 hotjar-1519513.js Show response
static.hotjar.com/c/ 9 KB
4 KB 66ms
11ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1519513.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5MSJHJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

7c764db8675ea95c34aaead23bfc0515908851866250623a4cb8d8bfa61c0844

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 04 Apr 2023 07:38:43 GMT
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 15
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/303b79f5f428066c3616e7bd4fd6f616
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: 8vHlT4QaAInVzjqOVK4902KUOqROhFegxogNFSo4GEZBM92rSxIttg==

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/662950613/ 3 KB
2 KB 154ms
51ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/662950613/?random=1680593923437&cv=11&fst=1680593923437&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fshellshock.io%2F&label=u82gCJTLqdcBENWlj7wC&hn=www.googleadservices.com&frm=0&tiba=Shell%20Shockers%20%7C%20geometry.monster&value=0&bttype=purchase&auid=2064289493.1680593923&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5MSJHJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

01f48d4ad7e3b0f6bebcecad3355baf3903eb8a81e562d810c1f92ebf9b5e492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1593
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
243 B 50ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-79NWRZXYCB&gtm=45je3430&_p=1193205017&_gaz=1&cid=814442709.1680593924&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680593923&sct=1&seg=0&dl=https%3A%2F%2Fshellshock.io%2F&dt=Shell%20Shockers%20%7C%20geometry.monster&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-79NWRZXYCB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shellshock.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 56ms
18ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-79NWRZXYCB&cid=814442709.1680593924&gtm=45je3430&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-79NWRZXYCB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shellshock.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 126ms
46ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-79NWRZXYCB&cid=814442709.1680593924&gtm=45je3430&aip=1&z=888721383

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/ 398 KB
124 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/pubads_impl.js?cb=31073505

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d78a56b4032d865ca4c9cb5422da6dac5d900d3283db93a4c9ac0f74de42d56a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 20:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39279
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126446
x-xss-protection: 0
server: cafe
etag: 4941339907610559183
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 02 Apr 2024 20:44:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
452 B 142ms
70ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shellshock.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fb287e168fe0f0fea43cc2de689086c5318afa4b78b80f637a40b27305ec2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 427
x-xss-protection: 0
expires: Tue, 04 Apr 2023 07:38:43 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 48ms
47ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1193205017&t=pageview&_s=1&dl=https%3A%2F%2Fshellshock.io%2F&ul=en-us&de=UTF-8&dt=Shell%20Shockers%20%7C%20geometry.monster&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAIC~&jid=1244600693&gjid=1722621261&cid=814442709.1680593924&tid=UA-105800112-1&_gid=176234086.1680593924&_r=1&_slc=1&z=335409938

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shellshock.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 155ms
115ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 159ms
120ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=kPF2qW7c1d&w=5162113731919872&o=5130683165442048&cv=2.1.10-3-g4120aac&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fshellshock.io%2F&sid=E6gKjWEWz&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 04 Apr 2023 07:38:43 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 crown.svg
shellshock.io/img/kotc/ 874 B
669 B 21ms
21ms Other
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/img/kotc/crown.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/js/vue/vue.min.2.6.10.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bea97cade95d292d8d504b1581bdc255ecdc6aa0433361bcc3e95a1062f3d06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 265
etag: W/"63ed7ce6-36a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWyCI9a83uhv%2Fe8uVTr%2BVLKtZNhLNgmrl%2B5m92YBUz1cw3H1dfM0Bp5ZcLlxyGJMImf7PGnSbioSZOdA4fo2pxFxrQsXjjFGRrDS5f%2Fu9hBzfpjhjQMRjRZfBZZuFOKB92IZDb4pDRJTa%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b80a6439f1-FRA

GET
H2 200 ico_goldenEgg_callout.svg
shellshock.io/img/svg/ 1 KB
1 KB 21ms
20ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/svg/ico_goldenEgg_callout.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1732bdb70b78d23d2b8f569e11a0fa9cfbe8c97f83b4d14c6187f48a7bcfbbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Feb 2023 00:23:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6249
etag: W/"63f6b1e7-5a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otpp%2B1koGoP5rmEFTAPXx4mUsXB12qCcmZC4FrSI%2BGDOsy%2F%2FLtx%2B7IieWJfZqdBb%2Bi%2BVcJWLI4Gd0mvSXp7kaA9DUu2VNX5KGrcY9Vi6naO2sesVF%2BtbA%2FR6PXY0RPu4uRf3uxtztK7K7fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b8bb3339f1-FRA

GET
H2 200 mobile-double-eggs-for-kills.png
shellshock.io/img/events/ 34 KB
35 KB 21ms
20ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/events/mobile-double-eggs-for-kills.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df702d057a788c0510cc3c666d1a7d9e7cd40f4d10eec395f2bb5d8822fb4346

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Feb 2023 00:23:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6249
etag: "63f6b1e7-897a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmyUyfWxi%2FmSZjLOlQhZ3ZOW%2BSa7gro8XOmXrLLFrV9gzMMpCrmyPHxEHPeROTyW9nXC6a0k0LoSe2e4vcMFZ2BGB56b6ZVnCC5DKjuM%2FBXyaXY9UKNMHcmcveDiDy6NnsuQqgXKXFbSMik%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b8bb3639f1-FRA
content-length: 35194

GET
H2 200 chickLoop_sleep.svg
shellshock.io/img/chicken-nugget/ 130 KB
19 KB 25ms
24ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/chicken-nugget/chickLoop_sleep.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a776afe2912e17ecbb37612670852711fbff04ac8d55b55e8c5da2b082f47b4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2233
etag: W/"63ed7ce3-20979"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7amsFAOQxfBNUd4%2FG1r8tVLBNQt4L7thjv8b%2BhddOju4nUNbVjHKXnMH9d2u18OL6tS1QWbz9gNiC9kgJJONtQ%2F0vm5%2BIJsGpxGg3fjBrS6x4lAm68dTboh4qMtY6nM5qpU88yjb8oal%2FCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b8bb3839f1-FRA

GET
H2 200 hero-vs-monster-bar.png
shellshock.io/img/gauge-bar/ 191 KB
191 KB 22ms
21ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/gauge-bar/hero-vs-monster-bar.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a5a1cdc0e98c01e8830bd44ff290c5e538c7bf7dfd2fa5b99e5cb922c1cf5d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 265
etag: "6421e3c6-2fb67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2B2NJX3GWv1dXN5muxw99WTI2gsufM9LW4m14I9GR1TJpRUg6EQtYwNMQZ4dDNjrqiRTdPB7nv9dungEswQk0ULA6RYO%2BABziAGxOXmLgvK%2FeBMNJyO5j%2BmyxcUDRFQCYYJgLdC5whgx%2B6g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b8bb3939f1-FRA
content-length: 195431

GET
H2 200 hero-vs-monster-pointer.svg
shellshock.io/img/gauge-bar/ 65 KB
37 KB 23ms
23ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/gauge-bar/hero-vs-monster-pointer.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15d66a2c6137972d9f4038f69fa0285f02811851d7a96554b3403801416f87e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6249
etag: W/"6421e3c6-10285"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chMmpqVi3vFNOj18xILc8kUeJV%2FbGmRQ8vdf0Rp%2FvJoFRLek8hLk39sOIxdwz76klbZ2oASQx9AZnot2L39YVSdrXKoyJIkP4bLuFKRHJ0AVLkSnbJ1c3IpG6EE4zVNAYQboprEQLj5kGfg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b8bb3a39f1-FRA

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 78 KB
79 KB 13ms
12ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Origin: https://shellshock.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3392985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80148
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-13914"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPEdKzFwbeVjK3cq8M2rm4dRCG4kV25dOE1PYFUv5lJKHBWTQq3k%2FqWUrE189itpMtY9OJeCOXi%2FgX4vvbpgftH3ou6iEEHayZ4PlJRlmehtyks5w5c%2F0zHJRWP70MG8Q8eosjVC5BLebEnXW%2FITbKPa"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b27e4b8ed863603-FRA
expires: Sun, 24 Mar 2024 07:38:43 GMT

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 76 KB
76 KB 19ms
19ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Origin: https://shellshock.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:43 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2987966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77400
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-12e58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mtFTs59Rt9yaG8lBiW0N4A3ytCmRpuWGwoWydaCkqv89%2BI69Fdm%2Fy5n0XSNuhphfvv1UF1Nx7oioMQFBCkFDhxsm9he2MPH%2FKY%2BgEbDMjnW4nf%2B%2BtjxMOKTxkrDT2bxY2utKV%2Fz%2Bdta19%2BS1%2Ftyir4e7"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b27e4b8ed873603-FRA
expires: Sun, 24 Mar 2024 07:38:43 GMT

GET
H2 200 sounds.json Show response
shellshock.io/sound/ 14 KB
3 KB 25ms
19ms Fetch
application/json 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/sound/sounds.json?0.45.3
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668a309fb9b471bf698f106c018060845851d40063ffc1fdfc1802aee8d68d33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: W/"6421e3c6-3990"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQAZ1XeRTrFj72ffqQLbWgIZcVKLnJk2%2Bbkh1uV0dIGTZAA5q474RDpmU%2BjJkON5II78UvALvUOoAOtKFVabzIxHkiLRTyASvnvjtrColi5T59DWUb31wrsKfXHSfOY3ESWHRq3XLzy2cV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=14400
cf-ray: 7b27e4b98c1b39f1-FRA

GET
H2 200 blue-wizard-logo-tiny-min.png
shellshock.io/img/ 4 KB
4 KB 28ms
20ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/blue-wizard-logo-tiny-min.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5e2562f7fde7fdc20e3ac0df2a98e349b8d30a25b912f736f6c33ac917f5fbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: "63ed7ce3-1031"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qy9NOd0d3f6fq1qp7CVfZxTlvnjL%2FzukcytVVyw2xHmGD2dZ%2BE1Pi4fu7aQFgoYExbSvmjHMAgODbI1JdntM8uRvW%2FXNMdkpFJnNf%2FnUrA1%2BPixppZSeQCxYX27jkRPKvTIcNWGfr4t%2B188%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b98c2339f1-FRA
content-length: 4145

GET
H2 200 shell_E&E_good_popup.png
shellshock.io/img/gauge-bar/ 38 KB
38 KB 27ms
19ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/gauge-bar/shell_E&E_good_popup.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b00687b8ed69aac03a599a57e1790d4731b18794841e9c77aec9f4dbe8298073

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 266
etag: "6421e3c6-975e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRs0vx9L7AJEUa8R537YqdGIyJgPPQR0wm9EkztrdsEegqDn%2Ba%2BqPAHNHTN%2BfaInnGAG%2FiVfEFKh7A%2Fce9kcXBpmrymkqFNoJYQqpjN1luBtynakeHAfjeLhHu%2BPDhDEbMwtSE4T3CVQUs4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b98c2539f1-FRA
content-length: 38750

GET
H2 200 shell_E&E_evil_popup.png
shellshock.io/img/gauge-bar/ 34 KB
35 KB 33ms
26ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/gauge-bar/shell_E&E_evil_popup.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a217c24c9ae8e15f78df4ad388de9a7f1e82203eba57da769be2b3ce6929bd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: "6421e3c6-8901"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIDcSh4YR9ZJcspiQPnGqfVsDC4rgj0fkPD4ALS77AsAf4%2FJih9znZAbbn2PQXCjiPdCZBWQ11ywiS7%2FCl9s0II482l93NbhFgP0uQDslMhx5ugTI%2BnKDKGWes2pujLaPNG5KFRW3Jc9HEs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b98c2739f1-FRA
content-length: 35073

GET
H2 200 ico_goldenEgg.png
shellshock.io/img/ 2 KB
2 KB 29ms
22ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_goldenEgg.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bc493724fbc4c37c524b9bb01e40df75b7250e7e61e2424823305e301ed9d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: "63ed7ce4-638"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Izua0tx1RutTJhZm8D0hIfcExZVqQPnqh4%2B90f6KSyoOtlmtxjM37CwTYXcT8uQJBHpvatL7%2B7Ns8if%2BT8dtyh0f5r3OZq58j73w6HcgfHTSk5scH1u7Xd%2Bf3jwK9SFgfn43WWcQ4N%2BC5Cg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b98c2939f1-FRA
content-length: 1592

GET
H2 200 vip-club-popup-emblem.png
shellshock.io/img/vip-club/ 12 KB
12 KB 27ms
21ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/vip-club/vip-club-popup-emblem.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b2e2c077d8eed77b8721414493cf1d515d2ab6167f29021fb7daf88f78471e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 266
etag: "63ed7ced-2e60"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buUSHYgPtm9ZqLpw3zWI%2Bxjqlczj90Gl4EcmzjWkU9qNgfc6m3jF5ySRRYMQL4LQUpcc2LNiBw6GRQo%2Bh%2B0wffZVOGuRYotBNdxS4Kmf%2BZ%2BGR4pdyPPPZxgAlRNX7%2FNWMEsnObWs4%2BNV0H8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b98c2a39f1-FRA
content-length: 11872

GET
H2 200 ico_grenadeEmpty.png
shellshock.io/img/ 5 KB
5 KB 28ms
21ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_grenadeEmpty.png?v=1
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 833512d7323dfa598388f61ca00aa0a907c744c80490337f17407313d49fd001

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: "63ed7ce5-1340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xghhPwCPcsPuV1lU9yBLj21RpLrbrzGJjRS1bDMmTfYE9E%2BsDdF6XMlhDSe1g8Pq79KG4%2B7zihTyIimpZytcZSfmUOs%2BwXzzfICngCV%2BYowqmYIiW238XZ8PJPYYpwmmGKY4BZbT6UmLN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b98c2d39f1-FRA
content-length: 4928

GET
H2 200 hardBoiledEmpty.png
shellshock.io/img/ 4 KB
5 KB 30ms
24ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/hardBoiledEmpty.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4d021284a3c9a0aa722c49db61768a76df22a12772567e4debe0c2410a89fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2233
etag: "63ed7ce4-10f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFlmdQbs4V4Mbj5tKAY%2BWGRbBA204rawxo%2FpWlvy%2BRG%2Bf%2FZVOBT0Qio%2BC8jnksr1DSd6uLICy3BpguXkAZzMfM1QQDOqgbmjCpaGW1rybAx8awTCi7OogtSHxVM15TQ5%2BKxJwjaUbbvAu1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b98c2e39f1-FRA
content-length: 4344

GET
H2 200 hardBoiledFilled.png
shellshock.io/img/ 4 KB
4 KB 30ms
23ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/hardBoiledFilled.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a7a4d3334819d42546afef980db7d5fb63231ebe93969fad0f2d76ee9bc9951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: "63ed7ce4-100f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWCETdbJSTPeuFGW8f5%2F4cC1kaG2t6qcObLGIPmPSXu1vTSdSpGQIkiXOw0exYROWVUQmlnUDE3zsmmrIPf%2FYZgutJayMv%2ByKrRmh1fH%2F%2BQGJVZdf1e1me5WOgUz9rnLYPAr0dAZsBlttTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b98c3039f1-FRA
content-length: 4111

GET
H2 200 ico_eggBreaker.png
shellshock.io/img/ 32 KB
32 KB 29ms
22ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_eggBreaker.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7748c982c0a1b855637f9751d39be5e51194d6c635ffd17666929adbe2c6fa20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: "63ed7ce4-7e04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50S%2FyIzf4vzhxM8DGOML7JBC1E1taB4fmDcjz%2Fk5gb49LDiD5NgDk%2F%2FekIh07y0Wluqqwchd1Q%2F0j7OimcVDQb3zJTp3VmY4KlN9iPAFfuwnxVeqwxak7Y0x3ybhn8hkNgb4%2B1obCLxGOuc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b98c3239f1-FRA
content-length: 32260

GET
H2 200 spatulaIcon.png
shellshock.io/img/ 19 KB
19 KB 41ms
35ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/spatulaIcon.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f47ecaa3aa4df505f824ac81a03f970675d8e39b38134187c5d1b5402af9cd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: "63ed7ce9-4bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrd1OzO5E%2FpItv3zCrOHmUe%2BPvQ2TauZdtWp7jqG8fFfUt7HiHWWcYiUYxZePkkkqV9p0NsoJMVmnBPRVJDI7k3ZOcHH14SORSUlAKM%2FXIBArJc%2BsZo54WEa1qGuEGVkBwYhjaINuq9ld0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b9ac4239f1-FRA
content-length: 19392

GET
H2 200 egg_pack_small.png
shellshock.io/img/ 31 KB
32 KB 39ms
33ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/egg_pack_small.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c07d109d2618b2a12c1d5e2bace1a9d974b32bbd852a5f09fdf5f146a713ded4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: "63ed7ce4-7d44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXxMDFrXEJB4%2BK3X14%2FJ6dXNNIYFznQLNDJQ%2B8F%2FmxK%2BwjoZ00F9kZjrvENP6QI6uFh24BKOrqdo79fQQxVe9Yz%2B8YwV5OFwi4BzT%2BjDzkiPI10J6E8HYu%2F3gJXW9B9v97W9LxjDU2Z5S3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b9ac4339f1-FRA
content-length: 32068

GET
H2 200 ico_keyboard.svg
shellshock.io/img/ 1 KB
646 B 39ms
33ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_keyboard.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d9751aa51126a5018b63433052703ef3e228c5f713b34ef46cd3310c1f0d736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 265
etag: W/"63ed7ce5-5a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyiAH%2B%2FD56AhUFiqA1UUtW3wDIZMXDjndw2aqbOBAH51%2BoRcA7xxprZIc20PfKJpWeXYyYE9LQpzs%2BEPDEvUu5r%2B9VAEpT%2F2vOsxwCBR52afx2BCP60WjQbet%2BO73V8tn9lJRmHDZAHG0eQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b9ac4539f1-FRA

GET
H2 200 ico_mouse.svg
shellshock.io/img/ 723 B
790 B 38ms
32ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_mouse.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c1ec3a17b70fd364702b74bc20cba6bc9f9ccdb89a87c75828f5bddf65f18d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: W/"63ed7ce5-2d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPyuSSS8UdtKgNcmXoBxJLz%2F89a%2BGNeWnLIMREyHPk8rdEDXSsPc3sonDFtAHZcfSsBjTeR3OjR%2FmisOwXVP6SgttKDzXUBcemxqCyYXTKomrpOeNyKGIM2kABERMmNfJWtrEN127VGF2Xw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b9ac4639f1-FRA

GET
H2 200 ico_gamepad.svg
shellshock.io/img/ 2 KB
1 KB 41ms
35ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_gamepad.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d0ddf66aa6bd54b388f0283cc65ba224d660af6f92525e47bb74a35813ab43e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: W/"63ed7ce4-80c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWon1d39iIGYZadk2F13ppxvuyVyf2lzMYgz7KwWPjOSpDN2kYmuGUSjm%2BtZ1zr4qMi%2BfpliHvwwuCiDzMBsgRAw1YmISia2iuWyqwb4Jfw9altQNoTCzWkjmF5BSz6HnouVNIQSWDsCeDs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b9ac4839f1-FRA

GET
H2 200 ico_monitor.svg
shellshock.io/img/ 598 B
650 B 42ms
36ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_monitor.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe964bd56c9b38868eb7572a38984a4e358d96bdab15a87b6be1bfe4f2a9d43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 265
etag: W/"63ed7ce5-256"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eY5GEYkr9HrIPKKtIdySFFk96Lt7u7%2B1BNTOWL0OKvYwRzkG1LYxB%2FQ37AxgiskVLw9lA5WwVp6gdbESak9eGvaE3fQZPPztvJtyiejoaJcOP%2B9L%2F8JWILIHqrf7369u0RFONaObV5wSA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b9ac4a39f1-FRA

GET
H2 200 ico_speaker.svg
shellshock.io/img/ 1 KB
1 KB 41ms
36ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_speaker.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b4fd36123c14417d71cbc5521b24e45cb4cd06069695f807a8e56f49c1f1379

