urlscan.io logo urlscan.io
SecurityTrails logo

shellgam3.com Open in urlscan Pro
192.0.78.25  Public Scan

Go To Rescan Add Verdict Report
URL: https://shellgam3.com/
Submission: On October 08 via manual from GR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 7 countries across 25 domains to perform 226 HTTP transactions. The main IP is 192.0.78.25, located in San Francisco, United States and belongs to AUTOMATTIC - Automattic, Inc, US. The main domain is shellgam3.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 16th 2017. Valid for: 3 months.
This is the only time shellgam3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 192.0.78.25 2635 (AUTOMATTIC)
1 192.0.78.18 2635 (AUTOMATTIC)
14 192.0.77.32 2635 (AUTOMATTIC)
3 2a00:1450:400... 15169 (GOOGLE)
1 12 130.211.49.211 15169 (GOOGLE)
5 178.250.2.74 44788 (ASN-CRITE...)
61 192.0.72.22 2635 (AUTOMATTIC)
14 14 35.187.83.163 15169 (GOOGLE)
1 1 154.59.122.51 174 (COGENT-174)
6 192.0.73.2 2635 (AUTOMATTIC)
5 199.96.57.6 13414 (TWITTER)
1 151.101.112.129 54113 (FASTLY)
4 192.0.76.3 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 178.250.0.93 44788 (ASN-CRITE...)
2 35.190.40.172 15169 (GOOGLE)
2 54.76.253.20 16509 (AMAZON-02)
17 35.187.37.134 15169 (GOOGLE)
2 2 130.211.101.233 15169 (GOOGLE)
10 178.250.2.71 44788 (ASN-CRITE...)
2 2 136.243.15.176 24940 (HETZNER-AS)
1 2606:2800:234... 15133 (EDGECAST)
4 104.244.42.136 13414 (TWITTER)
6 6 35.189.237.203 15169 (GOOGLE)
2 2 148.251.237.106 24940 (HETZNER-AS)
2 2 35.190.74.53 15169 (GOOGLE)
8 178.250.2.66 44788 (ASN-CRITE...)
2 2 37.157.6.253 198622 (ADFORM)
1 1 35.187.60.88 15169 (GOOGLE)
2 2 146.148.8.25 15169 (GOOGLE)
1 1 193.0.160.207 54312 (ROCKETFUEL)
1 1 185.19.219.27 29066 (VELIANET-...)
2 34.251.210.91 16509 (AMAZON-02)
2 95.154.251.148 20860 (IOMART-AS)
2 95.154.251.126 20860 (IOMART-AS)
1 1 54.93.149.237 16509 (AMAZON-02)
28 2606:2800:134... 15133 (EDGECAST)
3 104.244.46.231 13414 (TWITTER)
3 95.154.251.147 20860 (IOMART-AS)
2 95.154.251.171 20860 (IOMART-AS)
1 95.154.251.156 20860 (IOMART-AS)
226 30
1    192.0.78.25 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
shellgam3.com
1    192.0.78.18 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
r-login.wordpress.com
14    192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com
s0.wp.com
s2.wp.com
s1.wp.com
3    2a00:1450:4001:81b::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.googleapis.com
12    130.211.49.211 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 211.49.211.130.bc.googleusercontent.com
s.pubmine.com
5    178.250.2.74 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: static.criteo.net
static.criteo.net
61    192.0.72.22 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
infosec584.files.wordpress.com
14    35.187.83.163 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 163.83.187.35.bc.googleusercontent.com
x.bidswitch.net
1    154.59.122.51 (United States)

ASN174 (COGENT-174 - Cogent Communications, US)
acuityplatform.com
6    192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
2.gravatar.com
1.gravatar.com
0.gravatar.com
5    199.96.57.6 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
platform.twitter.com
1    151.101.112.129 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
s.skimresources.com
4    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
stats.wp.com
pixel.wp.com
2    2a00:1450:4001:81e::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
ssl.google-analytics.com
4    2a00:1450:4001:81b::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.gstatic.com
1    178.250.0.93 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    35.190.40.172 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 172.40.190.35.bc.googleusercontent.com
r.skimresources.com
2    54.76.253.20 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-253-20.eu-west-1.compute.amazonaws.com
p.skimresources.com
17    35.187.37.134 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 134.37.187.35.bc.googleusercontent.com
s.pubmine.com
2    130.211.101.233 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 233.101.211.130.bc.googleusercontent.com
r.254a.com
10    178.250.2.71 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: cas.criteo.com
cas.criteo.com
2    136.243.15.176 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-exebid-lba-3.dca-ops.tech
sync-eu.exe.bid
1    2606:2800:234:1a46:1c04:1676:610:129d (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
cdn.syndication.twimg.com
4    104.244.42.136 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
syndication.twitter.com
6    35.189.237.203 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 203.237.189.35.bc.googleusercontent.com
x.bidswitch.net
2    148.251.237.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow
sync.upravel.com
2    35.190.74.53 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 53.74.190.35.bc.googleusercontent.com
pix.impdesk.com
8    178.250.2.66 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
2    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
1    35.187.60.88 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 88.60.187.35.bc.googleusercontent.com
x.bidswitch.net
2    146.148.8.25 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 25.8.148.146.bc.googleusercontent.com
a.volvelle.tech
1    193.0.160.207 (Netherlands)

ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US)
p.rfihub.com
1    185.19.219.27 (Germany)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
ws1.rqtrk.eu
2    34.251.210.91 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-251-210-91.eu-west-1.compute.amazonaws.com
t.skimresources.com
2    95.154.251.148 (United Kingdom)

ASN20860 (IOMART-AS, GB)
PTR: host95-154-251-148.swtch.io
delivery.g.switchadhub.com
images.g.switchadhub.com
2    95.154.251.126 (United Kingdom)

ASN20860 (IOMART-AS, GB)
PTR: host95-154-251-126.swtch.io
delivery.g.switchadhub.com
1    54.93.149.237 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-93-149-237.eu-central-1.compute.amazonaws.com
pm.w55c.net
28    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
abs.twimg.com
pbs.twimg.com
3    104.244.46.231 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
ton.twimg.com
3    95.154.251.147 (United Kingdom)

ASN20860 (IOMART-AS, GB)
PTR: host95-154-251-147.swtch.io
delivery.g.switchadhub.com
images.g.switchadhub.com
2    95.154.251.171 (United Kingdom)

ASN20860 (IOMART-AS, GB)
PTR: host95-154-251-171.swtch.io
delivery.g.switchadhub.com
1    95.154.251.156 (United Kingdom)

ASN20860 (IOMART-AS, GB)
PTR: host95-154-251-156.swtch.io
delivery.g.switchadhub.com
Domain Requested by
61 infosec584.files.wordpress.com shellgam3.com
29 s.pubmine.com 1 redirects shellgam3.com
s.pubmine.com
25 pbs.twimg.com shellgam3.com
21 x.bidswitch.net 21 redirects
10 cas.criteo.com static.criteo.net
8 delivery.g.switchadhub.com shellgam3.com
8 cat.nl.eu.criteo.com shellgam3.com
7 s1.wp.com shellgam3.com
5 platform.twitter.com shellgam3.com
s1.wp.com
platform.twitter.com
5 static.criteo.net shellgam3.com
4 syndication.twitter.com shellgam3.com
platform.twitter.com
4 fonts.gstatic.com shellgam3.com
4 s2.wp.com shellgam3.com
3 ton.twimg.com platform.twitter.com
shellgam3.com
3 abs.twimg.com shellgam3.com
3 pixel.wp.com shellgam3.com
3 0.gravatar.com shellgam3.com
s1.wp.com
3 fonts.googleapis.com shellgam3.com
3 s0.wp.com shellgam3.com
2 images.g.switchadhub.com shellgam3.com
2 t.skimresources.com s.skimresources.com
2 a.volvelle.tech 2 redirects
2 c1.adform.net shellgam3.com
2 pix.impdesk.com 2 redirects
2 sync.upravel.com 2 redirects
2 sync-eu.exe.bid 2 redirects
2 r.254a.com 2 redirects
2 p.skimresources.com shellgam3.com
2 r.skimresources.com s.skimresources.com
2 ssl.google-analytics.com shellgam3.com
2 1.gravatar.com shellgam3.com
1 pm.w55c.net 1 redirects
1 ws1.rqtrk.eu 1 redirects
1 p.rfihub.com 1 redirects
1 cdn.syndication.twimg.com platform.twitter.com
1 bidder.criteo.com static.criteo.net
1 stats.wp.com shellgam3.com
1 s.skimresources.com shellgam3.com
1 2.gravatar.com shellgam3.com
1 acuityplatform.com 1 redirects
1 r-login.wordpress.com shellgam3.com
1 shellgam3.com
0 delivery.swid.switchadhub.com Failed shellgam3.com
226 43
Subject Issuer Validity Valid
tls.automattic.com
Let's Encrypt Authority X3		 2017-08-16 -
2017-11-14		 3 months crt.sh
*.wordpress.com
Go Daddy Secure Certificate Authority - G2		 2015-09-06 -
2018-10-14		 3 years crt.sh
*.wp.com
Go Daddy Secure Certificate Authority - G2		 2015-04-22 -
2018-05-11		 3 years crt.sh
*.googleapis.com
Google Internet Authority G2		 2017-09-26 -
2017-12-19		 3 months crt.sh
*.pubmine.com
Go Daddy Secure Certificate Authority - G2		 2014-12-08 -
2017-12-08		 3 years crt.sh
*.criteo.net
Symantec Class 3 Secure Server CA - G4		 2017-01-10 -
2018-04-11		 a year crt.sh
*.files.wordpress.com
Go Daddy Secure Certificate Authority - G2		 2016-01-16 -
2019-02-23		 3 years crt.sh
*.gravatar.com
Go Daddy Secure Certificate Authority - G2		 2015-09-05 -
2018-10-14		 3 years crt.sh
platform.twitter.com
DigiCert SHA2 High Assurance Server CA		 2017-04-04 -
2018-05-25		 a year crt.sh
a.ssl.fastly.net
DigiCert SHA2 High Assurance Server CA		 2014-12-08 -
2018-02-06		 3 years crt.sh
*.google-analytics.com
Google Internet Authority G2		 2017-09-26 -
2017-12-19		 3 months crt.sh
*.google.com
Google Internet Authority G2		 2017-09-26 -
2017-12-19		 3 months crt.sh
*.criteo.com
Symantec Class 3 Secure Server CA - G4		 2015-10-13 -
2018-01-26		 2 years crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2015-09-15 -
2018-09-19		 3 years crt.sh
*.twvid.com
DigiCert SHA2 High Assurance Server CA		 2016-08-04 -
2019-10-02		 3 years crt.sh
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA		 2015-07-30 -
2018-08-03		 3 years crt.sh
*.nl.eu.criteo.com
Symantec Class 3 Secure Server CA - G4		 2016-09-23 -
2017-12-23		 a year crt.sh
*.g.switchadhub.com
Gandi Standard SSL CA 2		 2016-10-24 -
2017-10-26		 a year crt.sh
*.twimg.com
DigiCert SHA2 Secure Server CA		 2016-11-28 -
2017-12-06		 a year crt.sh

This page contains 35 frames:

Primary Page: https://shellgam3.com/
Frame ID: 5174.1
Requests: 133 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/twitter_cookies.html?namespace=twttr%3Acookies&origin=https%3A%2F%2Fshellgam3.com
Frame ID: 5174.2
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/twitter_cookies.html?namespace=twttr%3Acookies&origin=https%3A%2F%2Fshellgam3.com
Frame ID: 5174.3
Requests: 1 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 5174.4
Requests: 14 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 5174.5
Requests: 14 HTTP requests in this frame

Frame: https://s.pubmine.com/passback.html
Frame ID: 5174.8
Requests: 1 HTTP requests in this frame

Frame: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=QZJk83x2WTlxbnVzSGpJMFhiSXd0L2RnbXFodldld1VHSXFCU3FpQnk5YnpYRmFlYStZTThDaTBKSjV2WTZkcFBSRDFLK2pHT2k1bmFoa2RjY3VjbDMvWExpdzVKQSthNFZtZ0U0OWQrWGF5YWVYL0xRQVpUZWVVOXRhdjVKVnh2bFFwMmNEbTBPVWd0Tmp2T0Z3RVJlSGNNNVN4UFY2QWpVK3lTajVOWEFtZlN5N0o0d09tMVE0NnlJVVRlQnVnNmN5dEhWVUpuYlJkYTlPeHRLSEpsSHlKUlMwYzQ1NDIrYk03MTFRYmF4aTMzdUhuQko1TVA5dmtrZDlVL3c3RnRTWE5kfA%3D%3D
Frame ID: 5174.7
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/passback.html
Frame ID: 5174.10
Requests: 1 HTTP requests in this frame

Frame: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=po0bVnx2WTlxbnVzSGpJMFhiSXd0L2RnbXFodldld1VHSXFCU3FpQnk5YnpYRmFkbnFwNmorV0dEaHM2ZXltSlorUFljcUlkMks2RTBFWFZ1UXR4NjBtLzkycnlySE04NkwrcG9YYmxKVXozQUhPRC9QMzROUDdmQjRmSHZZYzlIenFxZEc0NnU1NmZNTTdEd3lxVWpSanFRS2kvQTlab2VBdlRCVWVrT1hKZnZIR1lmT3BDeE5PZHpmR1dWdkxRMFFVMzkxNXBybWlLVEtDRDJXYmVRZXN6YTVTMFg3L1UvM24veEoxcHMvNFk2R1N3bFhtdzJKVmJCWFNNdEptaHYzU1FpfA%3D%3D
Frame ID: 5174.9
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/passback.html
Frame ID: 5174.12
Requests: 1 HTTP requests in this frame

Frame: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=b3MD8XxQMjZXTlUyMnVZaklQVGF1b3ArOVVnczBPNFcySS9YZnRKNHVzWHRUaGxuMlBuNVNFbEw2d3dEZ2d6aDZOSkh5a0hScU1pS0lzelk1Vkc5OTNleWVDaHk0T2dWbjg2YzBNQ1ZOR3A5R2hZZUxNOUtQZG9ZMzZLazFaMU03ZXpnWkhLdEVGKzRoUUNERCszU3lWNGg2Si9ITi96NEN2QTJMcTRQZEJTOVdFN3RJSUcxRUUwU2g0eG1jZERvM0VrYTY3eWxJdVFsdFpQZkxTZ28xeDc5NGtxZDZaVDV4ZVJoZzFMQUg1cVFacDU3WStqV0dJV1ZPVmY0RmJxOEsvalFOfA%3D%3D
Frame ID: 5174.11
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/passback.html
Frame ID: 5174.14
Requests: 1 HTTP requests in this frame

Frame: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=HNTonXxQMjZXTlUyMnVZaklQVGF1b3ArOVVnczBPNFcySS9YZnRKNHVzWHRUaGxrRW5Zay9ud0VhOWVwZ0EvUFBCeHBtNWtTRjdiUDg0SDVFZVlaZ0lrVmNwSlBQRXc3aWNNNW90QlNGZVovUU1vUW45c2VpNUZYVSt4VlZBWGhpTW1vQU1MVk9oRWJ6ZXo2anpGb2FiajlBU291R2JJeFdrTEw3K2MzQWg4eGVCQlo3bUM1NUsrNTJCUG9odlIzaVowRkptUHVLcTJwd0xVd01SMEZYdXpzUy9VdmwxVXVZeEd2K3Z5RFBBcm9ZUC9HdVVVMzErTXFLT25FL29ISWdZYlozfA%3D%3D
Frame ID: 5174.13
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/passback.html
Frame ID: 5174.16
Requests: 1 HTTP requests in this frame

Frame: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=zhe49Xw1YVlZcGx6bS9hOUgrZmk1bFZEak82a1JPWWJlOUwrODZrUFZjM2V0enVOUXpRaWhnMnlDbnhKa1o0QTR4WFBmM1lwVWVrdk11d1NNb3JhR2VSdnlSbGcwV1BkT1A1TCtnWmFnMDJzMlpYdUpCUlNZMG1QNHIwd0dhK2ZqVU5OdkVrTWMvb1ZodldqVFh2S0t6ZkNObTZiVHd2elY3UnJTN2c0Q25sTS9vUUJNN3Z3VGdVQTFGLzEvZXVZZDlkKzlQaUVSZjlhVW93OE1oMWxvZUF6c3RBeGRKL3BZQndLU202ZW9HOWlMQVJpTDRUV05rM3B3WDRIcDczOW1pSThzfA%3D%3D
Frame ID: 5174.15
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/passback.html
Frame ID: 5174.18
Requests: 1 HTTP requests in this frame

Frame: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=LJMhn3w1YVlZcGx6bS9hOUgrZmk1bFZEak82a1JPWWJlOUwrODZrUFZjM2V0enVQTGFhbDRoUFN5LytpQXZ4eGpnS2d5SmZYZysxTHBuTFlCQmkzaU9YRmZkWWlYT3NyK2dvd1NwTjdiSktxbDdjdHNGQml0cW5EVy9sWkkyTzUrT2s2NHBFdzVuSUpHc2paUDI3aVMrRnRUOTlYVFJIYnNoZnpJMTdsWkhqWVAveVdXRXN5UldEQzErZ3ViTFhCM2xZc3FFb29pdy9hZGk3N0doMS8vTHFSa2o2VE11c0JSWEV3WTJYUnZoOGw5Y0JqRmJqRVRZaW1HMGs2WFlBbGFVcDNwfA%3D%3D
Frame ID: 5174.17
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/passback.html
Frame ID: 5174.20
Requests: 1 HTTP requests in this frame

Frame: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=0KBylXxSemNMalRmeTNyWm41R2pHU0JUamoydWIvUUhrRnkzMFRseHNDSHcxUzZwMnRvN0xzOEJmK2kwTGU5aW9YRG8zeDFjUnFrYlMyWlhMSm9WcGkwUkhVSXZGOWpnSlZQWnB0WTc4SUFYK1NjVFdVbzV3Y0RKMGJ3ZWVYTUJBZXZ2UXMydUhVUENVQ2lLaEM4SEErcXhXZnpEV1lnRkIzSGtJYlE4cFFPb1o5RXVQNmdYVUIzMUM1NW53emdZazF4azA5VCtxN2o1RnE0cEFNWGVZZ1oyV25VT3o0cTdhYnhIRVZIZHQ4ZHJFbzBXcXdpZjJmSDA1azYvb2lxb1VvUkxZfA%3D%3D
Frame ID: 5174.19
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/passback.html
Frame ID: 5174.22
Requests: 1 HTTP requests in this frame

Frame: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=g%2B9uBnxSemNMalRmeTNyWm41R2pHU0JUamoydWIvUUhrRnkzMFRseHNDSHcxUzZyQ3ltcUxxT2w5dW1HUmoybG5FWGlmd1MvSVg5elhYNXZ0dEMwR1JKRU9ZN3V0Tllyc3VpeE1MaHNHL2tYckxqS1FrcXFHMHdRbjNMN1V1VllmMS9KYll0SzRrOEtQYnZPemRkdjBXUi9qbUFOVTBrS1haOUFuNjl1TWI1WGNlODN4Y1EzU0RPZmcyUjhWNmJyM1ZKbjloS2V3SDArUFhDY21rY0t1anRReHA3T1JXeVhucjZMWGoybit3ZVJUdnkrVzJ1T2JER01mamhQRUVRVitiSjAyfA%3D%3D
Frame ID: 5174.21
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/passback.html
Frame ID: 5174.24
Requests: 1 HTTP requests in this frame

Frame: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=toxn9nx2cWp3WG8rS2ZYazhzM0xrZUVYR2dJNXJ1ZGxhRnNuU2RMeVJlYVFtd2diNDA5c1BScEkvMitNb2dzaWNDRVZSbDBMSTRvT2poeTRZRHpWbCs1Vm8wUEY4dTBqeFNNSU1FdEZib215cDFPNDlEZGVkcEhCbHgvcDhXU1lqdDBGY2MrZjZlZ1lvN2xLYmFlUkhGK1dELzUwem1VVDhEUHUzUGtPSG5jbGhuVnk3OTlHek95QVNjYWhlMkZ5c2lRaUxyNlNCOUpHYjRKSkptaVFic1Z4TkQ3cGVFdGYwMGxtdXkvT0xIb3ArNndXZldabm5jODVsSEZxenlndXFwOG1ifA%3D%3D
Frame ID: 5174.23
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/passback.html
Frame ID: 5174.26
Requests: 1 HTTP requests in this frame

Frame: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=dxBDznx2cWp3WG8rS2ZYazhzM0xrZUVYR2dJNXJ1ZGxhRnNuU2RMeVJlYVFtd2daT1lFcWY1Nk44Q1FWOEF1VytqMlI2eTRzdjdGSmdtV3QyY2F2UUI3S1MrdU5FL0N5c0Jwc011MlRMR2FjSWF0UzEyZUZBZm13RnhpRkY2L3Z6bUJvbGdvYk5QTG5oWERCQkVNMExKUTM4clc0bllXNDgrZGZJVVFIeUVRTGZXVXNwcDJOSG0wT2JWZzdMSzJCQld2ODJTSnNpVm8xN05yeWtPeVJxdC83cmJPKzU3UmxuVTVMSlJGMWNNN3IwVmV3MmxwZ0tmVW1uZVljeUhYQlBRaE1SfA%3D%3D
Frame ID: 5174.25
Requests: 1 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f643.png
Frame ID: 5174.6
Requests: 37 HTTP requests in this frame

Frame: https://delivery.g.switchadhub.com/adserver/meta_web.php?zone_id=984&instance_id=0
Frame ID: 5174.33
Requests: 1 HTTP requests in this frame

Frame: https://delivery.g.switchadhub.com/adserver/meta_web.php?zone_id=984&instance_id=0
Frame ID: 5174.35
Requests: 1 HTTP requests in this frame

Frame: https://delivery.g.switchadhub.com/adserver/sat.js
Frame ID: 5174.39
Requests: 3 HTTP requests in this frame

Frame: https://delivery.g.switchadhub.com/adserver/sat.js
Frame ID: 5174.40
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 5174.41
Requests: 1 HTTP requests in this frame

Frame: https://images.g.switchadhub.com/adserver/www/images/wp300.jpg
Frame ID: 5174.42
Requests: 1 HTTP requests in this frame

Frame: https://delivery.swid.switchadhub.com/adserver/user_sync.php?do[sync]=1
Frame ID: 5174.43
Requests: 1 HTTP requests in this frame

Frame: https://images.g.switchadhub.com/adserver/www/images/wp300.jpg
Frame ID: 5174.44
Requests: 1 HTTP requests in this frame