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 265
etag: W/"63ed7ce5-57b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWr2AL1HGQIkyK8tlKgZe82XZRzbn55jhxfeG5g7LHJGo0WgNXfQgv1uaGvt2WOAoxCe%2FWXJUgf%2BKI50kedCdRWbGu1XbyMjftlCtrgv2w9%2Br%2BHZ5dUNcZk5k4qfspAGcOkmLkUb5prCXUg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b9ac4b39f1-FRA

GET
H2 200 ico_privacy.svg
shellshock.io/img/ 1 KB
960 B 39ms
34ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_privacy.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25cb52e9f970e689a29564b8727a93e10c31a723f707221a08e2bc343b450bc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3991
etag: W/"63ed7ce5-4fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nfl0rZcV1iwmOAg9aF1B0calng8GGGWFeXhElK9A%2F3TnTmAkKm%2BXHNY%2BNWR3mjFnbhxejMeQm4n63Dn7SvjqGU4RlbKpzuVmT9DTSIrKE2mmSBdxkTDOezh6Ul76TAS4X2UQzCG9Dg1e9Lo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b9ac4c39f1-FRA

GET
H2 200 very-important-poultry.png
shellshock.io/img/vip-club/ 4 KB
5 KB 45ms
40ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/vip-club/very-important-poultry.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 794e2e3d154a35b23045dc4a054775cff072da54289cc5d8f9ab9048c04bf939

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: "63ed7ced-10ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FkLTcWpBBn9jLGCfU1yTY%2Bt9wkdY0iglPUclbdAi1Vofe%2FekVb3LgERKqsAAS6tKYN11dw6jVXp6Pz%2B0jOhmlGriXYXdq5qi14YsT%2FOixYbRTxcr4DTaIFeLsfdXAD4FSgMUcg9oxvOSaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b9ac4e39f1-FRA
content-length: 4302

GET
H2 200 rickroll.gif
shellshock.io/img/ 2 MB
2 MB 42ms
37ms Image
image/gif 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/rickroll.gif
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1ab144efb12def335355d06e7da59e797903ff70478f61102b4f7c41ca49f9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: "63ed7ce8-22b59d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsH6K7iOJnUPTW3JIdL1bw8RXTkBP3Y3pfcA2wOsatxAjByHaCxGjDewfaiR%2FkB%2FBq6%2F7DuQ5832Njg0Hio88s1lyrTfP4hp4SpfcqIrIv1fMI7EN8QERX6xrQGXTxvtBnIiqBnovMUzxDY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b9ac5039f1-FRA
content-length: 2274717

GET
H2 200 eggOrg_timeTravel_splash800x600-min.png
shellshock.io/img/egg-org/ 215 KB
215 KB 47ms
43ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/egg-org/eggOrg_timeTravel_splash800x600-min.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a9064f74f737966bf0fb51493c888362ecd57089e100798b6c6f3f6ac5e3873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: "63ed7ce3-35bb5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doiOHVoZCw89etPvlOH3tWy%2FQ%2Fq0lUWiGyUpt4Bvwpf3OYlLc7BewlfQh%2Fgl0ajA2HUt%2BcnUaUDfJo9kqpd5b1WUgyxWSJuytQAfteZUsZIurpTkkpJaIlAHn4ZQ4DvFh8mSExMxY%2FIoK3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b9ac5139f1-FRA
content-length: 220085

GET
H2 200 Egg00.svg
shellshock.io/img/incentivized-mini-game/svg/ 2 KB
1 KB 46ms
41ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/incentivized-mini-game/svg/Egg00.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2d8a41675755d939804e3e363decdb7277191065873eee7ffaae995d9bd0e96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: W/"63ed7ce6-7d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2IXeWHBNLtkXf2KReWlV%2BujRtSLjK87%2F%2BaqyKzJVXBbv3ZZuWnOfr44gW7tbnWIyoykSkdL9LmpcHoMHwTPf4Tdyt84oUY3tcVvFm8zSSrla3%2BhaXdhy1t5M7KM7JcFPdhBI7QU5knGnRc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b9ac5239f1-FRA

GET
H2 200 chickLoop_daily_limit.svg
shellshock.io/img/chicken-nugget/ 31 KB
9 KB 47ms
42ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/chicken-nugget/chickLoop_daily_limit.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ad111f524ff10be86c8a370f961a57c4930f78cdc09ee55257addf45d1ee78a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 266
etag: W/"63ed7ce3-7c4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTCU98rzZgqTFrQmskx%2BHMRkjdMmAk9sS7vbADSJ%2BwKd%2FO7uTe0y1ZXa9RjUsOsNYU8hPe8UmU5oazIJHsTi0XJUKnC3pj3Nh%2Fjr47tJT%2BVlxz2xTQXc1RPSZNVaeRscoofoJYZQX2cpJZg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b9ac5339f1-FRA

GET
H2 200 favicon192.png
shellshock.io/ 15 KB
15 KB 49ms
45ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/favicon192.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6be857b91742850113f3609e1c7b445f52b2eefad82f51a45eee5f29e159381

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3991
etag: "63ed7ce3-3bf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3uu5QohLtjXICcbWHJsnLgqVy70R5K6jDH6KXpR0Z7Nt7iv4V9xJAMP2kahfTenLx7iRErjHFE6G%2B6iY3LyFc8FsgfMnMkGFpcQ0n6t3vbsD4YmS85tom8vFpYHz7WFoTz3fXHhSPHTF%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b9ac5639f1-FRA
content-length: 15352

GET
H2 200 shellshockers-unite-lg.png
shellshock.io/img/ 564 KB
565 KB 44ms
40ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/shellshockers-unite-lg.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c21c94b172942d124a1633b6410fc7c946878918276cf0d9dcb313e964ec477

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: "63ed7ce8-8d045"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JubafXmtWVpqS5EBaNZ7i%2Fcul82oQ3Yzybpc0rLc4Ifh35ueQlGYQe1mbC0AfxxNDeBgrjZIwMMvmPzyhN7k3E8tZlBGCD5k5nEEOlf%2B%2BugrAP6RoW%2BchoIB7luYy6hf%2BljIS5jam4yVTWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b9ac5739f1-FRA
content-length: 577605

GET
H2 200 shell-mobile-popup-bg-qr.png
shellshock.io/img/events/ 208 KB
208 KB 44ms
40ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/events/shell-mobile-popup-bg-qr.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e42c3388877fffd8ed5ecb5a92eb2b2f7a374a89112f60cf306ddbbc7447a894

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: "6421e3c6-33fc6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gG8HdFwdDVN%2FzhojQpxlxJMMluTII4enpr952uJN1qbVrjQBtfAiorld8Nnq3QOr5ypce6jnvExC4qz3fcSpqpIYj3hCP6sXnDeWmgK%2FeImvUrjDo0u7D2S%2BpvoTKJwpO6RWaVsgWlZ3ucs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b9ac5839f1-FRA
content-length: 212934

GET
H2 200 kotc-wordmark.svg
shellshock.io/img/kotc/ 42 KB
15 KB 56ms
53ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/kotc/kotc-wordmark.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e20387329d37cd605e35c3513e9025cc8a029c24321b1f2946837bb101c2654

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: W/"63ed7ce6-a802"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsj%2Bpy0wZnI2imUC6quGKKo0GEG2Dcr7fiCvtvJbombezojLE0Rhoj%2Bq7KN2N0FvXKlYemOeGyDSmI5CLsUQL2kvy7TmIBMsQkI86Ui9LkyIt%2FFAmdhpAG6Cr4qEiRend6rHkrk7PbaO9LE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b9ac5a39f1-FRA

GET
H2 200 kotc-arrow.svg
shellshock.io/img/kotc/ 2 KB
1 KB 43ms
39ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/kotc/kotc-arrow.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72a928b4ea4c4e420dfd86e2c1c03608f6ecd18e5ce7c495d3d44e5228db3b19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: W/"63ed7ce6-89b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75w1BfgMlf6HhsgnUiHHDNZ6Qk6k9QyC8eCUG420%2FOlQ0cP8TlVEaLp6wwYW%2BXFxdMsZlZw639IpgU1JikPXJ%2BAi1AM2OAzI17q7CE41Qql3rJK6jGcaKZ6fmh5KEu7OBl80EHtw3HEqwHI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b9ac5b39f1-FRA

GET
H2 200 kotc-rooster.svg
shellshock.io/img/kotc/ 36 KB
16 KB 49ms
46ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/kotc/kotc-rooster.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0da93c421ca12d7c35660be31634b957c0985b922d6922ab8c85ce9382e0a885

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 266
etag: W/"63ed7ce6-9183"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KA0oKtuM4CwSBvX0E%2BYXK2fUXl9ANgQyZbXx3PC%2FEglXCOa6zBC96%2FTjJz6IG7rNdLEeyNcp%2FKZMrc%2FmMAbIGmpm7q%2FibBwGbGhk5jPbA1llwsZ4u%2FJVyrJdYu5yqe1RHQLt1aaObw6sYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b9ac5c39f1-FRA

GET
H2 200 kotc-crown.svg
shellshock.io/img/kotc/ 759 B
748 B 51ms
47ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/kotc/kotc-crown.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0746d96fa606597d2e7152e2df6f261b4792fa59239a78bb15782779b66ebe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 265
etag: W/"63ed7ce6-2f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIaHGv9idUBjFnL2VonEkFP5tC2rGdpVI6AxmnxPs3aQ5ROS3LKEAaBIdgRkrZIx6hdXmDX9G4v%2BiBL9tW5cPUzW40y61NtIF6gtPlM0Bh3nfLpSh2WHIC59WYKHzp%2BiNPKZZLft7RWjuZE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e4b9ac5d39f1-FRA

GET
H2 200 scavenger-800x600.png
shellshock.io/img/ 203 KB
204 KB 58ms
55ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/scavenger-800x600.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c2205593272633bfa6b25210a30b78e85a535f08ae47133968b9b53d4dd0af6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 266
etag: "63ed7ce8-32c30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xsw%2F3L8%2BEtEAhg7Dzk8zRC8QK8B7wM3qAtg0it5Jh3KddYnNoKr3Tq6w63OuCfc%2BDZc1uPRQeUunjNLReMPe6NLUpuoWEeXSFDEQe5PK5uprjLTQzDIu6TdXsTwcDmAS5nIUJTKkmUH2Nxw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4b9ac5e39f1-FRA
content-length: 207920

GET
H2 200 stamps.png
shellshock.io/img/ 4 MB
4 MB 20ms
20ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/stamps.png?v=0.45.3
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 907bf3d289d6fd66e4a8a6db2a5525db13a9a0d2afd8f8c9509cad67afa93258

Request headers

Referer: https://shellshock.io/
Origin: https://shellshock.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2317
etag: "6421e3c6-440af1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5lE5SomXiAgb9Tepjbj9aqwUdy3seoAAzxJa3UdeHBpqRKyLq3kPfZZfQxSm6AXdOcleupSgKodHBX12c11Z%2BkMXGVkPE83Lg6fQAl3pLp8Ts%2FZOV5lwDXk%2B88CH2y0GEuzFna0nWaPRj8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4ba8d5639f1-FRA
content-length: 4459249

GET
H3 200 446896919250308 Show response
connect.facebook.net/signals/config/ 379 KB
108 KB 71ms
71ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/446896919250308?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df77dfa7cc025d9c7b2f0409b18ca04f0078b42f1d6d3e9419cc44f2e602d3d9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 04 Apr 2023 07:38:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110635
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: JxbnVfW1P+9tnuIF0asBMEVyBVzOkBYz8CIjTlheD4gAAScrHSbJGsKzYT87z30WmZx4jKHzVcHnBLKo8vUqWw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 29ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=771186996377132&ev=PageView&dl=https%3A%2F%2Fshellshock.io%2F&rl=&if=false&ts=1680593924301&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680593924300.1949447640&it=1680593923264&coo=false&rqm=GET

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Apr 2023 07:38:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 modules.1e98293c16a88afdf1b7.js Show response
script.hotjar.com/ 264 KB
68 KB 35ms
8ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.1e98293c16a88afdf1b7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1519513.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

ffff0fc34709b98f45dabec8ba97979b20603c20722afb3714bd705498412943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 14:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 61177
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69013
last-modified: Mon, 03 Apr 2023 14:38:27 GMT
etag: "5bc14a2e605f41bce39f438a5b3b8df2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: cVvvU9j-ThsHK_QYQYK4R8jxdrwZNILI-6oQGSSoB2j3ltT9sSDwcQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 20ms
18ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-105800112-1&cid=814442709.1680593924&jid=1244600693&gjid=1722621261&_gid=176234086.1680593924&_u=IADAAEAAAAAAACAAIC~&z=663557398

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Apr 2023 07:38:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shellshock.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/662950613/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/662950613/?random=1300546616&cv=11&fst=1680593923437&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fshel...
https://www.google.com/pagead/1p-conversion/662950613/?random=1300546616&cv=11&fst=1680593923437&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fshellshock.io%2F&label=u8...
https://www.google.de/pagead/1p-conversion/662950613/?random=1300546616&cv=11&fst=1680593923437&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fshellshock.io%2F&label=u82...

42 B
64 B

67ms
66ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/662950613/?random=1300546616&cv=11&fst=1680593923437&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fshellshock.io%2F&label=u82gCJTLqdcBENWlj7wC&hn=www.googleadservices.com&frm=0&tiba=Shell%20Shockers%20%7C%20geometry.monster&value=0&auid=2064289493.1680593923&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEpXdm9RWVFpX3kzMXN6MXBJaVdBUkltQUcwa3hiTnVhdml4MXJlaU9fVENpN182dTdBMlItLUJjaEJVZUlEMHJ6SE50aGtweU00GlhDaEFJOEpXdm9RWVE3ZmpFanVXUGpkUUhFaTRBX0U4d3NqZTRGVlhVM29kSWEyQWZOamN2R0ItTUJ2QVBld2lQcWNOeWdLci0tU1J5LUZDTHlwRmZMVURy&is_vtc=1&ocp_id=A9QrZOHFIoWCmLAP7tqq6AQ&eitems=ChAI8JWvoQYQjc7oxoOq0_VJEh0A2nnackIFEKEx-1bXqv0X9jz4ruoqATLaWWRpqw&random=1809020617&ipr=y&prhg=0

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/662950613/?random=1300546616&cv=11&fst=1680593923437&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fshellshock.io%2F&label=u82gCJTLqdcBENWlj7wC&hn=www.googleadservices.com&frm=0&tiba=Shell%20Shockers%20%7C%20geometry.monster&value=0&auid=2064289493.1680593923&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEpXdm9RWVFpX3kzMXN6MXBJaVdBUkltQUcwa3hiTnVhdml4MXJlaU9fVENpN182dTdBMlItLUJjaEJVZUlEMHJ6SE50aGtweU00GlhDaEFJOEpXdm9RWVE3ZmpFanVXUGpkUUhFaTRBX0U4d3NqZTRGVlhVM29kSWEyQWZOamN2R0ItTUJ2QVBld2lQcWNOeWdLci0tU1J5LUZDTHlwRmZMVURy&is_vtc=1&ocp_id=A9QrZOHFIoWCmLAP7tqq6AQ&eitems=ChAI8JWvoQYQjc7oxoOq0_VJEh0A2nnackIFEKEx-1bXqv0X9jz4ruoqATLaWWRpqw&random=1809020617&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 128ms
48ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-105800112-1&cid=814442709.1680593924&jid=1244600693&_u=IADAAEAAAAAAACAAIC~&z=1064189436

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 48ms
42ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-105800112-1&cid=814442709.1680593924&jid=1244600693&_u=IADAAEAAAAAAACAAIC~&z=1064189436

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=446896919250308&ev=PageView&dl=https%3A%2F%2Fshellshock.io%2F&rl=&if=false&ts=1680593924522&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%222582973591989166%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22912958489079654%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&fbp=fb.1.1680593924300.1949447640&it=1680593923264&coo=false&rqm=GET

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Apr 2023 07:38:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sounds.webm Show response
shellshock.io/sound/ 2 MB
2 MB 20ms
19ms XHR
video/webm 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/sound/sounds.webm?0.45.3
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28991dcc95ca25a24db2ba9e83a04e7e23620f17c3037fa13db9976d16dfe15a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:44 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6250
etag: "6421e3c6-26db33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqr9K%2Fi5NhuvK7luDn7qz35Nbf2GWVbPYhX8%2FaIDI%2FuMwz3LvrxWVDZa5cnVpoIr%2BZph0HrARSgevP%2BAM%2FgOgDvfQsgWIzEAZ4kzPTxQhiw9vp6M1QshtnEccA74JZyW0BbHVuo3GkZGcBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/webm
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4bc7f8539f1-FRA
content-length: 2546483

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 7ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=771186996377132&ev=Microdata&dl=https%3A%2F%2Fshellshock.io%2F&rl=&if=false&ts=1680593924902&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Shell%20Shockers%20%7C%20geometry.monster%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.shellshock.io%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%3Awidth%22%3A%221000%22%2C%22og%3Aimage%3Aheight%22%3A%22500%22%2C%22og%3Aimage%22%3A%5B%22https%3A%2F%2Fwww.shellshock.io%2Fimg%2FpreviewImage_shellShockers.jpg%22%2C%22https%3A%2F%2Fwww.shellshock.io%2Fimg%2FpreviewImage_shellShockers.jpg%22%5D%2C%22og%3Atitle%22%3A%22Shell%20Shockers%20%7C%20by%20Blue%20Wizard%20Digital%22%2C%22og%3Adescription%22%3A%22The%20OFFICIAL%20home%20of%20Shell%20Shockers%2C%20the%20world%27s%20most%20advanced%20egg-based%20multiplayer%20shooter!%20It%27s%20like%20your%20favorite%20battlefield%20game%2C%20but...with%20eggs.%20URL%20Blocked%3F%20Try%20geometry.monster%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680593924300.1949447640&it=1680593923264&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Apr 2023 07:38:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=446896919250308&ev=Microdata&dl=https%3A%2F%2Fshellshock.io%2F&rl=&if=false&ts=1680593925024&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Shell%20Shockers%20%7C%20geometry.monster%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.shellshock.io%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%3Awidth%22%3A%221000%22%2C%22og%3Aimage%3Aheight%22%3A%22500%22%2C%22og%3Aimage%22%3A%5B%22https%3A%2F%2Fwww.shellshock.io%2Fimg%2FpreviewImage_shellShockers.jpg%22%2C%22https%3A%2F%2Fwww.shellshock.io%2Fimg%2FpreviewImage_shellShockers.jpg%22%5D%2C%22og%3Atitle%22%3A%22Shell%20Shockers%20%7C%20by%20Blue%20Wizard%20Digital%22%2C%22og%3Adescription%22%3A%22The%20OFFICIAL%20home%20of%20Shell%20Shockers%2C%20the%20world%27s%20most%20advanced%20egg-based%20multiplayer%20shooter!%20It%27s%20like%20your%20favorite%20battlefield%20game%2C%20but...with%20eggs.%20URL%20Blocked%3F%20Try%20geometry.monster%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680593924300.1949447640&it=1680593923264&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Apr 2023 07:38:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 204 rum Show response
shellshock.io/cdn-cgi/ 0
203 B 32ms
31ms XHR
text/plain 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shellshock.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Tue, 04 Apr 2023 07:38:45 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://shellshock.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7b27e4bfbb3f39f1-FRA

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
37ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1193205017&t=timing&_s=2&dl=https%3A%2F%2Fshellshock.io%2F&ul=en-us&de=UTF-8&dt=Shell%20Shockers%20%7C%20geometry.monster&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2610&pdt=27&dns=0&rrt=237&srt=27&tcp=33&dit=644&clt=646&_gbt=1160&_u=YADAAEABAAAAACAAIC~&jid=&gjid=&cid=814442709.1680593924&tid=UA-105800112-1&_gid=176234086.1680593924&z=824265529