Frame: https://delivery.swid.switchadhub.com/adserver/user_sync.php?do[sync]=1
Frame ID: 5174.45
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

226
Requests

91 %
HTTPS

12 %
IPv6

25
Domains

43
Subdomains

30
IPs

7
Countries

5765 kB
Transfer

7546 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://s.pubmine.com/push_sync?bidder_id=1 HTTP 302
  • https://x.bidswitch.net/sync?ssp=wordpress HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=wordpress HTTP 302
  • https://acuityplatform.com/Adserver/bswds?bsw_uid=${UID}&bidswitch_ssp_id=wordpress HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=299487647971&expires=30&user_group=1&ssp=wordpress HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Request Chain 117
  • https://x.bidswitch.net/sync?ssp=wordpress HTTP 302
  • https://r.254a.com/bsw_match?bidswitch_ssp_id=wordpress HTTP 302
  • https://r.254a.com/ul_cb/bsw_match?bidswitch_ssp_id=wordpress HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=6&user_id=636695d3-fc49-4cd1-8ab2-12335230f5a9&user_group=1&ssp=wordpress HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Request Chain 122
  • https://x.bidswitch.net/sync?ssp=wordpress HTTP 302
  • https://sync-eu.exe.bid/bidswitch/sync?sub1=wordpress HTTP 302
  • https://sync-eu.exe.bid/bidswitch/sync?sub1=wordpress&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9zaGVsbGdhbTMuY29tLyJdfX0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=140&user_id=24175d92-09cd-416f-8047-c8b3d1fa9bb8&expires=14&ssp=wordpress HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Request Chain 131
  • https://x.bidswitch.net/sync?ssp=wordpress HTTP 302
  • https://sync.upravel.com/bidswitch/sync?sub1=wordpress HTTP 302
  • https://sync.upravel.com/bidswitch/sync?sub1=wordpress&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9zaGVsbGdhbTMuY29tLyJdfX0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=310&user_id=13a212f5-c47a-496d-ac05-e0bc26759083&expires=30&ssp=wordpress HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Request Chain 134
  • https://x.bidswitch.net/sync?ssp=wordpress HTTP 302
  • https://pix.impdesk.com/csync/bidswitch?bidswitch_ssp_id=wordpress HTTP 302
  • https://pix.impdesk.com/csync/bidswitch?_cc=1&bidswitch_ssp_id=wordpress HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=25&expires=30&user_id=59da2c3721821b000fa28903&ssp=wordpress HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Request Chain 141
  • https://x.bidswitch.net/sync?ssp=wordpress HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=wordpress
Request Chain 144
  • https://x.bidswitch.net/sync?ssp=wordpress HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=wordpress HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=wordpress HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7911423862854385862&ssp=wordpress HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Request Chain 153
  • https://x.bidswitch.net/sync?ssp=wordpress HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=wordpress HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=wordpress HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=1c5f968f-c4fc-4b78-a977-abfb3600acd3&ssp=wordpress HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Request Chain 160
  • https://x.bidswitch.net/sync?ssp=wordpress HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=wordpress HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=639863001597420005&expires=30&ssp=wordpress HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Request Chain 163
  • https://x.bidswitch.net/sync?ssp=wordpress HTTP 302
  • https://ws1.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=wordpress&g=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=wordpress HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Request Chain 175
  • https://x.bidswitch.net/sync?ssp=wordpress HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dwordpress HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=ralxRZsu1E1bUz5&expires=30&ssp=wordpress HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Request Chain 222
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html

226 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shellgam3.com/ 		185 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.78.25 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e00a667fe4cad234d71296391e0d215e3e7dce81c2ba22b06e3b4eddc3e275bf
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

:path
/
pragma
no-cache
accept-encoding
gzip, deflate
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control
no-cache
:authority
shellgam3.com
:scheme
https
:method
GET
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
last-modified
Sun, 08 Oct 2017 13:46:29 GMT
server
nginx
vary
Accept-Encoding Cookie
strict-transport-security
max-age=86400
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=300, must-revalidate
x-nananana
Batcache
x-ac
3.fra _dfw
link
<http://wp.me/7eoET>; rel=shortlink
remote-login.php
r-login.wordpress.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://r-login.wordpress.com/remote-login.php?action=js&host=shellgam3.com&id=106865735&t=1507470389&back=https%3A%2F%2Fshellgam3.com%2F
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.78.18 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/remote-login.php?action=js&host=shellgam3.com&id=106865735&t=1507470389&back=https%3A%2F%2Fshellgam3.com%2F
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
r-login.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

status
200
date
Sun, 08 Oct 2017 13:46:30 GMT
server
nginx
content-length
0
vary
Cookie
content-type
text/javascript
/
s0.wp.com/_static/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/_static/??-eJyNkNEOgjAMRX/IuaAE9cH4LduoUFi3hQ4Jf+/AqImaxZembc7tbSunIIx3EVyUNIpgxwYdyykYT4IJLcwf1dYwb+RvmcUeWHYQgzK9WKsvXFvfvH38UKuaZWO9VvY/Fmp04rbL7YHuig7j/EpysPEDpD4FFReC0nwFFihhORmF6qla0jZdnP3N44lahwGYRYqEI4nYJqNVd6FzUR4P+6ooT2V3B5eNmKA=
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
68077704463d37059a0002a569d4d887b4906a12bd5d6ea91ba81ca8bf73f3f4

Request headers

:path
/_static/??-eJyNkNEOgjAMRX/IuaAE9cH4LduoUFi3hQ4Jf+/AqImaxZembc7tbSunIIx3EVyUNIpgxwYdyykYT4IJLcwf1dYwb+RvmcUeWHYQgzK9WKsvXFvfvH38UKuaZWO9VvY/Fmp04rbL7YHuig7j/EpysPEDpD4FFReC0nwFFihhORmF6qla0jZdnP3N44lahwGYRYqEI4nYJqNVd6FzUR4P+6ooT2V3B5eNmKA=
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
s0.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
last-modified
Fri, 17 Feb 2017 19:58:21 GMT
server
nginx
etag
W/"58a755dd-30ac"
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Fri, 22 Jun 2018 02:47:00 GMT
css
fonts.googleapis.com/ 		978 B
379 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
ESF /
Resource Hash
9fa2b914492a2605d74904be1ff2b7325276f59fe28519e06d05f3845e1c9ff0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=PT+Sans%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
x-xss-protection
1; mode=block
expires
Sun, 08 Oct 2017 13:46:30 GMT
css
fonts.googleapis.com/ 		1015 B
407 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
ESF /
Resource Hash
edcddb9f0b4dfadef5e0af2e9c719fe0006bfbbd17e081e6a6b61a4f67f6637a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=PT+Serif%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
x-xss-protection
1; mode=block
expires
Sun, 08 Oct 2017 13:46:30 GMT
css
fonts.googleapis.com/ 		223 B
213 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Mono&subset=latin%2Clatin-ext
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
ESF /
Resource Hash
0d9dc6fba71965d00ad1b27795c1ffbb8d97ff88f20d6758f4b05f77b602de15
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=PT+Mono&subset=latin%2Clatin-ext
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
x-xss-protection
1; mode=block
expires
Sun, 08 Oct 2017 13:46:30 GMT
/
s2.wp.com/_static/ 		162 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s2.wp.com/_static/??-eJyVkN0KwjAMhV/IGn/xSnyWrstqpG3KmjF8e6NjOBUnQi/OSb/THAp9No6TYBKQM0YskLsKsKYEjc4fSoGlK2UBEzh2JofOUyrgMWFLevFFfmTfFxW5BvxJaY+BNH12HOca9VR7lAKFHdlghkJT80c46nI7PvEsSpBYhuko5v+ITWBnhTi9GNMES+1ctMUqsFfpQamJvYdO8bjerw5bPbvN5QY2wa05
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2cc36325d084916070e1ccd243aa555bf19f82b72057d0a4a0e56f78eef9c396

Request headers

:path
/_static/??-eJyVkN0KwjAMhV/IGn/xSnyWrstqpG3KmjF8e6NjOBUnQi/OSb/THAp9No6TYBKQM0YskLsKsKYEjc4fSoGlK2UBEzh2JofOUyrgMWFLevFFfmTfFxW5BvxJaY+BNH12HOca9VR7lAKFHdlghkJT80c46nI7PvEsSpBYhuko5v+ITWBnhTi9GNMES+1ctMUqsFfpQamJvYdO8bjerw5bPbvN5QY2wa05
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
s2.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
last-modified
Fri, 06 Oct 2017 16:29:05 GMT
server
nginx
etag
W/"59d7af51-28798"
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Sat, 06 Oct 2018 16:30:54 GMT
/
s2.wp.com/_static/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s2.wp.com/_static/??/wp-content/mu-plugins/actionbar/actionbar.css,/wp-content/themes/h4/global.css?m=1490786585j
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
353ecc807854a9e20508bc6da4c3e21bf818e8f8349325f9dc674e35ab1f08fc

Request headers

:path
/_static/??/wp-content/mu-plugins/actionbar/actionbar.css,/wp-content/themes/h4/global.css?m=1490786585j
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
s2.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
last-modified
Wed, 29 Mar 2017 11:23:13 GMT
server
nginx
etag
W/"58db9921-384a"
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Fri, 22 Jun 2018 02:18:14 GMT
/
s1.wp.com/_static/ 		168 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.wp.com/_static/??-eJyF0G0KwjAMBuAL2dXJxP0Rz1Lr60hdP2zaDT29FSYiVIVAIHkISeQcBDk95hNYmhLXjHhbUmN4JX8BYWmIKqGx5F5Ye5fg0tNaf6QRIjOiGkqtDDr7iguekwVzQZXu50rkJsL8lxmkoPRFRDDdUTuEw3vn7x9Y1MHu267fbfp2263NA675cvs=
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
8ef56295398484453fb3394b4043049dd2276352d45f4c582fce21b675cb3ee2

Request headers

:path
/_static/??-eJyF0G0KwjAMBuAL2dXJxP0Rz1Lr60hdP2zaDT29FSYiVIVAIHkISeQcBDk95hNYmhLXjHhbUmN4JX8BYWmIKqGx5F5Ye5fg0tNaf6QRIjOiGkqtDDr7iguekwVzQZXu50rkJsL8lxmkoPRFRDDdUTuEw3vn7x9Y1MHu267fbfp2263NA675cvs=
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
s1.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
last-modified
Thu, 16 Feb 2017 21:47:58 GMT
server
nginx
etag
W/"58a61e0e-2a1f4"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Fri, 22 Jun 2018 02:18:14 GMT
style.css
s1.wp.com/wp-content/mu-plugins/highlander-comments/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1377793621h
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ebb712ab09629f6c76116536d644bebeadc843199e9763b0bdf25dafd8382e7d

Request headers

:path
/wp-content/mu-plugins/highlander-comments/style.css?m=1377793621h
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
s1.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
server
nginx
etag
W/"57391252-637d"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Fri, 22 Jun 2018 02:18:14 GMT
Cookie set head.js
s.pubmine.com/ 		153 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pubmine.com/head.js
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.49.211 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
211.49.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
f19051df26a0d10922eb00de7856bc219f1430157c620b9b10fa93082e3e0e3e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2017 14:24:24 GMT
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
max-age=3600
Set-Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; path=/; expires=Tue, 08-Oct-2019 13:46:30 GMT tuuid_last_update=1507470390; path=/; expires=Tue, 08-Oct-2019 13:46:30 GMT
Content-Type
application/javascript
publishertag.js
static.criteo.net/js/ld/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.74 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
static.criteo.net
Software
nginx /
Resource Hash
f54d8981534c25d7d2abe7180267560de52b05985fa0ba027f550161dc59dd51