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48813
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 egg.babylon.manifest Show response
shellshock.io/models/ 89 B
404 B 324ms
320ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/egg.babylon.manifest?1680593925535
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53ee67151fb8d76e53b63fca5db9aaff0eb74034560c269123725e0160e4b023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:45 GMT
cf-cache-status: MISS
last-modified: Mon, 03 Apr 2023 19:03:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "642b2319-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSfq7jIcIXJ9w%2B7pYJjJox822hZb5x79jWB0q9VNMTtUZRNeEN%2Fvv01mqVKdIC%2Bf1HdPIT4Ta0pJ6lr74tf2wJ4u7xTWFFZl0Nind%2Fn8yc28ulEu13s8eRcqtG3T4dCKZ6AK987%2BA03NLfM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4c2aea339f1-FRA
content-length: 89

GET
H2 200 gun_eggk47.babylon.manifest Show response
shellshock.io/models/ 89 B
413 B 334ms
329ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_eggk47.babylon.manifest?1680593925536
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c84b6ed7f29121bf3c2673c60bd88972f6e2e41efeb80a47a813bb44f89ae60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:45 GMT
cf-cache-status: MISS
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6421e3c6-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7DXUA61PGmH0pIAsvtCWtz%2Bxm%2F2uzLjDoMIuJjok%2B3J6tF4NVB5ea%2Fjs8wIFDr3qrxU%2Bs%2BOZoWKwfO5c5QHbmOxAniZYJ%2Bf%2B9w2uVaXEZrALZQrieZfPeVhb6aiTVpI9%2Fy5KbAbWxtE%2BWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4c2aea439f1-FRA
content-length: 89

GET
H2 200 gun_csg1.babylon.manifest Show response
shellshock.io/models/ 89 B
369 B 376ms
371ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_csg1.babylon.manifest?1680593925536
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2297085689ed504d87c55db7ed4cc3f43189f3da67518519e4f8c553c2d0b7e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:45 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Feb 2023 00:23:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f6b1e7-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOyJQX%2BD9ma9ZAfQO9986esm9oQRzOqV%2BYBi0R0EykDId855EkwGgDgCfxKoOm0%2FQQpsJDLtc40W12hqhL%2F8vJOrdxQp5DhniCMCM1peAoY5YPxX4HlCloWdekjoAz3V3hoBxmlp%2BSzkrio%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4c2aea839f1-FRA
content-length: 89

GET
H2 200 gun_cluck9mm.babylon.manifest Show response
shellshock.io/models/ 89 B
488 B 334ms
330ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_cluck9mm.babylon.manifest?1680593925536
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adadf863dbc48be3d88face5c5e49a463bab5254d4607768737caa76936dc35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:45 GMT
cf-cache-status: MISS
last-modified: Thu, 16 Mar 2023 22:15:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64139510-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lr%2FHRoYRCMV0zogqsAoIHtw5Z7ctr9%2B2ETdBLGfACuB8p%2BEqQabcTg692VH7tqAf6l2XsXdwqcoEc96woZt%2Bn3P1XTR6%2FU9HRYXi2mjkd7bfMEC9qor05WGeKzcd9GhAyjnqM8nJWtF5BCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4c2aea939f1-FRA
content-length: 89

GET
H2 200 gun_dozenGauge.babylon.manifest Show response
shellshock.io/models/ 89 B
374 B 374ms
371ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_dozenGauge.babylon.manifest?1680593925536
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a188f2d82f7e236acc21dc4d085f2657e31cbd4f74a7c7555b029d809a8effa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:45 GMT
cf-cache-status: MISS
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6421e3c6-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMVOqKu1mw43FhdPXiI3UqqPgTa1qiFCkh35Fq53DqEkRgCYg%2B6ZyGsN7sFMlefiw8HHedUAMHx%2Bg2J1IJO2aG8WRqv2RS%2F3jh6g7MZK%2BCh4%2B8rBeeJ%2B%2FTPuJMntvNSe6se%2ForOwPmP2QbU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4c2aeab39f1-FRA
content-length: 89

GET
H2 200 gun_rpegg.babylon.manifest Show response
shellshock.io/models/ 89 B
364 B 327ms
324ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_rpegg.babylon.manifest?1680593925537
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1626b155e582813f14d29cc99c252b15c887e1a4998d24df4cb4115f8f2cfa41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:45 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Feb 2023 00:23:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f6b1e7-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJkyGQW1TMYh3bK8p2DkFyCd8W3W1Tum6wt1Wc7GPFnW8iSwzmmNyRq5j1KHhscpUtlf9B7tWg3XouY2tPcrOaInx73iVt8THY5THEEW58hJtKfHP4Q%2BQx9aCEHrjfWMykhN5wbIEhbFBmM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4c2aeac39f1-FRA
content-length: 89

GET
H2 200 gun_smg.babylon.manifest Show response
shellshock.io/models/ 89 B
424 B 337ms
333ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_smg.babylon.manifest?1680593925537
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 816266da52081c578190462a0f47ac6590fb5703ccf0b0a3e94f99d280e17e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:45 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Mar 2023 18:14:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6410b980-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PXbSBQ23JEhors5HSdulSwFKZDss4rIDg6n8CUPaIrpvxTsP%2BGvKxXIhwLOIFJ6xaklMRfr%2FiEFzz0b9VsLKw2t5KjDd8eyD4EOh7eYV6z4GZ2MyAkgb5kuG5H7zhDetCNDnHws9R3fPig%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4c2aeaf39f1-FRA
content-length: 89

GET
H2 200 gun_m24.babylon.manifest Show response
shellshock.io/models/ 89 B
405 B 325ms
322ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_m24.babylon.manifest?1680593925537
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b7a3185964233a0e1e68612cc1cc306041f8bb1300b4eaf74905e0be36daa40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:45 GMT
cf-cache-status: MISS
last-modified: Fri, 24 Feb 2023 23:59:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f94f4c-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyckSQHqPqD9%2Fpq42aQcKirwBfQ4a02Lyn7LiL7MYOmPiHpdEV0TI4cBxTOI7KpE8lthobqaVjEmjYpbzOjIgP1ScTN%2B4lEY0Nos09pCiTEXxHNK8X8ajnY1B474pxDJDlIW%2BNd%2BS%2BuCv6g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4c2aeb139f1-FRA
content-length: 89

GET
H2 200 gun_aug.babylon.manifest Show response
shellshock.io/models/ 89 B
407 B 367ms
364ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_aug.babylon.manifest?1680593925537
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66d3679dbe3b988e5bcf3f96368c199d50c2af9b0269956f50efe12c4a2c3a41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:45 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Feb 2023 00:23:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f6b1e7-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUrKaMpPBJaLKIZlvoZO9d9FtwBj%2FXV%2B8bhbOfr4XMpPTrBuHZqmpFiFgfTupEXcKZw4%2FvINPIsSb8mF3uhP3O7kyZEPA78FhcUYYiUSPoBuJWfOafSOndjCa08JnJCUeDxTvIEVRm6a86A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4c2aeb339f1-FRA
content-length: 89

GET
H2 200 munitions.babylon.manifest Show response
shellshock.io/models/ 89 B
427 B 131ms
128ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/munitions.babylon.manifest?1680593925537
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0df9c65c036f8e23b0e7997a449d11d16d51888359793fb92a1e057d51771c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:45 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Feb 2023 00:23:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f6b1e7-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bQNq1a81ujOW5kquEzemFl8dK2bjMLH0ez5t1omkau2uMb0yU2hfjYYx0rQfuRZcfIPeU0FYauWJH2%2FdxXtMRDDgt62IeTqGwzJXdOSxWKNiaixE4BTQ0p1kC8NIPkAfQX0sCy915rsSBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4c2aeb439f1-FRA
content-length: 89

GET
H2 200 muzzleFlash.babylon.manifest Show response
shellshock.io/models/ 80 B
397 B 151ms
149ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/muzzleFlash.babylon.manifest?1680593925537
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90792953bb57a85dfaaa6f6f736b3a111d03288d5928f77a546264258d02a0f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:45 GMT
cf-cache-status: MISS
last-modified: Thu, 16 Feb 2023 00:46:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63ed7cf1-50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAVeuyEexrT9O9wpCSX4fs%2B971OFgI%2FsJVPU3NbdLKrgSlcspaXANEtK8faXY82nvdmd1W4pVpcvLQPzG%2BDR8203e8h0rJ%2BMUqaNXAgnJsOxpP3l0KGIfvaPqbuFLRtHnmSpVQF8Kf7T4OY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4c2bec539f1-FRA
content-length: 80

GET
H2 200 items.babylon.manifest Show response
shellshock.io/models/ 89 B
404 B 386ms
383ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/items.babylon.manifest?1680593925538
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd174f1c6dd7184fbd801146d2b8d082905bcd936b48a6b82a3089e341092179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:45 GMT
cf-cache-status: MISS
last-modified: Thu, 16 Feb 2023 00:46:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63ed7cf0-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xpusv5lWpaPvCldCoHHy%2FJ3ahdBH1cKVx4uAYSeGi8yNoMytZyZffChGq5%2Fm3rpY%2FquswVhIs2qRwTlkDQTWz8gtAIh49nMgra4Tl6TVKcUXi8FV9PY0SPgte%2Fkw8jZCEvKRCJsi7ELzUTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4c2bec739f1-FRA
content-length: 89

GET
H2 200 reticle.babylon.manifest Show response
shellshock.io/models/ 80 B
400 B 378ms
375ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/reticle.babylon.manifest?1680593925538
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90792953bb57a85dfaaa6f6f736b3a111d03288d5928f77a546264258d02a0f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:45 GMT
cf-cache-status: MISS
last-modified: Thu, 16 Feb 2023 00:46:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63ed7cf1-50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7Nizhp8%2FjwtqoUwqXTwEVCgSQ%2FhGK8eQGaoTezAUa1rQDo4Ld6GxfiY6N%2FeSf%2BG9e3DdNg98kApZ1YKrBYcvN9Un67Yb7nVGekgOSMmF1gTz7DJ%2FBhwehZ8DSrT%2BctVYGjDRIH3ednbjRk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4c2bec939f1-FRA
content-length: 80

GET
H2 200 melee.babylon.manifest Show response
shellshock.io/models/ 93 B
456 B 353ms
351ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/melee.babylon.manifest?1680593925538
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e57842129693ef305179c4878b75f61addb7f5f38fdaec61bca28d7fa1a9057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:45 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Mar 2023 19:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6410c9f3-5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmFo0i6EF%2F3JZuNoyoOUWRaRessqicy%2F%2Bn7aDzHDWiPEBt75SXmvbrEoG5xXPQAjBwr0O6whBBHpGe5WV9gC5I6W7Uw%2Fhyy92B0A5s7zQJwI8M%2Fh%2B%2BO%2FNFuLvEFhUgvosh%2Ff%2BEO7d%2B16FrA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4c2beca39f1-FRA
content-length: 93

GET
H2 200 munitions.babylon Show response
shellshock.io/models/ 2 MB
421 KB 596ms
595ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/munitions.babylon?1680593925674
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21342b4ec946343a72b5ff3456369f2846966da8c400c3aaa2d9cc79ebe63e10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 23 Feb 2023 00:23:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f6b1e7-23cf85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IKHkuHXEYXpIbkGwJba0Mfu1BocYebxlrI2i%2B8F%2FOpJjZvdiZrBC%2Fm%2BPQfzh4F8ix4Ui1OdTRsh8t9VzuLGM7Cvz1UOBBFsabPCKv6L4pwJ0UFxKF%2B1hhqghT63Oq7nlPJWERFHg69Mz8c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
cf-ray: 7b27e4c37f9239f1-FRA

GET
H2 200 muzzleFlash.babylon Show response
shellshock.io/models/ 3 KB
1 KB 366ms
365ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/muzzleFlash.babylon?1680593925691
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6982f7c46f20c0ffc1974c08d6804c4425f93002f4aae3f5efc069dbbcbc688

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 16 Feb 2023 00:46:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63ed7cf1-a0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfu8AfaAJ0tLRDr9yRY2Q4P8adT12gCrEaxHO4qa1O5%2Bik4Grcmm27UISWOciuNfma0fvmuyy%2FxdMUYh%2F4yqUO32RBdGQifpE2h%2FK1RLvVibFLFtbvZUo0k9YgfUT2WflKKPX8A%2B2%2F75i9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
cf-ray: 7b27e4c39fa839f1-FRA

GET
H2 200 egg.babylon
shellshock.io/models/ 12 MB
2 MB 532ms
532ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/egg.babylon?1680593925862
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 29 Mar 2023 18:42:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6424869b-c1fb6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKeWD0L0WNF78TXLQPWO41twWl7gkX4X1%2B3bHyVZGy%2FRY989jxsvNp0srXglHseUhP6ovRzTOm98zn8LjSu59sX%2FqdZM9KINT6RQfUELPHTkGYX44k5dw9wxbViUxcGlwzgkhNt%2FS6b9pGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
cf-ray: 7b27e4c4a8f439f1-FRA

GET
H2 200 gun_m24.babylon Show response
shellshock.io/models/ 6 MB
951 KB 298ms
298ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_m24.babylon?1680593925867
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c0aef02b0cbd10e7e5c83192e8760b43714dcd85ead1d38044abcc2c5f58bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 24 Feb 2023 23:59:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f94f4c-661c96"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T46MQxxq70sPXiNsDoUnBSPz52aB8qyDyRA0IMNdNOGDSqjad8hfOk3zQNSFCBe3CZJu1YX9GxTLHZt28vSt3GcphNsedT3FZixeV85VjdZUMccUQYD8ajv31nEJ5i%2FUKQ3LkyFbkCCGnsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
cf-ray: 7b27e4c4b90239f1-FRA

GET
H2 200 gun_rpegg.babylon Show response
shellshock.io/models/ 6 MB
952 KB 352ms
352ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_rpegg.babylon?1680593925868
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9d23d2e1b821d93a251568000e5ff4223d39fdd60bcb49fbdb86fa44110436e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 23 Feb 2023 00:23:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f6b1e7-637033"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCJKP4mGyIJ5eC0GCdhcdyggJwVQ%2Bg9bnH4w%2FZnJGyoAo0yLp9H8rjjl9tGiDSj6%2BhobB4%2F40lhKiN1qU9YGtLNOeyYnmR09nghm50G2AHGppjwVgrOxlwWU%2BgQo1ERsKbBe09bBNwflBd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
cf-ray: 7b27e4c4b90839f1-FRA

GET
H2 200 gun_eggk47.babylon Show response
shellshock.io/models/ 6 MB
969 KB 601ms
601ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_eggk47.babylon?1680593925880
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 815ef44d3a4af26de206885362b00e518b0ac6b61f9ef24156a70adf1a93e5f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6421e3c6-6455d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvKOUHq%2BDI%2F7Zgy3ZetDfAeQct5%2BQYmhUD5kFeIhFu%2BOaQTzNp6xQz3XcPMF4I40reGldHQx08kNlbEjV%2B2S5zxUQRAVDKS50YMgt9r5gwrjfSllbNBiDqs9PHt912b5OO%2Bmpxi1KPMqbmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
cf-ray: 7b27e4c4c92139f1-FRA

GET
H2 200 gun_cluck9mm.babylon Show response
shellshock.io/models/ 6 MB
899 KB 542ms
542ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_cluck9mm.babylon?1680593925882
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 486e11fa6eca912d46f309fb4009cc83b0c9b59f142969a384e21cc6ba497914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 16 Mar 2023 22:15:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64139510-5c9c12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPG%2Fa%2BYTttphikVR1Dl%2BYFUkFl%2BwfTMyTppqRNikrwOYwt2zWp%2F9sIFl4G5DF%2BFsPlL1RYmY%2BpC%2FDjqyOURq3DW1yeFZ%2FTrVZD0swX%2BdkA5hSk6gNxI5ugMQzl5vQletjQ%2F3bojyVw3MR4U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
cf-ray: 7b27e4c4c92539f1-FRA

GET
H2 200 gun_smg.babylon Show response
shellshock.io/models/ 7 MB
951 KB 305ms
304ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_smg.babylon?1680593925883
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b9a3ac41ec7038596665d92c272d161e015890426218d30a70764f27e84a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Mar 2023 18:14:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6410b980-6ab666"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=io%2BaG3MesskQqYCvD9KtcvzPU8JuWDtEzjfaFxsmerF%2B03K2rG8bFwOF7WSSVW5%2ByY32bTe2iaqufNY7GFCZSeTADdhZhxr8HJ339oWxhEmuJljzz6Yuw8eSr3DkPKBLCdyI8khPY66C2mo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
cf-ray: 7b27e4c4c92839f1-FRA

GET
H2 200 melee.babylon Show response
shellshock.io/models/ 931 KB
159 KB 525ms
525ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/melee.babylon?1680593925894
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03497ab9ccdd81469a9f0fe21978c87043494dd63b2cc19e492fb697c10ec458

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Mar 2023 19:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6410c9f3-e8acc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=purOnslc0QODpHYrl7kth3ogu8UZNRaN%2F9bbyeu514%2F2u4sHyeBb5SUEFR8ggzKa%2Fp7x0xJFQsaTaeaevABstw%2FaznvXFqO1m3p5DSLaj32f68uQPifw7Xw4E2y%2FSRK9vheCkGGsaER%2FmxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
cf-ray: 7b27e4c4d93a39f1-FRA

GET
H2 200 gun_aug.babylon Show response
shellshock.io/models/ 6 MB
912 KB 598ms
597ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_aug.babylon?1680593925906
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10a6898718df1f07d559c58a526ef8fd98d133158b481250796ba02506ece2d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 23 Feb 2023 00:23:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f6b1e7-6370e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxoC4X0rI3A516%2BDBrMOuYVx7E34crAVuQ7wGpOVc13iHccAkU18uo0mp3xanFaNzNV%2BZgd4Plmbyuwg6KaglcIcH21J1dKIZd1mQgvm5Gh56p4fN%2BJqZeq5ANOaNbmaA%2B%2FhYDD6eyffbK8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
cf-ray: 7b27e4c4e96539f1-FRA

GET
H2 200 gun_dozenGauge.babylon
shellshock.io/models/ 9 MB
1 MB 299ms
299ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_dozenGauge.babylon?1680593925914
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6421e3c6-8f6316"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQf3mR%2BbjCF60tDBhPkMBmad0QMSJd1i64ip0HP7i%2FYfCYGAnW2S1JRrmtReo%2FdGn5iSR7E4dx11r7d4PpCctxF68NHF1bI1XnKbwPdlw2WDs%2FKgpJUN7QQ0pUbKP%2FTC2xwlCJSMNPKqSGM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
cf-ray: 7b27e4c4f97139f1-FRA

GET
H2 200 gun_csg1.babylon Show response
shellshock.io/models/ 6 MB
958 KB 323ms
322ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_csg1.babylon?1680593925916
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54a703d3fc16d82becdd6ae53999d759d2c24fa184db4a66a0b8abea4403264f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 23 Feb 2023 00:23:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f6b1e7-61b238"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzQOPNUvMZQq91UlBVfErzFTb51ndb9ZO7v4qUJmjMveaoieprRhKB6JnhtRFxCvtORIPLFmTPQk3ybFzpT%2FUOx4D1ye2inEQBj4jSS5K7P4YZAj%2F8jGl1dgUMX3S1rUoQb1GQ66yOriJu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
cf-ray: 7b27e4c4f97339f1-FRA

GET
H2 200 reticle.babylon Show response
shellshock.io/models/ 1 KB
832 B 362ms
361ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/reticle.babylon?1680593925919
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 657433b9a2988a392e27e63616b2ef926c89b3ebd9e876da41a61cfe66e0cf21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 16 Feb 2023 00:46:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63ed7cf1-451"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVZl7Ww6C1rLPGz5FsQ20JnIIagQ%2FEl1xzhIiOLd9%2BOe6vkRoHOo0PpR2tmasoXVW%2FbStkCNzs0rx1A6TMILa6em%2BMXQF%2Bn9snWc%2FoCeBDocwww2uUTGyJBe9FvXM6KEGOnjlFVkJ%2FkwuXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
cf-ray: 7b27e4c5097839f1-FRA

GET
H2 200 items.babylon Show response
shellshock.io/models/ 36 KB
6 KB 366ms
366ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/items.babylon?1680593925926
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2f495d17d49dc491536a33fbb667060e573da39954a52eab110e43348e254e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 16 Feb 2023 00:46:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63ed7cf0-8f25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFNPL3SIfH4ZZ8gwnYATHpDX%2BW6802F2dAEWJPTH4lsz5WQah1ZD3uXvSkMB%2BPjaL%2FdpdV69Z%2FrXoYgfcRpq4wOHhGtVvkkJUEozGe8VdGEjDF4Hx0sCLTNDODOzXONTsvUM2TgpWbIOxS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
cf-ray: 7b27e4c5098239f1-FRA

GET
H2 200 ads.txt Show response
shellshock.io/ 48 KB
10 KB 20ms
20ms XHR
text/plain 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/ads.txt
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09adaba0ad5589d22612de086772c09efe9004153fb53703eeb3a4c6a97c5b08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1349
etag: W/"6421e3c6-bebd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6n6fqdXBzEADM4AsiuORW%2BoIjKjWdazXXmRpIymv3SHo2RBx9pNEGa4ZH5DjNkjfMTMtulUEA0LAYnbiVodERWzfZznrMAlU0nG0RVR%2Fjrg7A%2BFxR1VHwzGKMc0BNInCzI1BUaxJ7epuM7A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
cache-control: max-age=14400
cf-ray: 7b27e4d25f7c39f1-FRA

POST collect
stats.adinplay.com/ 0
0

OPTIONS
H/1.1 502
Bad Gateway collect
stats.adinplay.com/ Frame 0
0 54ms
14ms Preflight
text/html 93.119.15.97
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.adinplay.com/collect
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 93.119.15.97 Leiden, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 93-119-15-97.colo.transip.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://shellshock.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 568
Content-Type: text/html
Date: Tue, 04 Apr 2023 07:38:48 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 map.babylon.manifest Show response
shellshock.io/models/ 93 B
410 B 376ms
375ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/map.babylon.manifest?1680593929351
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 456b5d8084fd94245af134f227f296a9c2fc30d861a004091be4ea360bec241f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:49 GMT
cf-cache-status: MISS
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6421e3c6-5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uef8FIdSEmP15oIFPvHKI2F96kaN9tO7mt0el651mV%2FCEDsv1DPNSAxLEi9V9i%2FcEjxWzsRJV294o2oA16z1OYb2d2KcFLnmdIKaXpciKiGiK4wglHd7Gv1J91q2bKYyn5qDFlUjtlJ1sGY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4da78e139f1-FRA
content-length: 93

GET
H2 200 map.babylon
shellshock.io/models/ 10 MB
2 MB 315ms
315ms XHR
application/babylon 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/map.babylon?1680593929730
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:50 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6421e3c6-a76824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lm8pYRBPb67AvvXMOMBvtQKxihdIIsLo3fDoEDweJkCrb8F6Mggf8YFQDoqnzVi6WVXlfIE2ohITlBQMPt%2B5fHXjnbGRlcRoW4tNSCm%2B%2B1FTEHurXzIMTTy03qJYc8PTogEWyjlunh%2B3c%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/babylon
cache-control: max-age=14400
cf-ray: 7b27e4dcdb5639f1-FRA

GET
H2 200 twitchStreams.json Show response
shellshock.io/data/ 126 B
453 B 148ms
146ms XHR
application/json 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/data/twitchStreams.json?1680593930967
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 756f24ec1b1b699a93cbff59173224ec88dfa8834c10b5908d853198c210cff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 04 Apr 2023 07:37:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"642bd3d5-7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByCsNgTjCx21X3RcWTyr53POcmbfSPZpUXdSYYO1HE1xvymWq8PfJNx1rpQZtnFbpg542Kxoxuote8a4lQlHwe2tmufDoWYcaA3dfBFR%2FIuQZZMCCitTAg%2F6Vowy5JNs0drm0%2FWxqVCHLmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7b27e4e49bed39f1-FRA

GET
H2 200 housePromo.json Show response
shellshock.io/data/ 24 KB
5 KB 371ms
370ms XHR
application/json 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/data/housePromo.json?1680593930967
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4e7148c2d7dfb59365594882aabc9ea3addf36f07c7bf870f5e2552cb2f6118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 03 Apr 2023 22:01:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"642b4cbc-5f30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVtdgMRJIUjqPyxtuNwPMDNpcX%2FHYx3yS4sNbZo9T8pYpFZqQ7rViAXxNIbtw1Q14y%2F%2BnEH65F78MFHjOLXjRTOWtnTOvFraZdFgG5kAHdHgdtWCOwnyB8PzbY9HThF4zTVpiQVqMkZ3Fr8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7b27e4e49bf039f1-FRA

GET
H2 200 shellNews.json Show response
shellshock.io/data/ 2 KB
1 KB 322ms
321ms XHR
application/json 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/data/shellNews.json?1680593930967
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f8ea63094c9a05f1507bc92e0b2ec74757823e87225a68db65b69c0861e173c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 03 Apr 2023 22:00:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"642b4c8a-77b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6z3hTy5cBCg8DQvPJbWXo9Ppq5VY0PGzgQxDfYOmRCGohHHmaH1fBoogYi58oMK64CcL2xthBh0XyO2OmzoTxCLIVRUjomrA%2Fzc1lLGIFemtHWKQBtM%2FVy7s41l4tQ%2FBNZPYC834n3HZyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7b27e4e49bf139f1-FRA

GET
H2 200 shellYouTube.json Show response
shellshock.io/data/ 54 KB
10 KB 416ms
415ms XHR
application/json 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/data/shellYouTube.json?1680593930967
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e31c0a95dbf796aa9c192f057f329e27788102a6a408120b3b9d7d416e64203

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 29 Mar 2023 18:43:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"642486b7-d9fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUV9YG5fJ6Tr4tDBR7rzE%2FiBIPfmKPHO5UdmXYI%2F7Y7EDGiFSCn0d%2BVh3dLtWYUEkdh%2BMfO5%2Bu0%2FoXUPNMVTxzM6eOGFjQb2Gnhgj%2FztBFKXQWZiFxSI4zyEd5aNg880FxTfJJ5eIluUofo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7b27e4e49bf339f1-FRA

GET
H2 200 stamps.png
shellshock.io/img/ 4 MB
4 MB 24ms
23ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/stamps.png?v=0.45.3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 907bf3d289d6fd66e4a8a6db2a5525db13a9a0d2afd8f8c9509cad67afa93258

Request headers

Referer: https://shellshock.io/
Origin: https://shellshock.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 18:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2324
etag: "6421e3c6-440af1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrXl1n%2FaSiLaPluN7RM0Ymzu2uSkqEhqAxjDKDkKwtrnqX1EhS7Xj6s8eIqQDdxcNP4GvKM%2B%2FPvvq57DnZz5M3cZRCfahbyqdBJdLTiBamlbRA6JsnHRjFZxArMY4f69H%2B%2BnfGUG9zRHw%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4e54cb239f1-FRA
content-length: 4459249

GET
H2 200 vip-club-popup-item-1-month-membership-bg.png
shellshock.io/img/vip-club/ 2 KB
2 KB 20ms
19ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/vip-club/vip-club-popup-item-1-month-membership-bg.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3535717ee13d738e711ced7574cacdf33baa4892fa8d3dc5315f5c11fc28fade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6307
etag: "63ed7ced-650"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9u1K57sI5VCU4pxdV8VCrGJoQDYIMTrDg69PSyqam5Q5909DxseyL1FMMkvoCR5PwfySLOsnmYVnCS0lbOL1VTSbdwzfzxsAO9t4ZH7ZHL2P7bZ9XRSAg8pEXAcrEcRqhnf79kPP6oYsb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4e54cb439f1-FRA
content-length: 1616

GET
H2 200 vip-club-popup-item-3-month-membership-bg.png
shellshock.io/img/vip-club/ 2 KB
2 KB 21ms
20ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/vip-club/vip-club-popup-item-3-month-membership-bg.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 791e5bfbc0398a556771d5d92961a9d16ee83762faf665a04acf6a37d422aa7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6306
etag: "63ed7ced-644"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oo5xCcUUwYeRDk4hVzP74setVny%2BQUD1Kbhys5uZV8FYf73fYWS2WCI6my9HWzm65Vjpr0L%2BVIW1QgUsaQoJHAY%2BMAfXPXQB8Zo3IviJi2XpiAI90YywrzReAuTDZkToHn5KDuyVJbaPpbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4e54cb539f1-FRA
content-length: 1604

GET
H2 200 vip-club-popup-item-12-month-membership-bg.png
shellshock.io/img/vip-club/ 2 KB
2 KB 34ms
34ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/vip-club/vip-club-popup-item-12-month-membership-bg.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7b1e75a898f2a070072d0da5c7fe4b1644708d81ffee669f95eb4a30c5b74db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6306
etag: "63ed7ced-684"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xjjko%2FH5z8fFPF1DNtlkJu2BYuZRnMgfKy3LmY%2F13ijhbLfRqL6thiIgmG2qasvT%2FZMfaWLBf5j9EtHhyZEwkpI%2FRQsmnWH%2BKhVcYM4BNpdsLh%2B8%2BhUYDPgnnmCqwmkV%2FpWyQ5LoZsojIU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4e54cb839f1-FRA
content-length: 1668

GET
H2 200 885113289.png
shellshock.io/data/img/twitchAvatars/ 136 KB
136 KB 21ms
20ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/data/img/twitchAvatars/885113289.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493dd214870b2cd65e4e9c36524fb469f675327287c93d80ad5b393df930dbb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
cf-cache-status: HIT
last-modified: Tue, 04 Apr 2023 06:21:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3547
etag: "642bc1f8-21f70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjR29%2Bv7J1DiJGplclSGqebywWnvkv2HWA8tQN2LD56qraO45m8O82z96mryll6UKxtAEsBjRCqZLp2fWlOQgAkUmMJ5b58TtHRnzXoLTd08ih5Um3IXoUQWStVP47ndDQ9x5w8I3N8aAAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4e60d9a39f1-FRA
content-length: 139120

GET
H2 200 883713463.png
shellshock.io/data/img/twitchAvatars/ 15 KB
15 KB 22ms
21ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/data/img/twitchAvatars/883713463.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc8192261e3ce9c755d462eeafcb3fcd580b04653d7a8e90dda80bd4b420c64f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
cf-cache-status: HIT
last-modified: Tue, 04 Apr 2023 07:31:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 352
etag: "642bd26c-3b88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBd2YZjyJQqwQCb9qLnXN6HwS6ebJL1HOC7jM4QpKGMtQTLZK3J84oDqr7mZKmJDnfWbruKxZSObBGQoDmNo3X0oQWxvKf0TEb9tPFUWZVBxcL2ItVfu8Xw3B%2FPTvMdmhc8585gmvmOt5fQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4e60d9b39f1-FRA
content-length: 15240

GET
H2 200 news_lg1dkxtw0.png
shellshock.io/data/img/newsItems/ 17 KB
17 KB 25ms
25ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/data/img/newsItems/news_lg1dkxtw0.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0ce79bddd40e39c49bd609522f3788dac96be0b1a40279a6f573d0f6f53ed88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
cf-cache-status: HIT
last-modified: Mon, 03 Apr 2023 22:00:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 511
etag: "642b4c8a-42c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfkPGOPTMxjfLNg7CSjPIKholpDjIRkEMGNCPYCxQO8Ip8O%2BLhENk08GEQX62lOZIv3rFu4tsva5w1ek9XOKOW4nUIG9nTgDVmAjBTNBDN5rzFnBGOqS6UJlk9bDuFT4Ugv9H15NCWbZw4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4e6ee6839f1-FRA
content-length: 17097

GET
H2 200 news_lb5rjy2h3.png
shellshock.io/data/img/newsItems/ 48 KB
49 KB 22ms
20ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/data/img/newsItems/news_lb5rjy2h3.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78667f6ff77d4290e9e91ec8b5c2314fd21b501ce00a75f8442a18bbca8ac515

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 02:23:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 511
etag: "63d87b90-c1cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hgxiJsGDWP3jq%2FJDdSnq4AdpjlfbnUK%2BnxlBpyJTwNgMRdkUlhyCc8gOe8ArCMF7YxBAnAjYur3V5c1DIZ0iUhB2w4SynlY7PT3k4SIhTpgo4CeuUujKxVBJ%2B8dYzlZuzJudMFhG4VYvgw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4e6ee7839f1-FRA
content-length: 49612

GET
H2 200 news_lbpnmqjk4.png
shellshock.io/data/img/newsItems/ 44 KB
44 KB 34ms
33ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/data/img/newsItems/news_lbpnmqjk4.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff95c101ee772d9d4f4303430be064f655d83009bc048fea8bcb89833db810fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 02:23:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 511
etag: "63d87b91-ae27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDmR2NNqt1aSUOq0onHKS6aCWvFsUlmopPl1986kbkGq4t4%2ByNQscM7H5N9jvgv6j7AJS0PTF6%2B%2FoqK%2FEGDd0HgLgDpZjaAzFcxSN9j7OgOUgU7bSPED06EdtJaPFOa%2FkOFdch3nW3N9ZNE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4e6fe7939f1-FRA
content-length: 44583

GET
H2 200 news_ksovpe1g6.png
shellshock.io/data/img/newsItems/ 475 KB
476 KB 25ms
23ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/data/img/newsItems/news_ksovpe1g6.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48e7a0b2e1b714a5ea07baf16f2965c357c9ee8831a4e1a37f4bf10c3c614f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 02:23:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 511
etag: "63d87b90-76b2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXJ6QOyqF0Qz13qinMb8D41jTQ2CoYhxcS%2B4F6qVasc6ktcDkFUpWMDMPnPv2kg5sg0eAkoSRHQk4%2BLd%2Bd2RnAm5uiHByY3heOD64pP%2FunQJpTN5pYBWebOn6bEnwnDeHxUx1NKgF%2B0Q8bI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4e6fe7b39f1-FRA
content-length: 486190

GET
H2 200 news_ksovtf0q9.png
shellshock.io/data/img/newsItems/ 31 KB
31 KB 38ms
37ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/data/img/newsItems/news_ksovtf0q9.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdb5175c24a9f831d4923349ce1251526635318423b9614fb8043feb328d99b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 02:23:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3881
etag: "63d87b90-7ad6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFmIpr9%2BGuSsvloLq7l30Sg3EPoTtKTU3MxoekuA8RBwZXvXs66q8rWyO%2BCAMSyIzZHxpy9k%2BRILolkn9%2FUTPMXR5Cs88Ni6O6%2FOYmyd6NKmxlEL64%2FoIu5jdtDXb5BRyI3Iu95W4l0IlP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4e6fe7c39f1-FRA
content-length: 31446

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/b2DRnfgg-yQ/ 21 KB
21 KB 133ms
36ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/b2DRnfgg-yQ/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2fc222d34e4ae202731449153fef4abe95d98e56f2e24349fc47f07c9d16bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:21:11 GMT
x-content-type-options: nosniff
age: 1060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20998
x-xss-protection: 0
server: sffe
etag: "1679749730"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:21:11 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/o8cXLK2h_ik/ 32 KB
32 KB 223ms
126ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/o8cXLK2h_ik/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685d6726f42019df2b04e9c0cec4065f2ab73ec46c9525bab29e59b1b7b07a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:59:23 GMT
x-content-type-options: nosniff
age: 2368
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32390
x-xss-protection: 0
server: sffe
etag: "1679006617"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 08:59:23 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/B93BiAOZXU8/ 44 KB
45 KB 208ms
112ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/B93BiAOZXU8/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec6a66cb184bf80e384739b8e5840022c7181c168bb52b119576510de1e511f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:57:09 GMT
x-content-type-options: nosniff
age: 2502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45451
x-xss-protection: 0
server: sffe
etag: "1678395994"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 08:57:09 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/uOMlEFVgfU4/ 32 KB
32 KB 164ms
68ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/uOMlEFVgfU4/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4b753abd6e69de9bda9e29d5230d879d6b3ecebdf46555257a996dc7375a968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:03:00 GMT
x-content-type-options: nosniff
age: 2151
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32459
x-xss-protection: 0
server: sffe
etag: "1678573915"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:03:00 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/djnGK-oyM5M/ 31 KB
31 KB 188ms
92ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/djnGK-oyM5M/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df7d6f730a27d5c1aabd6f965fb3bfef8766a5c8d6dec46b88aa6c8b9633ea92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:41:47 GMT
x-content-type-options: nosniff
age: 3424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31848
x-xss-protection: 0
server: sffe
etag: "1678594858"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 08:41:47 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/IoeCW2ffLEU/ 26 KB
26 KB 239ms
143ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/IoeCW2ffLEU/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8261173247fa7665b489d5ef6bc046cdacda791190d1726ea1bdd07ab5a7bf7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26466
x-xss-protection: 0
server: sffe
etag: "1678324837"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:38:51 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/rDDNorr7KNw/ 25 KB
25 KB 111ms
102ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/rDDNorr7KNw/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52b0bf8c420dab9a1e8c7830ed45315555ae562e5858fb6c4bdcca37a41313d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:15:25 GMT
x-content-type-options: nosniff
age: 1406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25506
x-xss-protection: 0
server: sffe
etag: "1678014351"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:15:25 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/oA_XADshpiQ/ 32 KB
32 KB 98ms
89ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/oA_XADshpiQ/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f29d514beb07890b19ecd5af3e56fb3aa36508047e83df5397cde2e6f6ead2fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:57:20 GMT
x-content-type-options: nosniff
age: 2491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32289
x-xss-protection: 0
server: sffe
etag: "1677900661"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 08:57:20 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/5xF4dO2EV20/ 34 KB
34 KB 106ms
97ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/5xF4dO2EV20/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf64ef0890a56de667d6c81bfc3a27037cc19498b43653224f23d5f2907b0cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:07:47 GMT
x-content-type-options: nosniff
age: 5464
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35187
x-xss-protection: 0
server: sffe
etag: "1677592673"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 08:07:47 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/5f_hrzndYCA/ 38 KB
38 KB 101ms
92ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/5f_hrzndYCA/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