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.criteo.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Sep 2007 08:50:25 GMT
Server
nginx
ETag
W/"59d37d13-ed54"
Transfer-Encoding
chunked
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400 public
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Mon, 09 Oct 2017 13:46:30 GMT
cropped-black-background-code-hacking-javascript-multicolor-2543834-1358x826-cropped.jpg
infosec584.files.wordpress.com/2016/07/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2016/07/cropped-black-background-code-hacking-javascript-multicolor-2543834-1358x826-cropped.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
13c54e14dd6484efa5183c3463361ea4ad50fb0830b2a2a927ffc309de026aa9

Request headers

:path
/2016/07/cropped-black-background-code-hacking-javascript-multicolor-2543834-1358x826-cropped.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Sun, 17 Jul 2016 23:17:56 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
88961
expires
Mon, 30 Oct 2017 09:44:40 GMT
intelamtvulnerability_1218704.jpg
infosec584.files.wordpress.com/2017/06/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/06/intelamtvulnerability_1218704.jpg?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
b385db8c3e8a12dcb58e1ac24dde8882b207e634414ef3a22be6618a6261c090

Request headers

:path
/2017/06/intelamtvulnerability_1218704.jpg?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
MISS fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Fri, 02 Jun 2017 15:19:14 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
21438
expires
Thu, 09 Nov 2017 07:27:29 GMT
capture1.png
infosec584.files.wordpress.com/2017/06/ 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/06/capture1.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
119eb5c4019d59b18651cb7ec1d25a35433f24c6757a445b88571f045baf4006

Request headers

:path
/2017/06/capture1.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Fri, 02 Jun 2017 15:01:58 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
175806
expires
Sun, 29 Oct 2017 14:55:28 GMT
capture-2.png
infosec584.files.wordpress.com/2017/06/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/06/capture-2.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
87e71766cdef61d871279128579f493c29d289f2b676068721eea34c8485b245

Request headers

:path
/2017/06/capture-2.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Fri, 02 Jun 2017 15:01:49 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
42016
expires
Wed, 01 Nov 2017 04:25:23 GMT
capture3.png
infosec584.files.wordpress.com/2017/06/ 		209 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/06/capture3.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e21a78c956d1e720fa05c198498f217dbb98fe15394f182e1008a13c0cc6fd4f

Request headers

:path
/2017/06/capture3.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Fri, 02 Jun 2017 15:02:02 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
214486
expires
Thu, 02 Nov 2017 20:31:57 GMT
capture-4.png
infosec584.files.wordpress.com/2017/06/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/06/capture-4.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
a4f5131506a633f7cdbd925cdc1c71c9a4a2f06531330566454773273c341d4a

Request headers

:path
/2017/06/capture-4.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Fri, 02 Jun 2017 15:01:51 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
43052
expires
Sat, 04 Nov 2017 04:06:43 GMT
capture-5.png
infosec584.files.wordpress.com/2017/06/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/06/capture-5.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
389dff87b22a9477895b49b48f56b25cd8b2e23703c8bb391487598d0928adcd

Request headers

:path
/2017/06/capture-5.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Fri, 02 Jun 2017 15:01:53 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
44807
expires
Thu, 26 Oct 2017 02:08:55 GMT
capture-6.png
infosec584.files.wordpress.com/2017/06/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/06/capture-6.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
7096f0e356b32f20ab2c7bf3aec0624733c9e4e77327b6cf69a1b04a6719d7ed

Request headers

:path
/2017/06/capture-6.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Fri, 02 Jun 2017 15:01:54 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
21233
expires
Mon, 13 Nov 2017 15:01:31 GMT
capture-7.png
infosec584.files.wordpress.com/2017/06/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/06/capture-7.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
6dfee18f331f7b0458db50064d57b24bfc694537bd83ae693f547e7308319cce

Request headers

:path
/2017/06/capture-7.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Fri, 02 Jun 2017 15:01:56 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
70329
expires
Sat, 04 Nov 2017 05:00:09 GMT
sql-server.png
infosec584.files.wordpress.com/2017/05/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/05/sql-server.png
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
b88ef88888a5e304169761f29af2892cf170297e48a2745c407330575162df57

Request headers

:path
/2017/05/sql-server.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Sat, 13 May 2017 20:42:26 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/png
status
200
accept-ranges
bytes
content-length
38802
expires
Fri, 10 Nov 2017 13:47:17 GMT
capture1.png
infosec584.files.wordpress.com/2017/05/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/05/capture1.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
5d2d710d1778a38f7dd6bfa27b253f32b80377605a942d406e52d6a0cae3df54

Request headers

:path
/2017/05/capture1.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Sat, 13 May 2017 19:24:25 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
169940
expires
Sat, 04 Nov 2017 13:06:52 GMT
capture2.png
infosec584.files.wordpress.com/2017/05/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/05/capture2.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
ed75b506b1bd69ad2b489104965a911ecbbdd30fcfaa35d05963cbad58a6fd66

Request headers

:path
/2017/05/capture2.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Sat, 13 May 2017 19:28:35 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
17298
expires
Sat, 28 Oct 2017 19:17:32 GMT
capture3.png
infosec584.files.wordpress.com/2017/05/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/05/capture3.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
3ae4faa1046b62a5301b59ede742fabeba4a1b825fdb5a4d3ac1280796b8161e

Request headers

:path
/2017/05/capture3.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Sat, 13 May 2017 19:34:21 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
159402
expires
Thu, 09 Nov 2017 15:36:29 GMT
capture4.png
infosec584.files.wordpress.com/2017/05/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/05/capture4.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
0fe6f79ac2f97a652ba67581894ea266f73be0153ae316b37dc0e10d49da57ed

Request headers

:path
/2017/05/capture4.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Sat, 13 May 2017 19:37:57 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
52722
expires
Wed, 08 Nov 2017 00:52:23 GMT
capture-7.png
infosec584.files.wordpress.com/2017/05/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/05/capture-7.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
b054bf1eb2dfd78fef6679ceedc86af28a81d0f8d0b74030af4e375ff16f3dc2

Request headers

:path
/2017/05/capture-7.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Sat, 13 May 2017 20:00:42 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
23130
expires
Thu, 02 Nov 2017 06:58:56 GMT
capture61.png
infosec584.files.wordpress.com/2017/05/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/05/capture61.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
15f67c17db3d5616cfa54580753390874c778e3733cee46cf0e3d0bea2b31c06

Request headers

:path
/2017/05/capture61.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Sat, 13 May 2017 20:05:17 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
44663
expires
Tue, 14 Nov 2017 09:40:07 GMT
capture-8.png
infosec584.files.wordpress.com/2017/05/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/05/capture-8.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
903b7e2441eaa650a66704d3c7dadaeffa3b2483de92888350440d4566d64a3f

Request headers

:path
/2017/05/capture-8.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Sat, 13 May 2017 20:10:30 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
42525
expires
Thu, 09 Nov 2017 18:31:12 GMT
skull.jpg
infosec584.files.wordpress.com/2017/04/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/04/skull.jpg?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
092b611e223ebc84e87bf5421811fcd15624e22b1c0e811f906593b7f76a5ee7

Request headers

:path
/2017/04/skull.jpg?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
MISS fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 25 Apr 2017 19:34:35 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
27010
expires
Tue, 14 Nov 2017 16:50:41 GMT
wp-emoji-release.min.js
s0.wp.com/wp-includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1505864856h&ver=4.8.2
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
dba6b80aceb1267fd1ed564e08a983730d272813e9b3aff85dc365c65333dd66

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?m=1505864856h&ver=4.8.2
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
s0.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
server
nginx
etag
W/"59c1acfd-2e8b"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Wed, 19 Sep 2018 23:49:21 GMT
global-print.css
s0.wp.com/wp-content/mu-plugins/global-print/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/mu-plugins/global-print/global-print.css?m=1465851035h
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
7d08e9159f7d2bf0835085cbd1ffb0252b0e11de45ed07db4447f8e63f181dbf

Request headers

:path
/wp-content/mu-plugins/global-print/global-print.css?m=1465851035h
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
s0.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
server
nginx
etag
W/"575f1ca1-1f6c"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Fri, 22 Jun 2018 02:18:14 GMT
hbconf
s.pubmine.com/ 		78 B
102 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pubmine.com/hbconf?v=1.16.2&callbackPubmine=_callbacks____0j8isy5kb
Requested by
Host: s.pubmine.com
URL: https://s.pubmine.com/head.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.49.211 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
211.49.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
6344c75287c213a718b34deeb0c4c2207402ae262c6d39c18ad0f057c40f8de5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:30 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set match
s.pubmine.com/
Redirect Chain
  • https://s.pubmine.com/push_sync?bidder_id=1
  • https://x.bidswitch.net/sync?ssp=wordpress
  • https://x.bidswitch.net/ul_cb/sync?ssp=wordpress
  • https://acuityplatform.com/Adserver/bswds?bsw_uid=${UID}&bidswitch_ssp_id=wordpress
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=299487647971&expires=30&user_group=1&ssp=wordpress
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.49.211 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
211.49.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; lcai9h=!43,1,1507470390; lcri5m=!163,1,1507470390; ar1d=!0,1,1507470390; us=!14,308249191
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
veil1.png
infosec584.files.wordpress.com/2017/04/ 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/04/veil1.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
cd70441bcc2ef1e9d9c86d6cc51be1c51fafc7579e3df3f720faea0b4413c7b3

Request headers

:path
/2017/04/veil1.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 25 Apr 2017 18:34:09 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
141225
expires
Mon, 30 Oct 2017 09:55:01 GMT
veil2.png
infosec584.files.wordpress.com/2017/04/ 		163 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/04/veil2.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
de713eddc0f51a6247749174c3fd94e53fc1cedf9e723ea22c2b3cdb4e30ef70

Request headers

:path
/2017/04/veil2.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 25 Apr 2017 18:34:12 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
167078
expires
Sat, 04 Nov 2017 03:12:14 GMT
veil3.png
infosec584.files.wordpress.com/2017/04/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/04/veil3.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
2bce8afbf93b9ccc43079d60f3c7a93935506b359ebd094f24487f2f8e055ff3

Request headers

:path
/2017/04/veil3.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 25 Apr 2017 18:34:15 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
135161
expires
Sun, 12 Nov 2017 13:01:49 GMT
veil4.png
infosec584.files.wordpress.com/2017/04/ 		157 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/04/veil4.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
3527d152f0327598d75e31794f62269047e3281d39eff956cc208889556e0222

Request headers

:path
/2017/04/veil4.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 25 Apr 2017 18:34:22 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
160937
expires
Tue, 07 Nov 2017 10:47:08 GMT
veil5.png
infosec584.files.wordpress.com/2017/04/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/04/veil5.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
34c7016ff8f26e82d4fca67d8a3bf85611345da3f7a3a9b04bed2ef28bdf496e

Request headers

:path
/2017/04/veil5.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 25 Apr 2017 18:34:28 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
68854
expires
Sat, 28 Oct 2017 01:47:23 GMT
veil6.png
infosec584.files.wordpress.com/2017/04/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/04/veil6.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
7d81dd6d7509308def11162753549e8281723ac73a4518e0bb5d7e6e3d333189