512e367ce935ab13e1ad3c858fa660f3d3c344395cce03baa68248914c4f92d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:19:18 GMT
x-content-type-options: nosniff
age: 1173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38984
x-xss-protection: 0
server: sffe
etag: "1677765100"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:19:18 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/35zkrBBU7Ek/ 39 KB
39 KB 80ms
72ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/35zkrBBU7Ek/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a07bc65e91575c5571f6772c9c4e08b73734eae7e1c3bda7e46cf5624866c16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 05:40:14 GMT
x-content-type-options: nosniff
age: 7117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39799
x-xss-protection: 0
server: sffe
etag: "1677667591"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 07:40:14 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/1N0bDPcI9DM/ 33 KB
33 KB 87ms
79ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/1N0bDPcI9DM/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9b40905a40871115de92e84f05c60bb4577638e04f51b5936baa24b455bb348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:23:58 GMT
x-content-type-options: nosniff
age: 893
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34021
x-xss-protection: 0
server: sffe
etag: "1677167776"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:23:58 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/sAbkBcu_fak/ 33 KB
33 KB 122ms
114ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/sAbkBcu_fak/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c01f5ca9348a1cd57c84817a726213023fd7f3f4b971a88dd2f21a5e070148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:03:00 GMT
x-content-type-options: nosniff
age: 2151
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33290
x-xss-protection: 0
server: sffe
etag: "1677108697"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:03:00 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/IJv3I069c9g/ 55 KB
55 KB 134ms
126ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/IJv3I069c9g/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d8fb69fea843974d057a4975364bafa55981c4611f179ae56db06f5801c73a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:06:53 GMT
x-content-type-options: nosniff
age: 1918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56002
x-xss-protection: 0
server: sffe
etag: "1676495482"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:06:53 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/HM_qpP23wg8/ 24 KB
24 KB 130ms
121ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/HM_qpP23wg8/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70edaaad87af534749bbad9a18b2a1acf0d851174dde1116bf91945aa5b34cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:19:18 GMT
x-content-type-options: nosniff
age: 1173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24775
x-xss-protection: 0
server: sffe
etag: "1676359926"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:19:18 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/IUpnAjBR158/ 44 KB
44 KB 132ms
123ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/IUpnAjBR158/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d033848687f1a92557e6bbecc498d8dc4a101a845b7a81cd229e731147062d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:15:25 GMT
x-content-type-options: nosniff
age: 1406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45079
x-xss-protection: 0
server: sffe
etag: "1675984507"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:15:25 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/te9pU2wjOFY/ 36 KB
36 KB 140ms
132ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/te9pU2wjOFY/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b65625b00d7825013feffc3f084321f85490a967b11a442d79d0ce44026c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36632
x-xss-protection: 0
server: sffe
etag: "1675776429"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:38:51 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/3LN9tIfYLXA/ 22 KB
22 KB 127ms
118ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/3LN9tIfYLXA/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3148f2405f845af8a474a223c7933af83728f51bd8738da6512435c714b7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:03:58 GMT
x-content-type-options: nosniff
age: 5693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22833
x-xss-protection: 0
server: sffe
etag: "1675723326"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 08:03:58 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/jk46xb5w45M/ 18 KB
18 KB 117ms
109ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/jk46xb5w45M/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b43b80adaf1881a16d8e6e70663206b8c92d43fa3d7fe068a2ad0eb54bca9377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:01:28 GMT
x-content-type-options: nosniff
age: 5843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18513
x-xss-protection: 0
server: sffe
etag: "1675632066"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 08:01:28 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/iW-E4TAGDjY/ 20 KB
21 KB 118ms
110ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/iW-E4TAGDjY/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425296f280eb7021f265a738deb14065d81f62c39c6021e688045b64e2c81647

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:15:25 GMT
x-content-type-options: nosniff
age: 1406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20920
x-xss-protection: 0
server: sffe
etag: "1674973566"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:15:25 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/NHnaZqZiMkU/ 32 KB
32 KB 124ms
116ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/NHnaZqZiMkU/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e92dbf33f873591778e56f66f81c66a54a25beb57e0467f37409874d7df7619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:05:53 GMT
x-content-type-options: nosniff
age: 1978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32996
x-xss-protection: 0
server: sffe
etag: "1672869573"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:05:53 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/Oooh0RzrEF4/ 30 KB
30 KB 168ms
160ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Oooh0RzrEF4/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f84be775455787868ad4a43a45968fd26568cfec504c2df05f32ea23e839296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31087
x-xss-protection: 0
server: sffe
etag: "1674863159"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:38:51 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/JZbpg_Jk344/ 26 KB
26 KB 170ms
162ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/JZbpg_Jk344/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f596af7b59d0f66f61e6be62bead77952224b2f7fff2aa95c6a3dc5c1f24d9c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26135
x-xss-protection: 0
server: sffe
etag: "1674912641"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:38:51 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/J5m7jwcmTIk/ 24 KB
24 KB 146ms
137ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/J5m7jwcmTIk/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e07cb29491f5b56a0d3700dd36d934fd4b304dde5f6df8020986500c0af0f72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:05:53 GMT
x-content-type-options: nosniff
age: 1978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24813
x-xss-protection: 0
server: sffe
etag: "1674824051"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:05:53 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/QblW0TrNMY8/ 29 KB
30 KB 150ms
142ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/QblW0TrNMY8/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57653de2a21c3adb1ed4e08683a0b3fa4505b634006dddfa11afe74182e36fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:50:50 GMT
x-content-type-options: nosniff
age: 2881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30204
x-xss-protection: 0
server: sffe
etag: "1674335571"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 08:50:50 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/rR92moH9RjY/ 26 KB
26 KB 163ms
154ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/rR92moH9RjY/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1780a1811dd490a4437e6cfa3a4c00bf49c789b764293aeb8aa57007e3ad8339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:15:25 GMT
x-content-type-options: nosniff
age: 1406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26739
x-xss-protection: 0
server: sffe
etag: "1674387667"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:15:25 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/lcY9m7dS3Cg/ 32 KB
32 KB 161ms
153ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/lcY9m7dS3Cg/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a3ef68b510703213e66c456683412012b7b1c57e73ecaa102545f3b2c3a9ef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:07:25 GMT
x-content-type-options: nosniff
age: 1886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32495
x-xss-protection: 0
server: sffe
etag: "1673930350"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:07:25 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/aw-2HQQh47A/ 24 KB
24 KB 147ms
138ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/aw-2HQQh47A/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93651ce10e5f07070ad1e0951655c9d6a6a67a1c0ef1837b047250eba0caa2ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:47:30 GMT
x-content-type-options: nosniff
age: 3081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24409
x-xss-protection: 0
server: sffe
etag: "1673834924"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 08:47:30 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/Pvkdya906Pk/ 17 KB
17 KB 144ms
135ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Pvkdya906Pk/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0306aef17555a783ea7f3bf606a5809ce7dc322c8721fe4077c9d8b4fd1d3dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:15:25 GMT
x-content-type-options: nosniff
age: 1406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17182
x-xss-protection: 0
server: sffe
etag: "1674008704"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:15:25 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/enb3xdZjlJo/ 29 KB
29 KB 160ms
152ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/enb3xdZjlJo/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

829becc4367ae63fcfe8d4afd0361ac5d4c875c7e9dd21b3050998b6501f9031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:03:08 GMT
x-content-type-options: nosniff
age: 5743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29822
x-xss-protection: 0
server: sffe
etag: "1673268766"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 08:03:08 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/A5sR5oD1vdg/ 15 KB
15 KB 159ms
150ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/A5sR5oD1vdg/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6a311b5407c3dfb9cbb55a9dcde5eaeb1f6cf4cbd6684c5b47b9c0d4624e69d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:05:02 GMT
x-content-type-options: nosniff
age: 2029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15093
x-xss-protection: 0
server: sffe
etag: "1672832646"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:05:02 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/ToarDMqUEAg/ 24 KB
24 KB 156ms
148ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ToarDMqUEAg/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c81ca946e75c7b205c96a00bb21e04f218ebb113d23ce4ee48b78f0af5316e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:05:53 GMT
x-content-type-options: nosniff
age: 1978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24557
x-xss-protection: 0
server: sffe
etag: "1672486780"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:05:53 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/sfUIgP8Qj0w/ 35 KB
35 KB 172ms
163ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/sfUIgP8Qj0w/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9629c75fa8ab11b8f00e827fe48a0c658be9ec01e94502a7d534ff0800f253a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35716
x-xss-protection: 0
server: sffe
etag: "1672013361"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:38:51 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/qgpLHW8gnec/ 23 KB
23 KB 158ms
149ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/qgpLHW8gnec/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcf64ef50f854244e04daae45feaf6f7f55eca9d3621a24c6556a95fd97b0be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 05:44:04 GMT
x-content-type-options: nosniff
age: 6887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23136
x-xss-protection: 0
server: sffe
etag: "1671359057"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 07:44:04 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/9XKMNCaG_cw/ 38 KB
38 KB 170ms
162ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/9XKMNCaG_cw/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb53b746c82d2a140968a6b2e0ea19028a986124274a8ef3a47c21acc8981cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:51 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38890
x-xss-protection: 0
server: sffe
etag: "1670970558"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 09:38:51 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/bU8Koj8LehE/ 34 KB
34 KB 152ms
144ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/bU8Koj8LehE/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76b19dc706f711c217695fa2867f69396ffb8950a6406cf4a98cdd722ed650c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:49:20 GMT
x-content-type-options: nosniff
age: 2971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34450
x-xss-protection: 0
server: sffe
etag: "1669765609"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 08:49:20 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/K06B5P1TGdU/ 27 KB
27 KB 153ms
145ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/K06B5P1TGdU/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d781df45e8625d9fc0492596f81808ce6099507fdc31de428c364e40d6799fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:30:47 GMT
x-content-type-options: nosniff
age: 4084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27480
x-xss-protection: 0
server: sffe
etag: "1669935317"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Apr 2023 08:30:47 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
37ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1193205017&t=event&_s=3&dl=https%3A%2F%2Fshellshock.io%2F&ul=en-us&de=UTF-8&dt=Shell%20Shockers%20%7C%20geometry.monster&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ads&ea=ad%20blocker&el=false&_u=aADAAEABAAAAACAAIC~&jid=&gjid=&cid=814442709.1680593924&tid=UA-105800112-1&_gid=176234086.1680593924&z=1060519835

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48821
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 84ms
16ms Preflight
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 Castricum, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://shellshock.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://shellshock.io
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Tue, 04 Apr 2023 07:38:53 GMT

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 1 KB
1 KB 189ms
125ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=532894&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2212e8b5715e57c6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fshellshock.io%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fshellshock.io%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222926f345c1aee6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22532894%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22532894%22%2C%22sid%22%3A%22250x250%22%7D%7D%2C%7B%22w%22%3A200%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22532894%22%2C%22sid%22%3A%22200x200%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adinplay.com%22%2C%22sid%22%3A%22SSK%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb88d1f0ed131b5a64918e6fdb3c8e7c19a5b1ad7fdff62e327089a1637da170

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrhORwJ1gUmJdF5qOl7u%2BkqLhEnFKiV8CQRm%2By9AYzNiahBAIe41t7KopyOPUqX%2BxYc70Xm2tXU%2BBiG4TtxssBPq8JzEs7L4BzL%2F8ypAPKCPBhvVbEhEmjo1axO4RedTmUp%2F1m6a"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://shellshock.io
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7b27e4f67d8e9b1f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 102ms
46ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shellshock.io
date: Tue, 04 Apr 2023 07:38:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
400 B 84ms
19ms XHR
application/json 216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b2d32c014f7117b5a6ba0e7312792ce00b84e7e411d5d9a34dd637118892ee6f

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 04 Apr 2023 07:38:53 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://shellshock.io
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
161 B 45ms
17ms XHR
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 Castricum, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://shellshock.io
pragma: no-cache
date: Tue, 04 Apr 2023 07:38:53 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
505 B 141ms
80ms XHR
application/json 3.67.166.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fshellshock.io%2F&tmax=1500

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.67.166.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-166-194.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:53 GMT
accept-ch: sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shellshock.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 50ms
8ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://shellshock.io
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
948 B 69ms
15ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c6280aed9264c06690cec2074cc6a93d266df0fdedb57f358215ae5ad822f9f3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 04 Apr 2023 07:38:53 GMT
AN-X-Request-Uuid: e8cabecb-7dc4-457a-9df1-1505486975ae
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shellshock.io
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.157; 185.213.155.157; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
adinplay-d.openx.net/w/1.0/ 73 B
376 B 96ms
24ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://adinplay-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fshellshock.io%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bdfed0e7-b3e8-40a7-9957-87ff6c1bed04&nocache=1680593933787&schain=1.0%2C1!adinplay.com%2CSSK%2C1%2C%2C%2C&aus=300x250%2C250x250%2C200x200&divids=shellshockers_titlescreen&aucs=&auid=541147970
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4f7453f106e16ebd2a1f401961914ea54641b2984b7026eff8fa982dbd6d5acf

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:53 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://shellshock.io
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
808 B 148ms
94ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=1940958&size_id=15&alt_size_ids=13%2C14&rp_schain=1.0,1!adinplay.com,SSK,1,,,&rf=https%3A%2F%2Fshellshock.io%2F&tk_flint=pbjs_lite_v6.29.3&x_source.tid=bdfed0e7-b3e8-40a7-9957-87ff6c1bed04&l_pb_bid_id=2077f83c4a2daeb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7777907445845589
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 694eeb141a66e129aa091e961b6a1dc33496e631b2248b307520b890fcc5348a

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:53 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://shellshock.io
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 100ms
43ms XHR
text/javascript 13.32.106.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshellshock.io%2F&pid=jM8diwl99CjG6&cb=0&ws=1600x1200&v=23.320.1710&t=1500&slots=%5B%7B%22sd%22%3A%22shellshockers_titlescreen%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F421469808%2C21743024831%2Fshellshockers_titlescreen%22%7D%5D&schain=1.0%2C1!adinplay.com%2CSSK%2C1%2C%2C%2C&pubid=53b902f9-cf9c-4605-aec3-2c8ce65042b8&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.106.197 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-106-197.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:53 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: ZR41A7J5FMRW2TQ42HVX
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://shellshock.io
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: F2yaoSxdNHO9GVjMvLg6UMCzZZnpebkud34HAANZmzObMzQaE8W7SA==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1193205017&t=event&_s=4&dl=https%3A%2F%2Fshellshock.io%2F&ul=en-us&de=UTF-8&dt=Shell%20Shockers%20%7C%20geometry.monster&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Big%20ad&ea=show&el=VIP%20Club&_u=aADAAEABAAAAACAAIC~&jid=&gjid=&cid=814442709.1680593924&tid=UA-105800112-1&_gid=176234086.1680593924&z=1966109958

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48821
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 43ms
42ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1193205017&t=timing&_s=5&dl=https%3A%2F%2Fshellshock.io%2F&ul=en-us&de=UTF-8&dt=Shell%20Shockers%20%7C%20geometry.monster&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=load&utv=homeLoaded&utl=home&utt=11286&_u=aADAAEABAAAAACAAIC~&jid=&gjid=&cid=814442709.1680593924&tid=UA-105800112-1&_gid=176234086.1680593924&z=988044902

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48821
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ki5mdikz13.jpg
shellshock.io/data/img/art/ 216 KB
216 KB 23ms
22ms Image
image/jpeg 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/data/img/art/ki5mdikz13.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f71b6ce0b6102f787a664a0ee1cfb8818d0f350d557f9cea92c6c0a5d11f8e21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6307
content-length: 221079
cf-bgj: h2pri
last-modified: Tue, 31 Jan 2023 02:23:12 GMT
server: cloudflare
etag: "63d87b90-35f97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=su%2FzY6Xz0jpxrnon8PgiYp4cPZ1F1e7dN5%2Fa8gf37E5%2FqPbCgHD3zNAJ75kCu%2FZQgqgn2KQcIc4%2BrlwiDvh1B%2FoPKkZXF%2FgM%2FWdf5cAD6knTmL2EMf9W5Jp43aNZsm8Cu%2FQFAR9ceICyd04%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e4f6ee7939f1-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 170ms
44ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=shellshock.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/pubads_impl.js?cb=31073505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 133ms
44ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shellshock.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/pubads_impl.js?cb=31073505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 115 KB
43 KB 356ms
355ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1551324874643182&correlator=1436479122281560&eid=31073505%2C44780989&output=ldjh&gdfp_req=1&vrg=202303290101&ptt=17&impl=fif&iu_parts=421469808%3A21743024831%2Cshellshockers_titlescreen&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C200x200&ifi=1&adks=519060828&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format_ix%3Dbanner%26hb_size_ix%3D300x250%26hb_pb_ix%3D0.00%26hb_adid_ix%3D22d66832103feab%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D22d66832103feab%26hb_bidder%3Dix&eri=1&cust_params=GS%3DNo%26subid%3Dshellshock.io%26FC%3D1%26OS%3DOther%26Conc%3DNo&sc=1&cookie_enabled=1&abxe=1&dt=1680593934097&lmt=1680591941&dlt=1680593922749&idt=1703&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fshellshock.io%2F&frm=20&vis=1&psz=300x-1&msz=0x-1&fws=132&ohw=350&ga_vid=814442709.1680593924&ga_sid=1680593934&ga_hid=1193205017&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/pubads_impl.js?cb=31073505

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

179a9e9fdeb8e3c28c7e19ad87fe95a9e317157dc8bfa6a66fce10c93049a2a3

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNrz06Pcj_4CFZIq4Aoda04BMA&gqi=&layout=/sadbundle/%24csp%253Der3%24/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNrz06Pcj_4CFZIq4Aoda04BMA&gqi=&layout=/sadbundle/%24csp%253Der3%24/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html
date: Tue, 04 Apr 2023 07:38:54 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44149
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://shellshock.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 183ms
83ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202303290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/pubads_impl.js?cb=31073505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed2e886e3af8102449368cee1bb26958ba6cb461a8d4ca42526b46b88b00cfb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11195
x-xss-protection: 0

GET
H2 200 container.html Show response
991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A5A0 6 KB
3 KB 173ms
43ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/pubads_impl.js?cb=31073505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shellshock.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 07:38:54 GMT
expires: Wed, 03 Apr 2024 07:38:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 522B 3 KB
2 KB 69ms
23ms Document
text/html 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://shellshock.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 946
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7b27e4f90c345c85-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 04 Apr 2023 07:38:54 GMT
expires: Tue, 04 Apr 2023 11:38:54 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1B09 16 KB
6 KB 34ms
7ms Document
text/html 2.19.228.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.187 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-228-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://shellshock.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=104911
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 04 Apr 2023 07:38:54 GMT
expires: Wed, 05 Apr 2023 12:47:25 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F4B7 281 B
554 B 50ms
8ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://shellshock.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 04 Apr 2023 07:38:54 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame EF89 37 B
140 B 40ms
9ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://shellshock.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Tue, 04 Apr 2023 07:38:54 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame CCAB 0
0 11ms
8ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1680593934065

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://shellshock.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 7D26 0
91 B 29ms
21ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shellshock.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 04 Apr 2023 07:38:54 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FDBB 52 KB
17 KB 40ms
10ms Document
text/html 2.19.228.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.175 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-228-175.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://shellshock.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 04 Apr 2023 07:38:54 GMT
ETag: "623de86a-cf34"
Expires: Wed, 05 Apr 2023 07:38:56 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 269ms
66ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/pubads_impl.js?cb=31073505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Apr 2023 07:38:54 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F4B7 34 KB
10 KB 9ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3d84f21de2a111415c067bf82fa1581ab5ce8add19cafdfb61716b43bff31a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 04 Apr 2023 07:38:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Apr 2023 04:51:43 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=76369
Connection: keep-alive
Content-Length: 10015
Expires: Wed, 05 Apr 2023 04:51:43 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 77ms
16ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/pubads_impl.js?cb=31073505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 16:41:23 GMT
content-encoding: gzip
age: 2127451
x-guploader-uploadid: ADPycduE5L2eeFp6uIBZXVmQzp1L-SpgDvDmbY_Q_CWTzkfDxzhrR4U1i09pt8tFiyeePrtu2s28XPWyuBaA4jWN06J35g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 09 Mar 2024 16:41:23 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 81ms
19ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/pubads_impl.js?cb=31073505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 07:38:54 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 79ms
19ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/pubads_impl.js?cb=31073505

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 39836
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2F8FyP9N0raSJqICEFDKLcaq0v5aWmOZSHwCgathOWUFhE7ccUYYhFlW96onDv44D7KRioHhAyb5NunseUOt%2FbriQrdRdoeJTMVEFSFKXXjq6RDhPwihl2U5OmjkuJKXuMp7KUy2uoGnse9eLrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7b27e4fb2a529079-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 103ms
34ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/pubads_impl.js?cb=31073505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

099c242b7f21357ba887e27ac080dd6799d369d07511e1a788c633f40a6790b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 13:19:47 GMT
server: cloudflare
x-amz-request-id: 983X9MSE48X780S4
age: 2900
etag: W/"c248fe2e1769ec0b3fd66c9a48efe1d4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7b27e4fb3ddb35eb-FRA
x-amz-id-2: iRi9ZBt5y+ALDxRRo1ZVVYgx4f1VZ312BW+vykyx0EbfTUBgCyu32TL5Te5Ui9lV7pmxrzrtgRE=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 76ms
16ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/pubads_impl.js?cb=31073505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:13:55 GMT
via: 1.1 google
age: 1499
x-guploader-uploadid: ADPycdsogoipyVGHlxzUC8l3GTUmTzYI8BG-IvCIbdGqWcVbRRFGolQpX6KL-Xbq16Tgjd5YC7pZtPqthaVSnB6fdN7CKQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1659113709880056
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Tue, 04 Apr 2023 08:13:55 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 37 KB
11 KB 66ms
8ms Script
text/javascript 18.66.97.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/pubads_impl.js?cb=31073505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 05:55:25 GMT
content-encoding: gzip
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 22:36:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 6210
x-amz-server-side-encryption: AES256
etag: W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: irF6-qjiek68DjVeF7djxYL_ZQmeaYOKimv6Uz4qqaQdB5fK0M-OwQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 65ms
7ms Script
text/javascript 2600:9000:2250:2e00:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/pubads_impl.js?cb=31073505
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2e00:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 04 Apr 2023 04:34:41 GMT
Via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 11054
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: yTB1BXfjdGYlOHfm3OJah3rTYwjwksBtvSP8e1SbaSgOVLvkZsnCcg==

GET
H2 200 container.html Show response
991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC93 6 KB
3 KB 48ms
37ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303290101/pubads_impl.js?cb=31073505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shellshock.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 07:38:54 GMT
expires: Wed, 03 Apr 2024 07:38:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 5625
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
2 KB

12ms
12ms

Document
text/html

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 2150fe6edbb979d320d1adb145645e3d50aac3b87908ce597cc7692814428e8e

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1752
Content-Type: text/html
Date: Tue, 04 Apr 2023 07:38:54 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Tue, 04 Apr 2023 07:38:54 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1B09 2 KB
3 KB 72ms
25ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49926768&p=156857&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: bf066d97235c38dc05865ed159254001e20acbe7d32ea853c7bd729d64c355a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 04 Apr 2023 07:38:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame FDBB
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
935 B

14ms
14ms

Script
text/html

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Apr 2023 07:38:54 GMT
AN-X-Request-Uuid: e0220e97-e14e-4180-8860-e4ca3077f9a4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.157; 185.213.155.157; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 Apr 2023 07:38:54 GMT
AN-X-Request-Uuid: 196aebd5-4946-400f-831a-24d146732b27
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.157; 185.213.155.157; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 2018-06-11_WT_Bannerset_179_300x250.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/ Frame 2A5E 5 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ec195eb79ac5b9455ec1070d834ecbb9b42148584da31539b4ed39b3d1c290d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=0
content-encoding: gzip
content-length: 1891
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 07:29:43 GMT
expires: Tue, 04 Apr 2023 07:29:43 GMT
last-modified: Wed, 13 Jun 2018 13:58:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FC93 0
0 97ms
96ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CH63dDtQrZNq0CZLVgAfrnIWAA8_M6OhNuc3QkZgIqLqnybsWEAEgkeLkH2CV4pCCoAegAfPTy9MDyAEJqQINqfRo2UWyPuACAKgDAcgDSKoE9AFP0IboCJmbRIR8d-4MSOOjlmHYynapLEHNj8lc9sQyODh74n-3a56b3tcW4xgE6E9C7_tTXmUL7TvU7OgfCFc-hQ2cpU20Tm_-m90Css4Lel1atimFba6HNefNo7Rbr3j2k7qlfhwIqukCSuIW-6mCd2yAAzTmI3xPtErFyT085wr9GgS3bSTGCXw05Y7lcteWndQ2X0UBVqD0m6q7RJOfqMPR5oh4D3FpSue6LbhyCcrqL2xU_HK_8Jus9vgmKaSdA127CtEebQ5greXRefWKVE7VKJGM0wORDn5o5uG1RJX1slVmkTowaFtmKBeutfve2Dx6wATu-d7pngHgBAGSBQQIBBgBkgUECAUYBKAGLoAHz5e6L6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELjMB9IIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0zOTQ2ODM1OTg1ODM4MjU4gAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTE1NzA2NjE5NjI4NjY5ODEYkP0S&sigh=-tTBJ34UBlo&uach_m=[UACH]&cid=CAQSPADUE5ymJZXZxiiRM9ssQ8BbyTqQCaE60l0C6S3k-VgLHjS4JEW0hFiin8tv3fGp_xQv-jCDUjgKYn-lkxgB&template_id=419
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/ Frame FC93 22 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/abg_lite_fy2021.js

Requested by

Host: 991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com
URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 18:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Apr 2023 18:45:28 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EBF4 143 B
247 B 41ms
40ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com
URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 06:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame FC93 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/window_focus_fy2021.js

Requested by

Host: 991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com
URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 18:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Apr 2023 18:43:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame FC93 20 KB
8 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com
URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 18:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Apr 2023 18:43:45 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 5625
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZCvUDvnh71y144ypr7mmfgAAFLEAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZCvUDvnh71y144ypr7mmfgAAFLEAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

107ms
107ms

Image
image/gif

52.46.128.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZCvUDvnh71y144ypr7mmfgAAFLEAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.128.147 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Apr 2023 07:38:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AT1VTBYF2YFRWJ62Y9WK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 Apr 2023 07:38:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PHSNC0XWPT111XHZSVNQ
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZCvUDvnh71y144ypr7mmfgAAFLEAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 5625 70 B
265 B 126ms
34ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 04 Apr 2023 07:38:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 5625
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZCvUDvnh71y144ypr7mmfgAAFLEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP4i-pNq0c6aJAqFyZrx_DI&google_cver=1

43 B
766 B

9ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP4i-pNq0c6aJAqFyZrx_DI&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Apr 2023 07:38:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP4i-pNq0c6aJAqFyZrx_DI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5625
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZCvUDvnh71y144ypr7mmfgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDzz4DpaAIJB6X5SevDnlUc&google_cver=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDzz4DpaAIJB6X5SevDnlUc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Apr 2023 07:38:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDzz4DpaAIJB6X5SevDnlUc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5625
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3849059396235361125&expiration=1681803535

43 B
632 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3849059396235361125&expiration=1681803535
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Apr 2023 07:38:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3849059396235361125&expiration=1681803535
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 ZCvUDvnh71y144ypr7mmfgAAFLEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5625 43 B
601 B 118ms
32ms Image
image/gif 2a05:d018:d29:3602:a2bd:f7af:253c:4fd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZCvUDvnh71y144ypr7mmfgAAFLEAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:a2bd:f7af:253c:4fd -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 5625 0
75 B 146ms
17ms Image
text/plain 185.86.138.150

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.150 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:54 GMT
content-length: 0

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 5625
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1680680335

43 B
632 B

167ms
15ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1680680335
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Apr 2023 07:38:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1680680335
pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 5625 43 B
353 B 52ms
13ms Image
image/gif 104.18.10.47

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZCvUDvnh71y144ypr7mmfgAA%265297
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshellshock.io%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:54 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 53409
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b27e4fdac143677-FRA
content-length: 43
expires: Wed, 05 Apr 2023 07:38:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3681 13 KB
5 KB 40ms
38ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shellshock.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 03:39:34 GMT
expires: Wed, 03 Apr 2024 03:39:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9BDE 783 B
535 B 50ms
48ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

432d91dab896feecfa24f55a077c2e9a9f003e8a9b901590e7feedabb82a1b31

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4qovuHMvuXO4mxYmDWeM3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shellshock.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-4qovuHMvuXO4mxYmDWeM3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 07:38:54 GMT
expires: Tue, 04 Apr 2023 07:38:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame D3DC
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1579105158369455095

42 B
426 B

19ms
15ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1579105158369455095
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 04 Apr 2023 07:38:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1579105158369455095
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6C57
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a389642b-d40f-4100-b28b-b6985cddae48&gdpr=0&gdpr_consent=

42 B
557 B

63ms
16ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a389642b-d40f-4100-b28b-b6985cddae48&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 04 Apr 2023 07:38:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Tue, 04 Apr 2023 07:38:55 GMT
Expires: Tue, 04 Apr 2023 07:38:54 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 776 936c8db master cdg-pixel-x29 config_version:"unknown"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a389642b-d40f-4100-b28b-b6985cddae48&gdpr=0&gdpr_consent=

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 092B 43 B
363 B 81ms
14ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 07:38:54 GMT
expires: Tue, 04 Apr 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 506464
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A11E
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VUevaQdHrW1OQq4_AhCwaQdEpG1OR_k6UhITnXNL

42 B
341 B

69ms
15ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VUevaQdHrW1OQq4_AhCwaQdEpG1OR_k6UhITnXNL
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 04 Apr 2023 07:38:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Tue, 04 Apr 2023 07:38:55 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VUevaQdHrW1OQq4_AhCwaQdEpG1OR_k6UhITnXNL
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame DA28
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=235DB9B2-32DE-449D-8BB5-71352EB0C8C6&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=235DB9B2-32DE-449D-8BB5-71352EB0C8C6&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

213ms
189ms

Document
image/gif

67.220.226.238

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=235DB9B2-32DE-449D-8BB5-71352EB0C8C6&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.238 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 04 Apr 2023 07:38:55 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: Y2Z5H9BAQKW1KHC9409D

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 04 Apr 2023 07:38:55 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=235DB9B2-32DE-449D-8BB5-71352EB0C8C6&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: YQKN3QVJ72DJQ1G7S087

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1B09
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I125sjLeRJ2LtXE1LrDIxg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

7ms
7ms

Image
text/html

2.19.228.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Protocol: H2
Server: 2.19.228.187 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-228-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:55 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=104910
accept-ranges: bytes
content-length: 5554
expires: Wed, 05 Apr 2023 12:47:25 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 1B09 49 B
266 B 112ms
28ms Image
image/gif 34.251.239.167

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=235DB9B2-32DE-449D-8BB5-71352EB0C8C6&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.239.167 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.16.235
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 1B09
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=414864087
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=235DB9B2-32DE-449D-8BB5-71352EB0C8C6

0
284 B

60ms
20ms

Image
text/plain

34.111.131.239

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=235DB9B2-32DE-449D-8BB5-71352EB0C8C6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Protocol: H2
Server: 34.111.131.239 -, , ASN (),
Reverse DNS
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:54 GMT
via: 1.1 google
last-modified: Tue, 04 Apr 2023 07:38:55 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=235DB9B2-32DE-449D-8BB5-71352EB0C8C6
date: Tue, 04 Apr 2023 07:38:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame 1B09
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=235DB9B2-32DE-449D-8BB5-71352EB0C8C6
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NjUybWZ3TEpKTjdRdGlKaVpCWUg0QVpWQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=1871226279912368074&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

108ms
107ms

Image
image/png

54.235.69.38

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Protocol: HTTP/1.1
Server: 54.235.69.38 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 04 Apr 2023 07:38:56 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 04 Apr 2023 07:38:55 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1B09
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjM1REI5QjItMzJERS00NDlELThCQjUtNzEzNTJFQjBDOEM2&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

14ms
14ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 04 Apr 2023 07:38:54 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1B09
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMrZqkEc9pdrdcdCQ-MFJAo&google_cver=1

42 B
379 B

14ms
14ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMrZqkEc9pdrdcdCQ-MFJAo&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 04 Apr 2023 07:38:54 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMrZqkEc9pdrdcdCQ-MFJAo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 1B09 43 B
610 B 80ms
16ms Image
image/gif 35.204.74.118

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 03 Apr 2023 07:38:55 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1B09
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1871226279912368074

42 B
298 B

16ms
16ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1871226279912368074
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 04 Apr 2023 07:38:55 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1871226279912368074
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1B09 70 B
264 B 36ms
34ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/ Frame 2A5E 6 KB
2 KB 44ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0250e733d35dd964dc696b1d5ba380869f31e3da746cd9de2058f2e830ae7769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 18:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2472
x-xss-protection: 0
server: cafe
etag: 16011529636463416716
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 04 Apr 2023 18:05:12 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/ Frame 2A5E 34 KB
13 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 18:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 04 Apr 2023 18:05:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2A5E 1 KB
447 B 55ms
51ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b7c00aedbc798a40ca5ae8bdf3eec9e8b86ec784db3b44dfcc24263c51f873b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 04 Apr 2023 07:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 07:32:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Apr 2023 07:38:55 GMT

GET
H2 200 tweenjs_0.6.1_40840f08e9fb382ae9e4a337da542ed5_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2A5E 23 KB
7 KB 164ms
78ms Script
text/javascript 2a00:1450:4001:812::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenjs_0.6.1_40840f08e9fb382ae9e4a337da542ed5_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

47ffbc2699500a62322227a3593c7f13f17f9111733150e12fa0a78b0a5f2919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6867
x-xss-protection: 0
last-modified: Sat, 14 Nov 2015 14:14:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Apr 2023 07:38:55 GMT

GET
H2 200 easeljs_0.8.1_58add2e69ca7fbe25e8f82a2b5f6a510_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2A5E 83 KB
24 KB 129ms
44ms Script
text/javascript 2a00:1450:4001:812::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/easeljs_0.8.1_58add2e69ca7fbe25e8f82a2b5f6a510_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d859dddfada24cde4882360e4d17c29fac1361c08ae9c283a6d0c45fcc57fca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24243
x-xss-protection: 0
last-modified: Sat, 14 Nov 2015 14:14:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Apr 2023 07:38:55 GMT

GET
H2 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2A5E 186 KB
48 KB 168ms
83ms Script
text/javascript 2a00:1450:4001:812::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Apr 2023 07:38:55 GMT

GET
H3 200 2018-06-11_WT_Bannerset_179_300x250.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/ Frame 2A5E 42 KB
5 KB 49ms
45ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d85e24754bb6a5cb95cbb3c763e3d0c6ec2cc79826b4671f7fa6a848dca01fe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 31 Mar 2023 18:05:44 GMT
age: 307991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5092
x-xss-protection: 0
last-modified: Wed, 13 Jun 2018 13:58:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Mar 2024 18:05:44 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F4B7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDJy5bRb_xvK8-1Ap7WiiP0&google_cver=1

0
239 B

37ms
9ms

Image
image/gif

69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDJy5bRb_xvK8-1Ap7WiiP0&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDJy5bRb_xvK8-1Ap7WiiP0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F4B7
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWMzYmIwMTM1Nzk5OGMyMTI1MjBmM2JlYTVhZTM0Y2Q3OGQwZWExYw

170 B
188 B

54ms
53ms

Image
image/png

142.250.185.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWMzYmIwMTM1Nzk5OGMyMTI1MjBmM2JlYTVhZTM0Y2Q3OGQwZWExYw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html

Protocol

Server

142.250.185.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWMzYmIwMTM1Nzk5OGMyMTI1MjBmM2JlYTVhZTM0Y2Q3OGQwZWExYw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F4B7
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEcxWThJTEItQy1BVjg2
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEZx1WoWxBKKUkuPo9sC-B8&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEcxWThJTEItQy1BVjg2&google_push=

170 B
188 B

47ms
46ms

Image
image/png

142.250.185.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEcxWThJTEItQy1BVjg2&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html

Protocol

Server

142.250.185.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEcxWThJTEItQy1BVjg2&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame F4B7
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=U0ldr7COSPqYK_v85c4V1Q&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=U0ldr7COSPqYK_v85c4V1Q

43 B
479 B

35ms
35ms

Image
image/gif

67.220.226.238

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=U0ldr7COSPqYK_v85c4V1Q

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html

Protocol

HTTP/1.1

Server

67.220.226.238 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Apr 2023 07:38:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0RQSQWQBEQ3SV35SDXY7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=U0ldr7COSPqYK_v85c4V1Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame F4B7 70 B
264 B 34ms
30ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame F4B7
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LG1Y8ILB-C-AV86

0
866 B

185ms
130ms

Image
text/plain

2620:1ec:22::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LG1Y8ILB-C-AV86
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: H2
Server: 2620:1ec:22::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:55 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3D44E0DCA31444FC893909D0C97045B3 Ref B: VIEEDGE1705 Ref C: 2023-04-04T07:38:55Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX4fcSKy5Er59La1AllWw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LG1Y8ILB-C-AV86
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F4B7
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=T0u2lwEtQO22wkNPf6WMKg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=T0u2lwEtQO22wkNPf6WMKg

43 B
479 B

114ms
114ms

Image
image/gif

52.46.128.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=T0u2lwEtQO22wkNPf6WMKg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html

Protocol

HTTP/1.1

Server

52.46.128.147 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Apr 2023 07:38:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 36GD2FFH26Q1AAG4CZFD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=T0u2lwEtQO22wkNPf6WMKg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F4B7
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/WJV0RU3e-jEmvimDY7Tx0g?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lqcYpzdE2oLaZBjW_Gj.G2720kzWQaS3evls2w--~A

0
239 B

15ms
15ms

Image
image/gif

69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lqcYpzdE2oLaZBjW_Gj.G2720kzWQaS3evls2w--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 04 Apr 2023 07:38:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lqcYpzdE2oLaZBjW_Gj.G2720kzWQaS3evls2w--~A
content-length: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fshellshock.io%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fshellshock.io%2F&rid=esp&cc=1

85 B
203 B

118ms
116ms

Fetch
application/json

34.120.135.53

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fshellshock.io%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: 08e1d774c319a4581459a9119836b1a7d4566295e8bf1788996229ce1999f597

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:55 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-NrVaX13mgqd448BiNH+TE3msOFs"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shellshock.io
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 04 Apr 2023 07:38:55 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://shellshock.io
location: /esp?url=https%3A%2F%2Fshellshock.io%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 16EF 15 KB
6 KB 90ms
21ms Document
text/html 2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=shellshock.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://shellshock.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 07:38:54 GMT
server: Kestrel
server-processing-duration-in-ticks: 394891
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 28ms
26ms Fetch
application/json 35.190.39.111

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 -, , ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: f1c0a48213a858198b64d4b311df3225b8f8efbf46515b766e6ae70beceaf911

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 Apr 2023 07:38:55 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 736823b4e72c2741083e394c96074ab5
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 78ms
31ms Preflight
text/plain 35.190.39.111

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 -, , ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://shellshock.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://shellshock.io
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 04 Apr 2023 07:38:55 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: b610544fa54f1b63855e584a68ad1d3b

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
322 B 31ms
8ms XHR
text/plain 162.19.138.116

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shellshock.io
date: Tue, 04 Apr 2023 07:38:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 102ms
29ms XHR
application/json 34.248.76.14

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.76.14 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 03744ea5cc39964a7e3bb29edce994c66cf54d3cfcc5ea0ba58c45a48ede243b

Request headers

Referer: https://shellshock.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://shellshock.io
cache-control: no-cache
x-server: 10.45.5.169
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 footer-social-media-bubble-discord.png
shellshock.io/img/social-media/ 31 KB
32 KB 25ms
24ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/social-media/footer-social-media-bubble-discord.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 313d8c492305e7d75825232dd8fe15eee5239e87750d0e8ad596ef584c7c8a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:55 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6490
etag: "63ed7ce9-7d47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJSKQbQ%2BPum5O7YrcsAplmQ%2FQh8%2FizBx4QDkEgVOZzunukljGLtqIFxEU71E0mopdMYPaZVVrq0l%2FdnID4UMI8v7VRauV0H%2F4KTVZjvsD%2BMYf7U7wrfPhgvHmVuyonkwAWAj3%2B2f%2BzyaNiE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b27e500f9ee39f1-FRA
content-length: 32071

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EBF4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
46ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com
URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 07:38:55 GMT
expires: Tue, 04 Apr 2023 07:38:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 07:38:55 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 16EF
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=shellshock.io&sn=ChromeSyncframe&so=0&topUrl=shellshock.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=rVVV2XwrVmExdzBRK1VZVkVBcWZLOEtmZ29sNDlNUUkxL1Jza2FlRFlBMnNheHM3VzFvU2srUUF4ajB2Q1VVRXhGM2tFT3diNkRmNSs2b3I3YjlHYjJWQXlwQzBIY1pQYW5kUVAxNjdUMHBpOGg0QktHb01YakpTUGc5WW...