Request headers

:path
/2017/04/veil6.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 25 Apr 2017 18:34:32 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
161554
expires
Wed, 01 Nov 2017 18:50:42 GMT
windows-defender.png
infosec584.files.wordpress.com/2017/04/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/04/windows-defender.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
4530f8a9b22e4e948f50e8c88c809c7c484d0e0a86e891159a7013d3218cfc22

Request headers

:path
/2017/04/windows-defender.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 25 Apr 2017 18:39:25 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
51480
expires
Fri, 03 Nov 2017 22:02:14 GMT
bdfproxy1.png
infosec584.files.wordpress.com/2017/04/ 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/04/bdfproxy1.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
c650600748deb7bbae7352ff9d3bd1013e916848b8aa10a36f60c0225228dcf8

Request headers

:path
/2017/04/bdfproxy1.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 25 Apr 2017 18:46:43 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
181180
expires
Sat, 11 Nov 2017 15:24:02 GMT
bdfproxy2.png
infosec584.files.wordpress.com/2017/04/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/04/bdfproxy2.png
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
2f86c86224b094542523953c8416338261bcd94300bc56f4183cac560ef8c924

Request headers

:path
/2017/04/bdfproxy2.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 25 Apr 2017 18:49:37 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/png
status
200
accept-ranges
bytes
content-length
61028
expires
Sat, 14 Oct 2017 03:47:27 GMT
iptables.png
infosec584.files.wordpress.com/2017/04/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/04/iptables.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
bca05269d23d854077857366e80a834f238cace6a4bcef0cb03ef1c373e0c73f

Request headers

:path
/2017/04/iptables.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 25 Apr 2017 18:52:20 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
123878
expires
Sat, 11 Nov 2017 22:03:58 GMT
metasploit.png
infosec584.files.wordpress.com/2017/04/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/04/metasploit.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
9b512aa7bed2c3fe836caf29c903220a0b437a0535db428f5f187184ff0b26e0

Request headers

:path
/2017/04/metasploit.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 25 Apr 2017 19:00:59 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
108413
expires
Thu, 26 Oct 2017 22:21:24 GMT
download-of-exe.png
infosec584.files.wordpress.com/2017/04/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/04/download-of-exe.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
9615ab6515c577a5853ccef6743c781c4b356d86fa92310438d317de458a45d4

Request headers

:path
/2017/04/download-of-exe.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 25 Apr 2017 19:16:25 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
76570
expires
Mon, 06 Nov 2017 13:32:51 GMT
bdfproxy3.png
infosec584.files.wordpress.com/2017/04/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/04/bdfproxy3.png
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
a1ad4c5627049525d75de99023280d0bbfab3f8a010d4be967b3916b39017f54

Request headers

:path
/2017/04/bdfproxy3.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 25 Apr 2017 19:17:24 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/png
status
200
accept-ranges
bytes
content-length
44335
expires
Wed, 11 Oct 2017 07:29:51 GMT
shell.png
infosec584.files.wordpress.com/2017/04/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/04/shell.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
cb0d7022e4aea6bd92147dd3dbecf8f41112be7d536999b290b1d7a64be5dfc4

Request headers

:path
/2017/04/shell.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 25 Apr 2017 19:19:10 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
106131
expires
Tue, 14 Nov 2017 05:30:41 GMT
steal-private-keys-from-pc.jpg
infosec584.files.wordpress.com/2017/02/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/steal-private-keys-from-pc.jpg?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
a9cdd47e6c7abae2078f7d6843a2043b3878fa8a0ff7765569135644b12df54a

Request headers

:path
/2017/02/steal-private-keys-from-pc.jpg?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
MISS fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 07 Feb 2017 18:31:43 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
68674
expires
Wed, 15 Nov 2017 01:46:34 GMT
smbrelaypic.png
infosec584.files.wordpress.com/2017/02/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/smbrelaypic.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
494fd6f659e78cac76813d77e70ad45320d5eebb128d930c199c8f2d50ef7cc7

Request headers

:path
/2017/02/smbrelaypic.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 07 Feb 2017 18:28:00 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
93206
expires
Mon, 23 Oct 2017 23:51:30 GMT
1.png
infosec584.files.wordpress.com/2017/02/ 		143 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/1.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
d078d3d647e88a95bef07fcf1b724fcf965a56dbfcc0ddedf49b8ed6c5efafcf

Request headers

:path
/2017/02/1.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 07 Feb 2017 18:28:25 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
146848
expires
Sun, 12 Nov 2017 00:30:39 GMT
21.png
infosec584.files.wordpress.com/2017/02/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/21.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
6fb60f85f90f4b22f80e8fd1038aced648b483ba9c6934d37d88523872f91a18

Request headers

:path
/2017/02/21.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 07 Feb 2017 18:28:45 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
81481
expires
Mon, 30 Oct 2017 21:23:33 GMT
3.png
infosec584.files.wordpress.com/2017/02/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/3.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
c34f9419a1848d45fb8f61e0f17ff382de84b42f887ff07ec8f7215e62403324

Request headers

:path
/2017/02/3.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 07 Feb 2017 18:29:12 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
36055
expires
Thu, 26 Oct 2017 02:22:33 GMT
4.png
infosec584.files.wordpress.com/2017/02/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/4.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
74c732148bee537014575036cba9fc94530268b7dc90fda2d42421d4ad883df6

Request headers

:path
/2017/02/4.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 07 Feb 2017 18:29:44 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
32495
expires
Tue, 31 Oct 2017 09:51:08 GMT
5.png
infosec584.files.wordpress.com/2017/02/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/5.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
429211d484000410d07c8feb468def4de31954d1014f130e305f354d0214bfeb

Request headers

:path
/2017/02/5.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 07 Feb 2017 18:30:15 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
59819
expires
Wed, 25 Oct 2017 07:26:00 GMT
7.png
infosec584.files.wordpress.com/2017/02/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/7.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
ce41cfc71abc987544c8fb3ddae7d42789c15bc47a8c9ebc850b915d9cfceebf

Request headers

:path
/2017/02/7.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 07 Feb 2017 18:30:40 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
37670
expires
Sun, 05 Nov 2017 12:04:40 GMT
6.png
infosec584.files.wordpress.com/2017/02/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/6.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
08b30d2b8406fe5e67fc2acd902ab15691bda85d1c2c2bc7d6d21f1bc68a34db

Request headers

:path
/2017/02/6.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 07 Feb 2017 18:31:04 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
67987
expires
Thu, 26 Oct 2017 08:41:07 GMT
8.png
infosec584.files.wordpress.com/2017/02/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/8.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
62f674f9cedf2b92c536653669b281bfeb2966851cf75329b64e5676bb59d2f0

Request headers

:path
/2017/02/8.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 07 Feb 2017 18:31:26 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
58739
expires
Fri, 03 Nov 2017 19:35:00 GMT
3kyzbdv.png
infosec584.files.wordpress.com/2017/02/ 		174 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/3kyzbdv.png?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
cc8e6eaf41da278fc530470225ad6e0bfa4e628c2113dd69151e44f0a7182cc5

Request headers

:path
/2017/02/3kyzbdv.png?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Mon, 06 Feb 2017 18:51:32 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
177765
expires
Sat, 11 Nov 2017 22:17:13 GMT
2.png
infosec584.files.wordpress.com/2017/02/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/2.png
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
3e89cc37bf5ed3061f177a5a854c2f1aae684734ed3db3f7f0fa3aaf49f9235b

Request headers

:path
/2017/02/2.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Mon, 06 Feb 2017 18:48:48 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/png
status
200
accept-ranges
bytes
content-length
25359
expires
Tue, 31 Oct 2017 17:31:15 GMT
1.jpg
infosec584.files.wordpress.com/2017/02/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/1.jpg?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
620504778cb12b61d103df1c2ec29dfceb60c3c1e68a6372c9e5a53416f4402c

Request headers

:path
/2017/02/1.jpg?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
MISS fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Mon, 06 Feb 2017 18:49:11 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
44210
expires
Mon, 06 Nov 2017 03:07:14 GMT
3.jpg
infosec584.files.wordpress.com/2017/02/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/3.jpg?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
9ac52ba3443b8b979af1032a48bafc52ca9698c5dd41b74706b68027fdf87e03

Request headers

:path
/2017/02/3.jpg?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
MISS fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Mon, 06 Feb 2017 18:49:31 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
66430
expires
Fri, 10 Nov 2017 04:34:58 GMT
4.jpg
infosec584.files.wordpress.com/2017/02/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/4.jpg?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
51a0e00d30c727ec35e1338efe85fa021fc7f407f8a5d59f138f71baad163568

Request headers

:path
/2017/02/4.jpg?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
MISS fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Mon, 06 Feb 2017 18:50:17 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
53740
expires
Sun, 29 Oct 2017 11:21:22 GMT
5.jpg
infosec584.files.wordpress.com/2017/02/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2017/02/5.jpg?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
54215d9c7409956986b2dc3f5e364b8aec4e97f21cce66acc67697c660b69e08

Request headers

:path
/2017/02/5.jpg?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
MISS fra 22 np
date
Sun, 08 Oct 2017 13:46:31 GMT
last-modified
Mon, 06 Feb 2017 18:50:48 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
59674
expires
Sat, 04 Nov 2017 08:25:58 GMT
nsa-shadow-brokers-640x358.jpg
infosec584.files.wordpress.com/2016/11/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2016/11/nsa-shadow-brokers-640x358.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
ab09289b59cbff4f9e603213b15ee3feb7c1605603c8be17b5848d4423f96f8c

Request headers

:path
/2016/11/nsa-shadow-brokers-640x358.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Tue, 01 Nov 2016 14:58:04 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
64764
expires
Mon, 06 Nov 2017 21:26:18 GMT
rivial-sub-header-resized.jpg
infosec584.files.wordpress.com/2016/10/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2016/10/rivial-sub-header-resized.jpg?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
416ae12e61b9f8507e98270ef37a20feb621cad8c7cf2c522dfe2de582032dcf

Request headers

:path
/2016/10/rivial-sub-header-resized.jpg?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
MISS fra 22 np
date
Sun, 08 Oct 2017 13:46:31 GMT
last-modified
Thu, 13 Oct 2016 14:51:28 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
55220
expires
Wed, 08 Nov 2017 07:19:01 GMT
brute-force.jpg
infosec584.files.wordpress.com/2016/10/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2016/10/brute-force.jpg?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
016bbcedf89d0a6db6ae1753f56f3a55c31e62697adc0b43e7ec3b52dc5b5495

Request headers

:path
/2016/10/brute-force.jpg?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
MISS fra 22 np
date
Sun, 08 Oct 2017 13:46:31 GMT
last-modified
Tue, 04 Oct 2016 14:11:21 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
30092
expires
Thu, 02 Nov 2017 12:13:05 GMT
dns1.jpg
infosec584.files.wordpress.com/2016/07/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2016/07/dns1.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f26a45aa4754cd28eb070423cf889861a4fdcb10da6c5503161dd40d7dcd8243

Request headers

:path
/2016/07/dns1.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:31 GMT
last-modified
Thu, 28 Jul 2016 18:41:23 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
41399
expires
Sat, 11 Nov 2017 17:32:04 GMT
capture15.jpg
infosec584.files.wordpress.com/2016/07/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2016/07/capture15.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
5f5b1548093f9690756ecfd97d3aea8976e6b18b2afdb371d19ce7ff09bc29f3