438 B
660 B

57ms
17ms

Fetch
application/json

178.250.1.11

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=rVVV2XwrVmExdzBRK1VZVkVBcWZLOEtmZ29sNDlNUUkxL1Jza2FlRFlBMnNheHM3VzFvU2srUUF4ajB2Q1VVRXhGM2tFT3diNkRmNSs2b3I3YjlHYjJWQXlwQzBIY1pQYW5kUVAxNjdUMHBpOGg0QktHb01YakpTUGc5WW5TQkxyMFNTR01YTnBhVUVDYk9vbSt1NklWNUdkZktybjBlcTY4MW5meTYxUDNkTmdrSkE0a3RMTkw0UU1zSXFHeVVkck9sdjdBNXBHYnlodFVuYk91czFlZndhMVg0MTRJOHlWMHlPZlBMazA0UXUzbE1TdHBRNGVZeHRqbjg0MUJwME5NMVl4Q1dTamhQdEVCWFFUK3lOOTVOQXhqQT09fA&cppv=2

Protocol

Server

178.250.1.11 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

f8062f2ea860289b4b1100abdc76d0a5d5172d1f01139020eca486f6e6365e99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:55 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3271906
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 04 Apr 2023 07:38:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=rVVV2XwrVmExdzBRK1VZVkVBcWZLOEtmZ29sNDlNUUkxL1Jza2FlRFlBMnNheHM3VzFvU2srUUF4ajB2Q1VVRXhGM2tFT3diNkRmNSs2b3I3YjlHYjJWQXlwQzBIY1pQYW5kUVAxNjdUMHBpOGg0QktHb01YakpTUGc5WW5TQkxyMFNTR01YTnBhVUVDYk9vbSt1NklWNUdkZktybjBlcTY4MW5meTYxUDNkTmdrSkE0a3RMTkw0UU1zSXFHeVVkck9sdjdBNXBHYnlodFVuYk91czFlZndhMVg0MTRJOHlWMHlPZlBMazA0UXUzbE1TdHBRNGVZeHRqbjg0MUJwME5NMVl4Q1dTamhQdEVCWFFUK3lOOTVOQXhqQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 349176
content-length: 0
expires: 0

GET
H3 204 l
www.google.com/ads/measurement/ Frame FC93 0
0 46ms
45ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfRBLQk28ACM056-zUTctHDbjRBmca0ZgE9WX2NNQdwlRhezZL9kwck9e6h1gVnMM5c7tNJTZj3CV4ULAZm17lrUt-YQ
Requested by: Host: 991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com
URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC93 158 KB
49 KB 139ms
45ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com
URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Apr 2023 07:38:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9BDE 0
0 150ms
69ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202303290101&jk=1551324874643182&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FDBB 0
863 B 14ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Apr 2023 07:38:55 GMT
AN-X-Request-Uuid: 30f66e55-e741-47d1-9e9a-e29e458e8847
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.157; 185.213.155.157; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js Show response
pagead2.googlesyndication.com/bg/ Frame 3681 36 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84c93c4587d2866d563be8ba9ee7cb7597c70ff0da97916457ac208105a363be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 11:53:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 11:53:00 GMT

GET
H3 200 button.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/ Frame 2A5E 9 KB
9 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/button.jpg?1528797082975

Requested by

Host: 991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com
URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c785b98650af3d7ea34fa239a4d873df9161f7dbba1c5fc3242c1a5acd72d93

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 04 Apr 2023 01:34:17 GMT
x-content-type-options: nosniff
age: 21878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8799
x-xss-protection: 0
last-modified: Wed, 13 Jun 2018 13:58:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 Apr 2024 01:34:17 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 6053 0
80 B 37ms
20ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shellshock.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 04 Apr 2023 07:38:56 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 fog.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/ Frame 2A5E 11 KB
11 KB 39ms
38ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/fog.png?1528797082975

Requested by

Host: 991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com
URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28f25724d825997e6158eebe9c20019d923dfc8b0cb21729ccc82651830d458e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 31 Mar 2023 18:05:44 GMT
x-content-type-options: nosniff
age: 307991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11747
x-xss-protection: 0
last-modified: Wed, 13 Jun 2018 13:58:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Mar 2024 18:05:44 GMT

GET
H3 200 hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A5E 36 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84c93c4587d2866d563be8ba9ee7cb7597c70ff0da97916457ac208105a363be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 11:53:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 11:53:00 GMT

GET
H3 200 fog2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/ Frame 2A5E 6 KB
6 KB 38ms
38ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/fog2.png?1528797082975

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d51636c0143c9eb6ab8657b2ba6f72c39f516ed39d6404559d889c4b10a3e54a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 31 Mar 2023 18:05:45 GMT
x-content-type-options: nosniff
age: 307991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5709
x-xss-protection: 0
last-modified: Wed, 13 Jun 2018 13:58:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Mar 2024 18:05:45 GMT

GET
H3 200 hintergrund300x250l.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/ Frame 2A5E 28 KB
28 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/hintergrund300x250l.jpg?1528797082975

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a904ca173f1009edb70523820e79724caa161f7c28dbaf01e6c2598007c68efc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 31 Mar 2023 18:05:45 GMT
x-content-type-options: nosniff
age: 307991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28316
x-xss-protection: 0
last-modified: Wed, 13 Jun 2018 13:58:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Mar 2024 18:05:45 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/ Frame 2A5E 11 KB
11 KB 38ms
38ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/logo.png?1528797082975

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5acf02687bd67ce3baa13bef7b20b6868d587757bb829306fcc9088935b68bd2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 31 Mar 2023 18:05:45 GMT
x-content-type-options: nosniff
age: 307991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11646
x-xss-protection: 0
last-modified: Wed, 13 Jun 2018 13:58:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Mar 2024 18:05:45 GMT

GET
H3 200 logo2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/ Frame 2A5E 14 KB
14 KB 38ms
38ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/logo2.png?1528797082975

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e66e2b318be1a27f7a136aed9763d416514183defd9ed6f069a8c34d50f376a5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 31 Mar 2023 18:05:45 GMT
x-content-type-options: nosniff
age: 307991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14311
x-xss-protection: 0
last-modified: Wed, 13 Jun 2018 13:58:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Mar 2024 18:05:45 GMT

GET
H3 200 schuss.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/ Frame 2A5E 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/schuss.png?1528797082975

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d4b10089fb93b9f0eb103d51df83cb211fdbfa7f8be5ef53e7f91bc476e48fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 31 Mar 2023 18:05:45 GMT
x-content-type-options: nosniff
age: 307991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2145
x-xss-protection: 0
last-modified: Wed, 13 Jun 2018 13:58:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Mar 2024 18:05:45 GMT

GET
H3 200 tank1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/ Frame 2A5E 18 KB
18 KB 38ms
38ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/tank1.png?1528797082975

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0466e32ee17562434fde0d9f9c4f75ccd68203a873c49216855b06385319ad0d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 31 Mar 2023 18:05:45 GMT
x-content-type-options: nosniff
age: 307991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18202
x-xss-protection: 0
last-modified: Wed, 13 Jun 2018 13:58:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Mar 2024 18:05:45 GMT

GET
H3 200 tank2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/ Frame 2A5E 4 KB
4 KB 38ms
38ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/tank2.png?1528797082975

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eacbe83648fbdf206d76f7d6462ac4ae833ad288d52fb793bf7bbe0435ec3e5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 31 Mar 2023 18:05:45 GMT
x-content-type-options: nosniff
age: 307991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4072
x-xss-protection: 0
last-modified: Wed, 13 Jun 2018 13:58:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Mar 2024 18:05:45 GMT

GET
H3 200 Unbenannt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/ Frame 2A5E 7 KB
7 KB 39ms
38ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7952793071994892864/images/Unbenannt2.png?1528797082975

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

584cd879f2c998107e8255341c24a0d44c2713f77c25f32cfc32d533887e038b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 31 Mar 2023 18:05:45 GMT
x-content-type-options: nosniff
age: 307991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7564
x-xss-protection: 0
last-modified: Wed, 13 Jun 2018 13:58:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Mar 2024 18:05:45 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 1B09 0
261 B 56ms
16ms Script
text/plain 185.64.190.81

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156857&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:56 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3681 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qUq4Iw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 chickLoop_speak.svg
shellshock.io/img/chicken-nugget/ 23 KB
6 KB 21ms
21ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/chicken-nugget/chickLoop_speak.svg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 793b93c248b6887ca180a244835ad5a07ca95d13432ab365408a56ac9164db42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:38:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 00:46:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6306
etag: W/"63ed7ce3-5d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kz%2B4Yx5dtSL2kP41z%2FhjaGMGQ2L56BzAHxHeS5A3gMxKnP8Ote2F9Nzbs44CAsbafLmjJBYdxlj%2B4%2FRorlrmj3cABhCCZEQ4dfJpFT%2F07cuiCsjS22Ap7p8muLDZQOOUUOxxOBuN3vJG0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7b27e50f09e939f1-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stats.adinplay.com
URL: https://stats.adinplay.com/collect

Verdicts & Comments Add Verdict or Comment

320 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shellshock.io/	1970-01-20 10:51:20	Name: StatsSend Value: true
.shellshock.io/	1970-01-20 12:59:29	Name: _gcl_au Value: 1.1.2064289493.1680593923
.shellshock.io/	1970-01-20 20:25:53	Name: _ga Value: GA1.2.814442709.1680593924
.shellshock.io/	1970-01-20 10:51:20	Name: _gid Value: GA1.2.176234086.1680593924
.shellshock.io/	1970-01-20 10:49:53	Name: _gat Value: 1
.shellshock.io/	1970-01-20 12:59:29	Name: _fbp Value: fb.1.1680593924300.1949447640
.shellshock.io/	1970-01-20 19:35:29	Name: _hjSessionUser_1519513 Value: eyJpZCI6IjQ0ODU1ODFlLWRhMDUtNTdmMC1hYzJjLTYyYTkyZTM3MTQ2ZCIsImNyZWF0ZWQiOjE2ODA1OTM5MjQ1OTMsImV4aXN0aW5nIjpmYWxzZX0=
.shellshock.io/	1970-01-20 10:49:55	Name: _hjFirstSeen Value: 1
.shellshock.io/	1970-01-20 10:49:54	Name: _hjIncludedInSessionSample_1519513 Value: 0
.shellshock.io/	1970-01-20 10:49:55	Name: _hjSession_1519513 Value: eyJpZCI6IjQ1YTI0YjhjLTZjMWMtNDVjZi1iOGI1LTgzNmU3NWIzMTZhZSIsImNyZWF0ZWQiOjE2ODA1OTM5MjQ2MDMsImluU2FtcGxlIjpmYWxzZX0=
.shellshock.io/	1970-01-20 10:49:55	Name: _hjAbsoluteSessionInProgress Value: 0
.shellshock.io/	1970-01-20 20:25:53	Name: _ga_79NWRZXYCB Value: GS1.1.1680593923.1.1.1680593933.50.0.0
.rubiconproject.com/	1970-01-20 19:35:29	Name: khaos Value: LG1Y8ILB-C-AV86
.rubiconproject.com/	1970-01-20 19:35:29	Name: audit Value: 1\|naVuGyos1qpv9va6VaPdAT5APvdogVCbaTd6KyMQnau+SmvwaNDOno/RxDbFwktUoWvVO1JkzF9kACasRBTT8e2C6yAnh5iMp/pf052KIlk=
.doubleclick.net/	1970-01-20 20:11:29	Name: IDE Value: AHWqTUn1a1ITBjhBXTj72Xg2BXYWc9YvTtiw-Aneq17LzutNNTxDCMmNh6OkpOok838
.shellshock.io/	1970-01-20 20:11:29	Name: __gads Value: ID=f839760136bbb464:T=1680593934:S=ALNI_MZlj4IUkoK3jNQB_7xp0q4YID-kiA
.shellshock.io/	1970-01-20 20:11:29	Name: __gpi Value: UID=00000bd0952de133:T=1680593934:RT=1680593934:S=ALNI_MZK3KsLNBSZW1k46WpJSVINFBAVew
.ads.pubmatic.com/	1970-01-20 10:51:20	Name: KCCH Value: YES
.adnxs.com/	1970-01-20 12:59:29	Name: uuid2 Value: 2031904015970688776
.pubmatic.com/	1970-01-20 19:35:29	Name: KADUSERCOOKIE Value: 235DB9B2-32DE-449D-8BB5-71352EB0C8C6
.pubmatic.com/	1970-01-20 12:59:29	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 10:51:20	Name: pi Value: 156857:2
.pubmatic.com/	1970-01-20 12:59:29	Name: DPSync3 Value: 1681776000%3A201_245_241_235
.pubmatic.com/	1970-01-20 12:59:29	Name: SyncRTB3 Value: 1681776000%3A56_8_7_21_13_161_54_251_220%7C1681862400%3A35
.casalemedia.com/	1970-01-20 19:35:29	Name: CMID Value: ZCvUDvnh71y144ypr7mmfgAA
.casalemedia.com/	1970-01-20 12:59:29	Name: CMPS Value: 5297
.casalemedia.com/	1970-01-20 12:59:29	Name: CMPRO Value: 5297
.adform.net/	1970-01-20 11:33:05	Name: C Value: 1
.yahoo.com/	1970-01-20 19:35:51	Name: A3 Value: d=AQABBA_UK2QCEA0cHx-OvY1_4Rl08U3cq6MFEgEBAQElLWQ1ZAAAAAAA_eMAAA&S=AQAAApXAg7YLpTAL_g67ripKrpo
.quantserve.com/	1970-01-20 12:59:29	Name: d Value: EL4BCwHWKPijAA
.quantserve.com/	1970-01-20 20:20:08	Name: mc Value: 642bd40f-134ac-bd79f-4d11a
.mathtag.com/	1970-01-20 20:15:49	Name: uuid Value: a389642b-d40f-4100-b28b-b6985cddae48
.simpli.fi/	1970-01-20 19:36:56	Name: suid Value: C73BB2FE61794C319202B3856A53B261
.weborama.fr/	1970-01-20 20:15:49	Name: AFFICHE_W Value: PIVZwlFJfWk841
.de17a.com/	1970-01-20 19:28:17	Name: guid Value: 1.1579105158369455095
.pubmatic.com/	1970-01-20 11:33:05	Name: KRTBCOOKIE_336 Value: 5844-1579105158369455095
.pubmatic.com/	1970-01-20 11:33:05	Name: PugT Value: 1680593933
.pubmatic.com/	1970-01-20 12:59:29	Name: KRTBCOOKIE_153 Value: 1923-VUevaQdHrW1OQq4_AhCwaQdEpG1OR_k6UhITnXNL&KRTB&19420-VUevaQdHrW1OQq4_AhCwaQdEpG1OR_k6UhITnXNL&KRTB&22979-VUevaQdHrW1OQq4_AhCwaQdEpG1OR_k6UhITnXNL&KRTB&23462-VUevaQdHrW1OQq4_AhCwaQdEpG1OR_k6UhITnXNL
.pubmatic.com/	1970-01-20 12:59:29	Name: KRTBCOOKIE_27 Value: 16735-uid:a389642b-d40f-4100-b28b-b6985cddae48&KRTB&16736-uid:a389642b-d40f-4100-b28b-b6985cddae48&KRTB&23019-uid:a389642b-d40f-4100-b28b-b6985cddae48&KRTB&23114-uid:a389642b-d40f-4100-b28b-b6985cddae48

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
javascript	error	URL: https://shellshock.io/ Message: Access to XMLHttpRequest at 'https://stats.adinplay.com/collect' from origin 'https://shellshock.io' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://stats.adinplay.com/collect Message: Failed to load resource: net::ERR_FAILED
other	warning	Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
security	error	URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/7952793071994892864/2018-06-11_WT_Bannerset_179_300x250.html".
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=235DB9B2-32DE-449D-8BB5-71352EB0C8C6&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