Request headers

:path
/2016/07/capture15.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:31 GMT
last-modified
Thu, 28 Jul 2016 18:01:43 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
45571
expires
Thu, 02 Nov 2017 12:11:50 GMT
capture24.jpg
infosec584.files.wordpress.com/2016/07/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2016/07/capture24.jpg?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
59ce49f6dfbeb8a71aeabba1e2075fbfe776319a5036a6eb48e9317fc300ccd2

Request headers

:path
/2016/07/capture24.jpg?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
MISS fra 22 np
date
Sun, 08 Oct 2017 13:46:31 GMT
last-modified
Thu, 28 Jul 2016 18:02:08 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
41282
expires
Wed, 15 Nov 2017 09:32:28 GMT
capture34.jpg
infosec584.files.wordpress.com/2016/07/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2016/07/capture34.jpg?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
4aba43327b701237b52a4e65b3f360256e31b2fc6b9d2e27b15d05438b95e0a7

Request headers

:path
/2016/07/capture34.jpg?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
MISS fra 22 np
date
Sun, 08 Oct 2017 13:46:31 GMT
last-modified
Thu, 28 Jul 2016 18:07:15 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
5220
expires
Thu, 16 Nov 2017 09:45:51 GMT
capture43.jpg
infosec584.files.wordpress.com/2016/07/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2016/07/capture43.jpg?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
45b2a850b8696735e8f4f7f60413f3111db830ea0869bb6ec61a4754e36a1465

Request headers

:path
/2016/07/capture43.jpg?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
MISS fra 22 np
date
Sun, 08 Oct 2017 13:46:31 GMT
last-modified
Thu, 28 Jul 2016 18:11:17 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
35498
expires
Mon, 30 Oct 2017 16:13:20 GMT
capture52.jpg
infosec584.files.wordpress.com/2016/07/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2016/07/capture52.jpg?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
30bfd79520446356010fdda9b1ea81e7b5929407c21296870d085648782e30ee

Request headers

:path
/2016/07/capture52.jpg?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
MISS fra 22 np
date
Sun, 08 Oct 2017 13:46:31 GMT
last-modified
Thu, 28 Jul 2016 18:14:45 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
31822
expires
Wed, 08 Nov 2017 17:28:58 GMT
capture65.jpg
infosec584.files.wordpress.com/2016/07/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2016/07/capture65.jpg?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
37e75aeaf5772cbe1d91228cd965745f6026124b1c5962c707d9b5fbed020f61

Request headers

:path
/2016/07/capture65.jpg?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
MISS fra 22 np
date
Sun, 08 Oct 2017 13:46:31 GMT
last-modified
Thu, 28 Jul 2016 18:19:54 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
22762
expires
Sat, 11 Nov 2017 19:06:19 GMT
capture75.jpg
infosec584.files.wordpress.com/2016/07/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2016/07/capture75.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
2194e3be1047737467aa2d9556d9b3f384d8bcf9de58d2635c28159bb8a79bde

Request headers

:path
/2016/07/capture75.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:31 GMT
last-modified
Thu, 28 Jul 2016 18:22:59 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
41305
expires
Fri, 27 Oct 2017 05:11:27 GMT
capture81.jpg
infosec584.files.wordpress.com/2016/07/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2016/07/capture81.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
cf9c918781f2dabd58842ffe3ae1d888a65740bc182e5bb8f6bfc30e71410412

Request headers

:path
/2016/07/capture81.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 22 np
date
Sun, 08 Oct 2017 13:46:31 GMT
last-modified
Thu, 28 Jul 2016 18:26:05 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
15489
expires
Sun, 29 Oct 2017 02:10:14 GMT
capture91.jpg
infosec584.files.wordpress.com/2016/07/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infosec584.files.wordpress.com/2016/07/capture91.jpg?w=648
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
a24f5ef74451abb86063c4b1859a841ed0ad2d329ed4e87dc402b4e5b97bbd8c

Request headers

:path
/2016/07/capture91.jpg?w=648
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
infosec584.files.wordpress.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
MISS fra 22 np
date
Sun, 08 Oct 2017 13:46:31 GMT
last-modified
Thu, 28 Jul 2016 18:34:17 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
15524
expires
Tue, 14 Nov 2017 02:10:50 GMT
5172dee7d0755a696d8602acfec35853
2.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.gravatar.com/avatar/5172dee7d0755a696d8602acfec35853?s=48&d=identicon&r=G
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
dd16d2b2bc7a1eb42c688ecdf304cf7861a8ae319ec3ea2f6f401d554379b167

Request headers

:path
/avatar/5172dee7d0755a696d8602acfec35853?s=48&d=identicon&r=G
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
2.gravatar.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 3
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Thu, 31 Mar 2016 12:19:51 GMT
server
nginx
source-age
70969
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/5172dee7d0755a696d8602acfec35853?s=48&d=identicon&r=G>; rel="canonical"
content-length
1085
expires
Sun, 08 Oct 2017 13:51:30 GMT
19ce893ae1b445133827437fe4f85a54
1.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.gravatar.com/avatar/19ce893ae1b445133827437fe4f85a54?s=48&d=identicon&r=G
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
9e719b95576554d54e724904371d82d7b21a971b5a6760900625252d89884cb9

Request headers

:path
/avatar/19ce893ae1b445133827437fe4f85a54?s=48&d=identicon&r=G
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
1.gravatar.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 3
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
source-age
70969
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/19ce893ae1b445133827437fe4f85a54?s=48&d=identicon&r=G>; rel="canonical"
content-length
1367
expires
Sun, 08 Oct 2017 13:51:30 GMT
4977a8b60b2e741458b621e7a0052ee0
1.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.gravatar.com/avatar/4977a8b60b2e741458b621e7a0052ee0?s=48&d=identicon&r=G
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
fe4e7706260db5eff9e91a497c9e90d6b5e24fb16992c6a32194f4925d778414

Request headers

:path
/avatar/4977a8b60b2e741458b621e7a0052ee0?s=48&d=identicon&r=G
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
1.gravatar.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 4
date
Sun, 08 Oct 2017 13:46:30 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
source-age
176592
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/4977a8b60b2e741458b621e7a0052ee0?s=48&d=identicon&r=G>; rel="canonical"
content-length
1057
expires
Sun, 08 Oct 2017 13:51:30 GMT
gprofiles.js
0.gravatar.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0.gravatar.com/js/gprofiles.js?ver=201740y
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
920c9189a522af2214445b9b592232c64c6bcb262bd4bcf1e1abad27c5cbe606

Request headers

:path
/js/gprofiles.js?ver=201740y
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
0.gravatar.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
last-modified
Thu, 17 Sep 2015 14:13:14 GMT
server
nginx
etag
W/"55faca7a-50aa"
content-type
application/x-javascript
status
200
cache-control
max-age=604800
expires
Sun, 15 Oct 2017 13:46:30 GMT
wpgroho.js
s1.wp.com/wp-content/mu-plugins/gravatar-hovercards/ 		582 B
331 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1380573781h
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
21c557180f1bd074974eb41ae4228b6aa9c41234ab1729d780bc8f05761110bb

Request headers

:path
/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1380573781h
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
s1.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
server
nginx
etag
W/"57391275-2f0"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Fri, 22 Jun 2018 02:18:14 GMT
/
s2.wp.com/_static/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.wp.com/_static/??/wp-content/js/jquery/jquery.autoresize.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1479964158j
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
adc3ebba0b9de47a3ad48efc55e8be3e9234b1156fb6f36be3b783134b5f4c3e

Request headers

:path
/_static/??/wp-content/js/jquery/jquery.autoresize.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1479964158j
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
s2.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
last-modified
Thu, 24 Nov 2016 05:09:52 GMT
server
nginx
etag
W/"58367620-a54e"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Fri, 22 Jun 2018 02:18:14 GMT
jetpack-carousel.css
s1.wp.com/wp-content/mu-plugins/carousel/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.wp.com/wp-content/mu-plugins/carousel/jetpack-carousel.css?m=1481571546h
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c70b54f83a13aeaae5b49d9787d79db666721ba8d9c877dc732023c47304f071

Request headers

:path
/wp-content/mu-plugins/carousel/jetpack-carousel.css?m=1481571546h
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
s1.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
server
nginx
etag
W/"584efce5-6458"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Fri, 22 Jun 2018 02:18:14 GMT
tiled-gallery.css
s1.wp.com/wp-content/mu-plugins/tiled-gallery/ 		1 KB
500 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.wp.com/wp-content/mu-plugins/tiled-gallery/tiled-gallery.css?m=1443731146h
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b156b5d24f65e76cfff6123c837215362fd186996f49ebf793b0297fc37acfc1

Request headers

:path
/wp-content/mu-plugins/tiled-gallery/tiled-gallery.css?m=1443731146h
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
s1.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
server
nginx
etag
W/"58674302-950"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Fri, 22 Jun 2018 02:18:14 GMT
/
s1.wp.com/_static/ 		158 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.wp.com/_static/??-eJyNkNFOwzAMRX+I4G3SgBfEp6A0dTe3iRNip4W/J5nUCg1U8RTHuff6OLAk4yIrssIo0ONMDtPn4ygP8OMpFJN8uRALeJpQ4KNgwavl3mPeERMPxKRfW3Gv1SuGGpdKB9gTNwa2M12sUuR/iGWiZDzxZIboipiBfrH/4WrnDvWImqyb4J3YgS6kitkoBayDcMdn+0BsOpshWKmeWpk4Y87UV4Ctt5fg2t4tYat21M7mWAT9CmzWxuqp/L602e2nliF2Izq9D1zT5koZwYqg3gy3e8ooUh1v4fV4PpyeXo7Pp8P4DYFZ1EA=
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b78462818925e30baf818a090387b1f8275ba7834e48c97ec5d7dff6a6171891

Request headers

:path
/_static/??-eJyNkNFOwzAMRX+I4G3SgBfEp6A0dTe3iRNip4W/J5nUCg1U8RTHuff6OLAk4yIrssIo0ONMDtPn4ygP8OMpFJN8uRALeJpQ4KNgwavl3mPeERMPxKRfW3Gv1SuGGpdKB9gTNwa2M12sUuR/iGWiZDzxZIboipiBfrH/4WrnDvWImqyb4J3YgS6kitkoBayDcMdn+0BsOpshWKmeWpk4Y87UV4Ctt5fg2t4tYat21M7mWAT9CmzWxuqp/L602e2nliF2Izq9D1zT5koZwYqg3gy3e8ooUh1v4fV4PpyeXo7Pp8P4DYFZ1EA=
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
s1.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
last-modified
Mon, 14 Aug 2017 03:36:47 GMT
server
nginx
etag
W/"59911acf-27690"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Tue, 14 Aug 2018 04:15:46 GMT
widgets.js
platform.twitter.com/ 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js?ver=20111117
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
ca9928a9089953036dd9bd12a9bccb612612b271b2cc048200da775a5c433394

Request headers

:path
/widgets.js?ver=20111117
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
platform.twitter.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
age
719
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
34921
x-served-by
cache-tw-fra1-cr1-12-TWFRA1
last-modified
Fri, 29 Sep 2017 14:54:35 GMT
x-timer
S1507470391.511130,VS0,VE0
etag
"582012611a93efff1eaebe394c5a46bd+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=1800
accept-ranges
bytes
/
s2.wp.com/_static/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.wp.com/_static/??-eJyVy8EOwiAMANAfslYTHXowfsuAhhRLJaxI/Hu97rTs+A4PR4XwViM1LB2q9MS6oA02owZe5vDy3CJUJlT6UCONrOmYlwPuuXX7sVCENItQ+671X8/yOF9u95Ob3NXlHw12Q+E=
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a167f5ec488c197929d1ee3b1bd577f9a7f71e15ae762f2b4d25cbbfa6fe7093

Request headers

:path
/_static/??-eJyVy8EOwiAMANAfslYTHXowfsuAhhRLJaxI/Hu97rTs+A4PR4XwViM1LB2q9MS6oA02owZe5vDy3CJUJlT6UCONrOmYlwPuuXX7sVCENItQ+671X8/yOF9u95Ob3NXlHw12Q+E=
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
s2.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
last-modified
Thu, 09 Mar 2017 16:30:45 GMT
server
nginx
etag
W/"58c18335-1c59"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Fri, 22 Jun 2018 02:18:14 GMT
Cookie set 725X1342.skimlinks.js
s.skimresources.com/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/725X1342.skimlinks.js
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.129 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Skimlinks V9.0 /
Resource Hash
fbad7de11eaccc4476f08c2254fdb15c0d64d64f19f426dc76673c74e7f84e24

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.skimresources.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-amz-version-id
JR2uuCHdGeWqKgoNQjSIcqv61kbsSCzJ
Content-Encoding
gzip
ETag
"71938699251da46f1497f15d6ad36958"
X-Cache
HIT
P3P
policyref="https://s.skimresources.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
20050
X-Served-By
cache-hhn1525-HHN
Server
Skimlinks V9.0
Date
Sun, 08 Oct 2017 13:46:30 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
Set-Cookie
skimGUID=1b7d08f90207af40e22345ae6f837485; Domain=.skimresources.com; expires=Fri, 07 Oct 2022 13:46:30 GMT; path=/; skimSESS=a80945dd4fc3754fb0649bf9a5da7b8f; Domain=.skimresources.com; expires=Sun, 08 Oct 2017 14:16:30 GMT; path=/;
Accept-Ranges
bytes
X-Cache-Hits
1168075
w.js
stats.wp.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/w.js?56
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e7f6a232138a2992064e3f39aae317a816a4b892340be34695e42089e0e95cdc

Request headers

:path
/w.js?56
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
stats.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
server
nginx
etag
W/"5890f68b-405c"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
expires
Sun, 03 Jun 2018 01:14:56 GMT
ga.js
ssl.google-analytics.com/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c8e3699362d1d2ffc0c97b36e93b1e793034ca7b98896ca2260c2c1dcd973d59
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/ga.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ssl.google-analytics.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Sep 2017 22:31:34 GMT
server
Golfe2
age
3100
date
Sun, 08 Oct 2017 12:54:50 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
16615
expires
Sun, 08 Oct 2017 14:54:50 GMT
qhFtudkoEdJV__ba4WegbA.ttf
fonts.gstatic.com/s/ptsans/v8/ 		136 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v8/qhFtudkoEdJV__ba4WegbA.ttf
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
cde4fcde212560c28911cee52ac368796a23dd0b10f37eff95c32be07ec70ab4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/ptsans/v8/qhFtudkoEdJV__ba4WegbA.ttf
pragma
no-cache
origin
https://shellgam3.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext
Origin
https://shellgam3.com

Response headers

date
Tue, 29 Aug 2017 13:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3455612
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
78631
x-xss-protection
1; mode=block
last-modified
Mon, 06 Oct 2014 20:41:13 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Aug 2018 13:52:58 GMT
hpORcvLZtemlH8gI-1S-7i3USBnSvpkopQaUR-2r7iU.ttf
fonts.gstatic.com/s/ptsans/v8/ 		157 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v8/hpORcvLZtemlH8gI-1S-7i3USBnSvpkopQaUR-2r7iU.ttf
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
4b1c725832e34537fd61c5e32945e48c2913e52be766afb44fd54b061bb5786d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/ptsans/v8/hpORcvLZtemlH8gI-1S-7i3USBnSvpkopQaUR-2r7iU.ttf
pragma
no-cache
origin
https://shellgam3.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext
Origin
https://shellgam3.com

Response headers

date
Tue, 29 Aug 2017 11:27:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3464325
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
89990
x-xss-protection
1; mode=block
last-modified
Mon, 06 Oct 2014 20:41:11 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Aug 2018 11:27:45 GMT
pixel.gif
static.criteo.net/images/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.74 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
static.criteo.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.criteo.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:30 GMT
Last-Modified
Wed, 19 Sep 2007 08:50:25 GMT
Server
nginx
ETag
"493ea254-2b"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=31104000 public
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
43
Expires
Wed, 03 Oct 2018 13:46:30 GMT
pixel.gif
static.criteo.net/images/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.74 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
static.criteo.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.criteo.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:30 GMT
Last-Modified
Wed, 19 Sep 2007 08:50:25 GMT
Server
nginx
ETag
"493ea254-2b"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=31104000 public
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
43
Expires
Wed, 03 Oct 2018 13:46:30 GMT
lILlYDvubYemzYzN7GbLkNqQynqKV_9Plp7mupa0S4g.ttf
fonts.gstatic.com/s/ptsans/v8/ 		103 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v8/lILlYDvubYemzYzN7GbLkNqQynqKV_9Plp7mupa0S4g.ttf
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
524d06ca272af40f02113ee8e83ae4372e1c6e59c2c519a82e047c9ca092c116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/ptsans/v8/lILlYDvubYemzYzN7GbLkNqQynqKV_9Plp7mupa0S4g.ttf
pragma
no-cache
origin
https://shellgam3.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext
Origin
https://shellgam3.com

Response headers

date
Tue, 29 Aug 2017 11:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3464282
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
57798
x-xss-protection
1; mode=block
last-modified
Mon, 06 Oct 2014 20:39:18 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Aug 2018 11:28:28 GMT
DVKQJxMmC9WF_oplMzlQqaCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/ptsans/v8/ 		132 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v8/DVKQJxMmC9WF_oplMzlQqaCWcynf_cDxXwCLxiixG1c.ttf
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
6169f8d39f199ab82cb3046d3675de542bbe13ea02404e599f05ecb0531c4c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/ptsans/v8/DVKQJxMmC9WF_oplMzlQqaCWcynf_cDxXwCLxiixG1c.ttf
pragma
no-cache
origin
https://shellgam3.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext
Origin
https://shellgam3.com

Response headers

date
Tue, 29 Aug 2017 19:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3434214
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
74601
x-xss-protection
1; mode=block
last-modified
Mon, 06 Oct 2014 20:40:27 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Aug 2018 19:49:36 GMT
truncated
/ 		14 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Origin
https://shellgam3.com

Response headers

Access-Control-Allow-Origin
*
Content-Type
application/x-font-woff;charset=utf-8
widgets.js
platform.twitter.com/ 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: s1.wp.com
URL: https://s1.wp.com/_static/??-eJyNkNFOwzAMRX+I4G3SgBfEp6A0dTe3iRNip4W/J5nUCg1U8RTHuff6OLAk4yIrssIo0ONMDtPn4ygP8OMpFJN8uRALeJpQ4KNgwavl3mPeERMPxKRfW3Gv1SuGGpdKB9gTNwa2M12sUuR/iGWiZDzxZIboipiBfrH/4WrnDvWImqyb4J3YgS6kitkoBayDcMdn+0BsOpshWKmeWpk4Y87UV4Ctt5fg2t4tYat21M7mWAT9CmzWxuqp/L602e2nliF2Izq9D1zT5koZwYqg3gy3e8ooUh1v4fV4PpyeXo7Pp8P4DYFZ1EA=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
ca9928a9089953036dd9bd12a9bccb612612b271b2cc048200da775a5c433394

Request headers

:path
/widgets.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
platform.twitter.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
age
719
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
34921
x-served-by
cache-tw-fra1-cr1-12-TWFRA1
last-modified
Fri, 29 Sep 2017 14:54:35 GMT
x-timer
S1507470391.606242,VS0,VE0
etag
"582012611a93efff1eaebe394c5a46bd+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=1800
accept-ranges
bytes
wpcom-gray-white.png
s1.wp.com/i/logo/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.wp.com/i/logo/wpcom-gray-white.png
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c0e93b5ebf107af77d9e7d101d186b3b93e9d5ad4fbb6a74e2dea60173cc04f8

Request headers

:path
/i/logo/wpcom-gray-white.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
s1.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Sun, 08 Oct 2017 13:46:30 GMT
x-ac
4.fra _dfw
last-modified
Sat, 31 Dec 2016 05:45:35 GMT
server
nginx
etag
"586745ff-200b"
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8203
expires
Fri, 22 Jun 2018 02:18:15 GMT
cdb
bidder.criteo.com/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=27&profileId=184&cb=4210730729
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.0.93 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Origin
https://shellgam3.com
Accept-Encoding
gzip, deflate
Host
bidder.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://shellgam3.com/
Connection
keep-alive
Content-Length
220
Referer
https://shellgam3.com/
Origin
https://shellgam3.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://shellgam3.com
Date
Sun, 08 Oct 2017 13:46:30 GMT
X-Cnection
close
Access-Control-Allow-Credentials
true
Server
Finatra
Content-Length
0
Vary
Origin
/
r.skimresources.com/api/ 		180 B
198 B 		Script
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?callback=skimlinksApplyHandlers&data=%7B%22pubcode%22%3A%22725X1342%22%2C%22domains%22%3A%5B%22github.com%22%2C%22192.168.22.63%22%2C%22system.net%22%2C%22webmail.teklinks.com%22%2C%22oursecblog.wordpress.com%22%2C%22twitter.com%22%2C%22linkedin.com%22%2C%22wordpress.com%22%2C%22en.wordpress.com%22%2C%22subscribe.wordpress.com%22%5D%2C%22page%22%3A%22https%3A%2F%2Fshellgam3.com%2F%22%7D
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/725X1342.skimlinks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.40.172 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
172.40.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
60754eb2a545a695803215bcdf5acc7fc98cc56ac059f64fd3607310953ac648
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/api/?callback=skimlinksApplyHandlers&data=%7B%22pubcode%22%3A%22725X1342%22%2C%22domains%22%3A%5B%22github.com%22%2C%22192.168.22.63%22%2C%22system.net%22%2C%22webmail.teklinks.com%22%2C%22oursecblog.wordpress.com%22%2C%22twitter.com%22%2C%22linkedin.com%22%2C%22wordpress.com%22%2C%22en.wordpress.com%22%2C%22subscribe.wordpress.com%22%5D%2C%22page%22%3A%22https%3A%2F%2Fshellgam3.com%2F%22%7D
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
r.skimresources.com
cookie
skimGUID=1b7d08f90207af40e22345ae6f837485; skimSESS=a80945dd4fc3754fb0649bf9a5da7b8f
:scheme
https
referer
https://shellgam3.com/
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:30 GMT
via
1.1 google
x-content-type-options
nosniff
server
openresty/1.11.2.5
status
200
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://shellgam3.com
access-control-allow-credentials
true
set-cookie
skimGUID=1b7d08f90207af40e22345ae6f837485; Expires=Mon, 08-Oct-18 13:46:30 GMT; Max-Age=31536000; Domain=.skimresources.com; Path=/ skimORIGIN=r; Expires=Mon, 08-Oct-18 13:46:30 GMT; Max-Age=31536000; Domain=.skimresources.com; Path=/
content-type
application/javascript
alt-svc
clear
px.gif
p.skimresources.com/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=10.849257850490483
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.253.20 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-253-20.eu-west-1.compute.amazonaws.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
p.skimresources.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
skimGUID=1b7d08f90207af40e22345ae6f837485; skimSESS=a80945dd4fc3754fb0649bf9a5da7b8f
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
Skimlinks Pixel 1.0
Connection
keep-alive
P3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
43
Content-Type
image/gif
px.gif
p.skimresources.com/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=10.849257850490483
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.253.20 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-253-20.eu-west-1.compute.amazonaws.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
p.skimresources.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
skimGUID=1b7d08f90207af40e22345ae6f837485; skimSESS=a80945dd4fc3754fb0649bf9a5da7b8f
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
Skimlinks Pixel 1.0
Connection
keep-alive
P3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
43
Content-Type
image/gif
hovercard.css
0.gravatar.com/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0.gravatar.com/css/hovercard.css?ver=201740y
Requested by
Host: s1.wp.com
URL: https://s1.wp.com/_static/??-eJyF0G0KwjAMBuAL2dXJxP0Rz1Lr60hdP2zaDT29FSYiVIVAIHkISeQcBDk95hNYmhLXjHhbUmN4JX8BYWmIKqGx5F5Ye5fg0tNaf6QRIjOiGkqtDDr7iguekwVzQZXu50rkJsL8lxmkoPRFRDDdUTuEw3vn7x9Y1MHu267fbfp2263NA675cvs=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
3f10442336cd9b12279a4662345ca628aa1dc48b9993a7cc75c2077b6ecbaf6b