991a23f4ac20c41c3728aeeb8a3350cd.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
adinplay-d.openx.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.adinplay.com
api.btloader.com
bcp.crwdcntrl.net
btloader.com
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cr.frontend.weborama.fr
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
js-sec.indexww.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
region1.analytics.google.com
s.amazon-adsystem.com
s0.2mdn.net
script.hotjar.com
sdk.crazygames.com
securepubads.g.doubleclick.net
shellshock.io
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
static.hotjar.com
stats.adinplay.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
stats.adinplay.com
104.18.10.47
104.18.11.47
104.18.25.185
108.138.1.25
13.248.245.213
13.32.106.197
130.211.23.194
142.250.185.130
142.250.185.70
151.101.1.195
162.19.138.116
178.250.0.163
178.250.1.11
18.66.97.49
18.66.97.88
185.29.134.248
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.80.39.216
185.86.138.150
185.89.210.212
2.19.228.175
2.19.228.187
2001:4860:4802:34::36
213.155.156.184
213.19.147.43
216.52.2.16
216.58.212.130
23.37.42.132
2600:9000:2250:2e00:a:e047:752:b361
2602:803:c003:200::21
2606:4700:10::6816:3556
2606:4700:20::681a:68b
2606:4700:20::681a:894
2606:4700:20::681a:994
2606:4700:20::ac43:4513
2606:4700:3108::ac42:2b42
2606:4700::6810:3965
2606:4700::6810:5714
2606:4700::6811:190e
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:22::14
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2016
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::2006
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9a
2a02:2638:3::c
2a02:2638::3
2a02:fa8:8806:16::1370
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:d29:3602:a2bd:f7af:253c:4fd
3.67.166.194
34.102.146.192
34.111.129.221
34.111.131.239
34.120.135.53
34.248.76.14
34.251.239.167
34.96.70.87
34.98.64.218
35.190.39.111
35.204.74.118
35.71.131.137
37.157.6.242
51.89.9.252
52.222.236.74
52.46.128.147
54.235.69.38
67.220.226.238
69.173.144.139
69.173.144.165
93.119.15.97
01f48d4ad7e3b0f6bebcecad3355baf3903eb8a81e562d810c1f92ebf9b5e492
0250e733d35dd964dc696b1d5ba380869f31e3da746cd9de2058f2e830ae7769
0306aef17555a783ea7f3bf606a5809ce7dc322c8721fe4077c9d8b4fd1d3dfe
03497ab9ccdd81469a9f0fe21978c87043494dd63b2cc19e492fb697c10ec458
03744ea5cc39964a7e3bb29edce994c66cf54d3cfcc5ea0ba58c45a48ede243b
0466e32ee17562434fde0d9f9c4f75ccd68203a873c49216855b06385319ad0d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08e1d774c319a4581459a9119836b1a7d4566295e8bf1788996229ce1999f597
099c242b7f21357ba887e27ac080dd6799d369d07511e1a788c633f40a6790b0
09adaba0ad5589d22612de086772c09efe9004153fb53703eeb3a4c6a97c5b08
0b4fd36123c14417d71cbc5521b24e45cb4cd06069695f807a8e56f49c1f1379
0b7a3185964233a0e1e68612cc1cc306041f8bb1300b4eaf74905e0be36daa40
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da93c421ca12d7c35660be31634b957c0985b922d6922ab8c85ce9382e0a885
0fb287e168fe0f0fea43cc2de689086c5318afa4b78b80f637a40b27305ec2a8
10a6898718df1f07d559c58a526ef8fd98d133158b481250796ba02506ece2d2
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
15b92fe8592ec5916984e9d4a2cd37af9d0df8bffa1dcd9933921fd35f988ef4
15d66a2c6137972d9f4038f69fa0285f02811851d7a96554b3403801416f87e5
1626b155e582813f14d29cc99c252b15c887e1a4998d24df4cb4115f8f2cfa41
1780a1811dd490a4437e6cfa3a4c00bf49c789b764293aeb8aa57007e3ad8339
179a9e9fdeb8e3c28c7e19ad87fe95a9e317157dc8bfa6a66fce10c93049a2a3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
186dc3174ad9f21803148ff17b7bb6b3d775da8bbad831d9dd56c7d7cc32e5f8
1a9064f74f737966bf0fb51493c888362ecd57089e100798b6c6f3f6ac5e3873
1c2205593272633bfa6b25210a30b78e85a535f08ae47133968b9b53d4dd0af6
1d4b10089fb93b9f0eb103d51df83cb211fdbfa7f8be5ef53e7f91bc476e48fb
1d8fb69fea843974d057a4975364bafa55981c4611f179ae56db06f5801c73a3
1e8ca48ea3cb0c70aed0346f6c9510abf37d1b0db0c2b0c1911da2fd3201def9
1ec195eb79ac5b9455ec1070d834ecbb9b42148584da31539b4ed39b3d1c290d
21342b4ec946343a72b5ff3456369f2846966da8c400c3aaa2d9cc79ebe63e10
2150fe6edbb979d320d1adb145645e3d50aac3b87908ce597cc7692814428e8e
224581ff43afbd9949ba9fc161fc565053ef15f3e1aacde253bba928231ab5ff
2297085689ed504d87c55db7ed4cc3f43189f3da67518519e4f8c553c2d0b7e9
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
25cb52e9f970e689a29564b8727a93e10c31a723f707221a08e2bc343b450bc1
26d676e7bb5f89af2596c4340d93b8a832fd37e5ff04b5bc0f8753657bb0845a
2760782fb1e3c1e66ab5e51a5cc15cfbf6c261a067aabf61c6836cb645b0d318
28991dcc95ca25a24db2ba9e83a04e7e23620f17c3037fa13db9976d16dfe15a
28f25724d825997e6158eebe9c20019d923dfc8b0cb21729ccc82651830d458e
2a3ef68b510703213e66c456683412012b7b1c57e73ecaa102545f3b2c3a9ef2
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adadf863dbc48be3d88face5c5e49a463bab5254d4607768737caa76936dc35
2b2e2c077d8eed77b8721414493cf1d515d2ab6167f29021fb7daf88f78471e4
2b3148f2405f845af8a474a223c7933af83728f51bd8738da6512435c714b7bd
2bea97cade95d292d8d504b1581bdc255ecdc6aa0433361bcc3e95a1062f3d06
2d0ddf66aa6bd54b388f0283cc65ba224d660af6f92525e47bb74a35813ab43e
2e20387329d37cd605e35c3513e9025cc8a029c24321b1f2946837bb101c2654
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
313d8c492305e7d75825232dd8fe15eee5239e87750d0e8ad596ef584c7c8a84
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
3535717ee13d738e711ced7574cacdf33baa4892fa8d3dc5315f5c11fc28fade
39e7f97482ae0d4ab6990d049c22c207d33578cbb81a52bc6aad349f8bbd6d46
3a217c24c9ae8e15f78df4ad388de9a7f1e82203eba57da769be2b3ce6929bd4
3a7a4d3334819d42546afef980db7d5fb63231ebe93969fad0f2d76ee9bc9951
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d85e24754bb6a5cb95cbb3c763e3d0c6ec2cc79826b4671f7fa6a848dca01fe
3eb88fa22dd347860068b42f6a2de6efffdcbf70b5543d1da691bdb086e27cdd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
425296f280eb7021f265a738deb14065d81f62c39c6021e688045b64e2c81647
432d91dab896feecfa24f55a077c2e9a9f003e8a9b901590e7feedabb82a1b31
456b5d8084fd94245af134f227f296a9c2fc30d861a004091be4ea360bec241f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47ffbc2699500a62322227a3593c7f13f17f9111733150e12fa0a78b0a5f2919
486e11fa6eca912d46f309fb4009cc83b0c9b59f142969a384e21cc6ba497914
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e7a0b2e1b714a5ea07baf16f2965c357c9ee8831a4e1a37f4bf10c3c614f2d
493dd214870b2cd65e4e9c36524fb469f675327287c93d80ad5b393df930dbb2
4b7c00aedbc798a40ca5ae8bdf3eec9e8b86ec784db3b44dfcc24263c51f873b
4c21c94b172942d124a1633b6410fc7c946878918276cf0d9dcb313e964ec477
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec6a66cb184bf80e384739b8e5840022c7181c168bb52b119576510de1e511f
4f47ecaa3aa4df505f824ac81a03f970675d8e39b38134187c5d1b5402af9cd4
4f7453f106e16ebd2a1f401961914ea54641b2984b7026eff8fa982dbd6d5acf
4ff2f16b4b5d0a7d8dc536209e04d61870f4216ab2c67fe26e31421911b79e22
512e367ce935ab13e1ad3c858fa660f3d3c344395cce03baa68248914c4f92d8
51cba45ddd3f0fd36ffac9228945b397967fc9f39bffd93ed71e13459dcc4158
52b0bf8c420dab9a1e8c7830ed45315555ae562e5858fb6c4bdcca37a41313d6
53ee67151fb8d76e53b63fca5db9aaff0eb74034560c269123725e0160e4b023
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54a703d3fc16d82becdd6ae53999d759d2c24fa184db4a66a0b8abea4403264f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
584cd879f2c998107e8255341c24a0d44c2713f77c25f32cfc32d533887e038b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a07bc65e91575c5571f6772c9c4e08b73734eae7e1c3bda7e46cf5624866c16
5acf02687bd67ce3baa13bef7b20b6868d587757bb829306fcc9088935b68bd2
5e92dbf33f873591778e56f66f81c66a54a25beb57e0467f37409874d7df7619
5f8ea63094c9a05f1507bc92e0b2ec74757823e87225a68db65b69c0861e173c
61c0aef02b0cbd10e7e5c83192e8760b43714dcd85ead1d38044abcc2c5f58bb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6383353070129c103b1a78f595ea41b2bbdb5b0c130e04d0076e29bb30ac8c92
657433b9a2988a392e27e63616b2ef926c89b3ebd9e876da41a61cfe66e0cf21
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668a309fb9b471bf698f106c018060845851d40063ffc1fdfc1802aee8d68d33
66d3679dbe3b988e5bcf3f96368c199d50c2af9b0269956f50efe12c4a2c3a41
685d6726f42019df2b04e9c0cec4065f2ab73ec46c9525bab29e59b1b7b07a97
694eeb141a66e129aa091e961b6a1dc33496e631b2248b307520b890fcc5348a
6a188f2d82f7e236acc21dc4d085f2657e31cbd4f74a7c7555b029d809a8effa
6ad111f524ff10be86c8a370f961a57c4930f78cdc09ee55257addf45d1ee78a
6c1ec3a17b70fd364702b74bc20cba6bc9f9ccdb89a87c75828f5bddf65f18d5
6c84b6ed7f29121bf3c2673c60bd88972f6e2e41efeb80a47a813bb44f89ae60
6d9751aa51126a5018b63433052703ef3e228c5f713b34ef46cd3310c1f0d736
6f84be775455787868ad4a43a45968fd26568cfec504c2df05f32ea23e839296
70edaaad87af534749bbad9a18b2a1acf0d851174dde1116bf91945aa5b34cf8
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72a928b4ea4c4e420dfd86e2c1c03608f6ecd18e5ce7c495d3d44e5228db3b19
731bd9dfff0848f33e103c5e4f61b050b172511476cb163ce5b1e831e7c5f748
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5
756f24ec1b1b699a93cbff59173224ec88dfa8834c10b5908d853198c210cff7
7748c982c0a1b855637f9751d39be5e51194d6c635ffd17666929adbe2c6fa20
779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb
77c01f5ca9348a1cd57c84817a726213023fd7f3f4b971a88dd2f21a5e070148
78667f6ff77d4290e9e91ec8b5c2314fd21b501ce00a75f8442a18bbca8ac515
791e5bfbc0398a556771d5d92961a9d16ee83762faf665a04acf6a37d422aa7a
793b93c248b6887ca180a244835ad5a07ca95d13432ab365408a56ac9164db42
794e2e3d154a35b23045dc4a054775cff072da54289cc5d8f9ab9048c04bf939
7c764db8675ea95c34aaead23bfc0515908851866250623a4cb8d8bfa61c0844
7eacbe83648fbdf206d76f7d6462ac4ae833ad288d52fb793bf7bbe0435ec3e5
815ef44d3a4af26de206885362b00e518b0ac6b61f9ef24156a70adf1a93e5f1
816266da52081c578190462a0f47ac6590fb5703ccf0b0a3e94f99d280e17e7d
8261173247fa7665b489d5ef6bc046cdacda791190d1726ea1bdd07ab5a7bf7b
829becc4367ae63fcfe8d4afd0361ac5d4c875c7e9dd21b3050998b6501f9031
82cce7485814c7d5b8ea1a731b02d43c7a1d5157c08b1a503575aa0e0a715537
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
833512d7323dfa598388f61ca00aa0a907c744c80490337f17407313d49fd001
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c93c4587d2866d563be8ba9ee7cb7597c70ff0da97916457ac208105a363be
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863b9a3ac41ec7038596665d92c272d161e015890426218d30a70764f27e84a8
87dcce3aa5456b245fe1fbc2eda7172d56dbee07265ee435753e3b62c2e4e693
89b65625b00d7825013feffc3f084321f85490a967b11a442d79d0ce44026c4a
8a5a1cdc0e98c01e8830bd44ff290c5e538c7bf7dfd2fa5b99e5cb922c1cf5d6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f0fc7385ee9c33cf2549eb2b0e5edf52b15edc6bbabc29bd070402a620a3b97
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
90792953bb57a85dfaaa6f6f736b3a111d03288d5928f77a546264258d02a0f7
907bf3d289d6fd66e4a8a6db2a5525db13a9a0d2afd8f8c9509cad67afa93258
931d2a6a0b4b62f6c408c4d69166f12f9be5894f45fceb005402b86f9fa9cb26
93651ce10e5f07070ad1e0951655c9d6a6a67a1c0ef1837b047250eba0caa2ac
93b050f8e4409fa77e3fa92ef7d0286807f413033d2343837f2d984aedeed945
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
9b8ad27f1376c0ca1de3808d2569b6cb82eb407180e2dfe00af025437cfb83c1
9bc493724fbc4c37c524b9bb01e40df75b7250e7e61e2424823305e301ed9d6b
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
9c785b98650af3d7ea34fa239a4d873df9161f7dbba1c5fc3242c1a5acd72d93
9d033848687f1a92557e6bbecc498d8dc4a101a845b7a81cd229e731147062d3
9e31c0a95dbf796aa9c192f057f329e27788102a6a408120b3b9d7d416e64203
9e57842129693ef305179c4878b75f61addb7f5f38fdaec61bca28d7fa1a9057
9fb49348506571e1cae7fe87ee3d2ab4c79b64a042ca83250ba5049445a834fb
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a1da28e800518ff1302a3a67c4e4876910229c52554291a25b280dcd01d42ea6
a42e9a77a0916f9f3ec7d55244522228037732fb39ddf85c3caab7ff819a55d5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a57653de2a21c3adb1ed4e08683a0b3fa4505b634006dddfa11afe74182e36fc
a776afe2912e17ecbb37612670852711fbff04ac8d55b55e8c5da2b082f47b4f
a8c81ca946e75c7b205c96a00bb21e04f218ebb113d23ce4ee48b78f0af5316e
a904ca173f1009edb70523820e79724caa161f7c28dbaf01e6c2598007c68efc
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b00687b8ed69aac03a599a57e1790d4731b18794841e9c77aec9f4dbe8298073
b0df9c65c036f8e23b0e7997a449d11d16d51888359793fb92a1e057d51771c4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1732bdb70b78d23d2b8f569e11a0fa9cfbe8c97f83b4d14c6187f48a7bcfbbc
b2d32c014f7117b5a6ba0e7312792ce00b84e7e411d5d9a34dd637118892ee6f
b43b80adaf1881a16d8e6e70663206b8c92d43fa3d7fe068a2ad0eb54bca9377
b4b753abd6e69de9bda9e29d5230d879d6b3ecebdf46555257a996dc7375a968
b5e2562f7fde7fdc20e3ac0df2a98e349b8d30a25b912f736f6c33ac917f5fbe
b76031234284d19d4e4c7a06c89247ba303c523486ef11c27fb5b9c2cb6521bb
b7b1e75a898f2a070072d0da5c7fe4b1644708d81ffee669f95eb4a30c5b74db
b9b40905a40871115de92e84f05c60bb4577638e04f51b5936baa24b455bb348
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb88d1f0ed131b5a64918e6fdb3c8e7c19a5b1ad7fdff62e327089a1637da170
bc8192261e3ce9c755d462eeafcb3fcd580b04653d7a8e90dda80bd4b420c64f
bcf64ef50f854244e04daae45feaf6f7f55eca9d3621a24c6556a95fd97b0be6
be3e21b39b3e65e5936264bef79dfdc2a42b6f3f275dafd499eb9563c259c30c
bf066d97235c38dc05865ed159254001e20acbe7d32ea853c7bd729d64c355a8
bf1b43ec28f50b5d5d69c8597cfa5da8c4b17c01be103a285fbda151e89d1d78
c07d109d2618b2a12c1d5e2bace1a9d974b32bbd852a5f09fdf5f146a713ded4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3bad9ef6cf93b3409f6bb90caa3b83d9d3f0ec600bc1a2aa79c42c9c91bc2fd
c3d84f21de2a111415c067bf82fa1581ab5ce8add19cafdfb61716b43bff31a9
c6280aed9264c06690cec2074cc6a93d266df0fdedb57f358215ae5ad822f9f3
c6982f7c46f20c0ffc1974c08d6804c4425f93002f4aae3f5efc069dbbcbc688
c6be857b91742850113f3609e1c7b445f52b2eefad82f51a45eee5f29e159381
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c9629c75fa8ab11b8f00e827fe48a0c658be9ec01e94502a7d534ff0800f253a
cd174f1c6dd7184fbd801146d2b8d082905bcd936b48a6b82a3089e341092179
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf64ef0890a56de667d6c81bfc3a27037cc19498b43653224f23d5f2907b0cee
d1b892aa1194eb8b1b4b4736479e68786fc31b977ddb667d07a65b3a454fcc85
d2d8a41675755d939804e3e363decdb7277191065873eee7ffaae995d9bd0e96
d2fc222d34e4ae202731449153fef4abe95d98e56f2e24349fc47f07c9d16bf5
d4e7148c2d7dfb59365594882aabc9ea3addf36f07c7bf870f5e2552cb2f6118
d51636c0143c9eb6ab8657b2ba6f72c39f516ed39d6404559d889c4b10a3e54a
d76b19dc706f711c217695fa2867f69396ffb8950a6406cf4a98cdd722ed650c
d781df45e8625d9fc0492596f81808ce6099507fdc31de428c364e40d6799fc3
d78a56b4032d865ca4c9cb5422da6dac5d900d3283db93a4c9ac0f74de42d56a
d859dddfada24cde4882360e4d17c29fac1361c08ae9c283a6d0c45fcc57fca4
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
dd60a19c003cfd7697cf549e7defd622a78765daf0e10f5aec2c6e3f61a364d9
ddcfb3be6f435a2a7cd9b135f188470178599fcb9941e0ebfb320c7bef605841
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
df702d057a788c0510cc3c666d1a7d9e7cd40f4d10eec395f2bb5d8822fb4346
df77dfa7cc025d9c7b2f0409b18ca04f0078b42f1d6d3e9419cc44f2e602d3d9
df7d6f730a27d5c1aabd6f965fb3bfef8766a5c8d6dec46b88aa6c8b9633ea92
dfe964bd56c9b38868eb7572a38984a4e358d96bdab15a87b6be1bfe4f2a9d43
e0746d96fa606597d2e7152e2df6f261b4792fa59239a78bb15782779b66ebe9
e07cb29491f5b56a0d3700dd36d934fd4b304dde5f6df8020986500c0af0f72b
e0ce79bddd40e39c49bd609522f3788dac96be0b1a40279a6f573d0f6f53ed88
e16a89b0c6e8402b109c9c7a787a0fdac2c2f79e09ee0289f3a2e22d9e1661d6
e2f495d17d49dc491536a33fbb667060e573da39954a52eab110e43348e254e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42c3388877fffd8ed5ecb5a92eb2b2f7a374a89112f60cf306ddbbc7447a894
e4d021284a3c9a0aa722c49db61768a76df22a12772567e4debe0c2410a89fa9
e66e2b318be1a27f7a136aed9763d416514183defd9ed6f069a8c34d50f376a5
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1
eb2da47ba0d59b0d8510be33c0c858ed945dc71c395090b3b17fadf04b939ac7
eb53b746c82d2a140968a6b2e0ea19028a986124274a8ef3a47c21acc8981cae
ed2e886e3af8102449368cee1bb26958ba6cb461a8d4ca42526b46b88b00cfb7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ab144efb12def335355d06e7da59e797903ff70478f61102b4f7c41ca49f9b
f1c0a48213a858198b64d4b311df3225b8f8efbf46515b766e6ae70beceaf911
f29d514beb07890b19ecd5af3e56fb3aa36508047e83df5397cde2e6f6ead2fe
f596af7b59d0f66f61e6be62bead77952224b2f7fff2aa95c6a3dc5c1f24d9c1
f6a311b5407c3dfb9cbb55a9dcde5eaeb1f6cf4cbd6684c5b47b9c0d4624e69d
f71b6ce0b6102f787a664a0ee1cfb8818d0f350d557f9cea92c6c0a5d11f8e21
f8062f2ea860289b4b1100abdc76d0a5d5172d1f01139020eca486f6e6365e99
f80755760a7307e17dfdcc0e9dba7d81e92a5a72dc864dc9a512199c2c4050d5
f9d23d2e1b821d93a251568000e5ff4223d39fdd60bcb49fbdb86fa44110436e
fdb5175c24a9f831d4923349ce1251526635318423b9614fb8043feb328d99b0
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff95c101ee772d9d4f4303430be064f655d83009bc048fea8bcb89833db810fa
ffff0fc34709b98f45dabec8ba97979b20603c20722afb3714bd705498412943

shellshock.io Open in urlscan Pro 2606:4700:20::681a:894 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

307 Requests

93 %HTTPS

42 %IPv6

54 Domains

95 Subdomains

83 IPs

8 Countries

33095 kBTransfer

107123 kBSize

39 Cookies

18 Outgoing links

Page URL History

Redirected requests

307 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shellshock.io Open in urlscan Pro
2606:4700:20::681a:894 Public Scan

Screenshot
Live screenshot

Full Image

307
Requests

93 %
HTTPS

42 %
IPv6

54
Domains

95
Subdomains

83
IPs

8
Countries

33095 kB
Transfer

107123 kB
Size

39
Cookies

307 HTTP transactions
0 data transactions