Request headers

:path
/css/hovercard.css?ver=201740y
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
0.gravatar.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
last-modified
Mon, 28 Jan 2013 22:29:45 GMT
server
nginx
etag
W/"5106fbd9-2062"
content-type
text/css
status
200
cache-control
max-age=604800
expires
Sun, 15 Oct 2017 13:46:30 GMT
services.css
0.gravatar.com/css/ 		3 KB
566 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0.gravatar.com/css/services.css?ver=201740y
Requested by
Host: s1.wp.com
URL: https://s1.wp.com/_static/??-eJyF0G0KwjAMBuAL2dXJxP0Rz1Lr60hdP2zaDT29FSYiVIVAIHkISeQcBDk95hNYmhLXjHhbUmN4JX8BYWmIKqGx5F5Ye5fg0tNaf6QRIjOiGkqtDDr7iguekwVzQZXu50rkJsL8lxmkoPRFRDDdUTuEw3vn7x9Y1MHu267fbfp2263NA675cvs=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
ab7e2ffdc04169e144920d681f782403d86113dd0a50dee1eb0522fb4c92375b

Request headers

:path
/css/services.css?ver=201740y
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
0.gravatar.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:30 GMT
content-encoding
gzip
last-modified
Wed, 19 Mar 2014 21:35:23 GMT
server
nginx
etag
W/"532a0d9b-bd8"
content-type
text/css
status
200
cache-control
max-age=604800
expires
Sun, 15 Oct 2017 13:46:30 GMT
twitter_cookies.html
platform.twitter.com/widgets/ Frame 5174 		0
0
/
r.skimresources.com/api/ 		192 B
210 B 		Script
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?callback=skimlinksApplyHandlers&data=%7B%22pubcode%22%3A%22725X1342%22%2C%22domains%22%3A%5B%22security-center.intel.com%22%2C%22mmc.exe%22%2C%22google_updater.exe%22%2C%22bdfproxy.cfg%22%2C%22smbrelayx.py%22%2C%22responder.py%22%2C%22test.ps1%22%2C%22native.win%22%2C%22excel.exe%22%2C%22stream.read%2528%2524bytes%22%2C%22system.text.asciiencoding%2529.getstring%2528%2524bytes%252C0%22%2C%22%22%2C%22example.domain.com%22%2C%22domain.com%22%2C%22us.messagelabs.com%22%2C%22messagelabs.com%22%2C%22teklinks.com%22%2C%22icloud.com%22%2C%22linux.gif%22%2C%22linux.gif.hex%22%5D%2C%22page%22%3A%22https%3A%2F%2Fshellgam3.com%2F%22%7D
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/725X1342.skimlinks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.40.172 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
172.40.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
b73acea0a8d7587e40dc5550b0f9ed6f3fdba666f0db83b133e737ed38238a01
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/api/?callback=skimlinksApplyHandlers&data=%7B%22pubcode%22%3A%22725X1342%22%2C%22domains%22%3A%5B%22security-center.intel.com%22%2C%22mmc.exe%22%2C%22google_updater.exe%22%2C%22bdfproxy.cfg%22%2C%22smbrelayx.py%22%2C%22responder.py%22%2C%22test.ps1%22%2C%22native.win%22%2C%22excel.exe%22%2C%22stream.read%2528%2524bytes%22%2C%22system.text.asciiencoding%2529.getstring%2528%2524bytes%252C0%22%2C%22%22%2C%22example.domain.com%22%2C%22domain.com%22%2C%22us.messagelabs.com%22%2C%22messagelabs.com%22%2C%22teklinks.com%22%2C%22icloud.com%22%2C%22linux.gif%22%2C%22linux.gif.hex%22%5D%2C%22page%22%3A%22https%3A%2F%2Fshellgam3.com%2F%22%7D
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
r.skimresources.com
cookie
skimSESS=a80945dd4fc3754fb0649bf9a5da7b8f; skimGUID=1b7d08f90207af40e22345ae6f837485; skimORIGIN=r
:scheme
https
referer
https://shellgam3.com/
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:30 GMT
via
1.1 google
x-content-type-options
nosniff
server
openresty/1.11.2.5
status
200
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://shellgam3.com
access-control-allow-credentials
true
set-cookie
skimGUID=1b7d08f90207af40e22345ae6f837485; Expires=Mon, 08-Oct-18 13:46:30 GMT; Max-Age=31536000; Domain=.skimresources.com; Path=/ skimORIGIN=r; Expires=Mon, 08-Oct-18 13:46:30 GMT; Max-Age=31536000; Domain=.skimresources.com; Path=/
content-type
application/javascript
alt-svc
clear
Cookie set /
s.pubmine.com/adj/26942/300/250/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pubmine.com/adj/26942/300/250/?fl&svf=2&pos=btf&hb=%7B%22CRT%22%3A%22nobid%22%7D&imp_delay=494&pp=%7B%22pt%22%3A0%2C%22ht%22%3A0%2C%22tn%22%3A%22edin%22%2C%22amp%22%3Afalse%7D&ord=5924417396233&v=1.16.2&callbackPubmine=_callbacks____1j8isy5xz
Requested by
Host: s.pubmine.com
URL: https://s.pubmine.com/head.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.49.211 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
211.49.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
4ab894c2d01326f1ada28df624d209bb0a9554685e48bbf906e33fecbdeb9e3d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:30 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
lcai9h=!43,1,1507470390; path=/; expires=Tue, 08-Oct-2019 13:46:30 GMT lcri5m=!163,1,1507470390; path=/; expires=Tue, 08-Oct-2019 13:46:30 GMT ar1d=!0,1,1507470390; path=/; expires=Tue, 08-Oct-2019 13:46:30 GMT
Content-Type
text/javascript; charset=utf-8
Expires
0
Cookie set /
s.pubmine.com/adj/114160/300/250/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pubmine.com/adj/114160/300/250/?fl&svf=2&pos=btf&hb=%7B%22CRT%22%3A%22nobid%22%7D&imp_delay=495&pp=%7B%22pt%22%3A0%2C%22ht%22%3A0%2C%22tn%22%3A%22edin%22%2C%22amp%22%3Afalse%7D&ord=9618134911091&v=1.16.2&callbackPubmine=_callbacks____2j8isy5y0
Requested by
Host: s.pubmine.com
URL: https://s.pubmine.com/head.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b8b82297c5a2571c2c41c3f0b10dfa2843be30bf75b2fa592291c4d77426bd6d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
lcai9h=!43,1,1507470390; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT lcri5m=!163,1,1507470390; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT ar1d=!0,1,1507470390; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
text/javascript; charset=utf-8
Expires
0
g.gif
pixel.wp.com/ 		50 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.21668697629844846
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

:path
/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.21668697629844846
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pixel.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

status
200
date
Sun, 08 Oct 2017 13:46:31 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?blog=106865735&v=wpcom&tz=0&user_id=0&subd=infosec584&host=shellgam3.com&ref=&rand=0.9523775242847992
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

:path
/g.gif?blog=106865735&v=wpcom&tz=0&user_id=0&subd=infosec584&host=shellgam3.com&ref=&rand=0.9523775242847992
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pixel.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

status
200
date
Sun, 08 Oct 2017 13:46:31 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?crypt=UE5XaGUuOTlwaD85flAmcm1mcmZsaDhkV11YdWtpP0NsWnVkPS9sL0ViLndld3BTTVtuWFVdT2ZlbnJkZ2ItV0krODB3Vzk%2FT28ud0VEZHxKcy9kcnBvaVhPTnxoLnYtRXlaVUp4eiZ0RTRmNitJaHB2LEVpfitGSWh%2BUUZ4cU5Hb345Ly9SM1Y4dDJuL0Y9N0hDVzgvcz1JK0J8dGNEaXBpWnwlNkFJNTlCRz8tN189MH54dmlqLD94S21zcENzRj1qJnNDNXpxbUJFeDdBZy5LSTYuaG95d01dRXhGOUtlTkdhRn5oMS9Lbjk5UT9PQj1xLWR3WEw5WT05Ny09STgtaVBqUmU3MTBJVC0ydk96P11mMF9rK3d5NnB6ZG5icGclbHZBL3NIeUta&v=wpcom-no-pv&rand=0.8563082056912312
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

:path
/g.gif?crypt=UE5XaGUuOTlwaD85flAmcm1mcmZsaDhkV11YdWtpP0NsWnVkPS9sL0ViLndld3BTTVtuWFVdT2ZlbnJkZ2ItV0krODB3Vzk%2FT28ud0VEZHxKcy9kcnBvaVhPTnxoLnYtRXlaVUp4eiZ0RTRmNitJaHB2LEVpfitGSWh%2BUUZ4cU5Hb345Ly9SM1Y4dDJuL0Y9N0hDVzgvcz1JK0J8dGNEaXBpWnwlNkFJNTlCRz8tN189MH54dmlqLD94S21zcENzRj1qJnNDNXpxbUJFeDdBZy5LSTYuaG95d01dRXhGOUtlTkdhRn5oMS9Lbjk5UT9PQj1xLWR3WEw5WT05Ny09STgtaVBqUmU3MTBJVC0ydk96P11mMF9rK3d5NnB6ZG5icGclbHZBL3NIeUta&v=wpcom-no-pv&rand=0.8563082056912312
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pixel.wp.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

status
200
date
Sun, 08 Oct 2017 13:46:31 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
timeline.9abf139d50bf8058a048c5241da351bd.js
platform.twitter.com/js/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/timeline.9abf139d50bf8058a048c5241da351bd.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=20111117
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
24610920675a6818ca81b7737c043ff45b9e8bed9acf25f0c2b6184f1e52dbcd

Request headers

:path
/js/timeline.9abf139d50bf8058a048c5241da351bd.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
platform.twitter.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
content-encoding
gzip
age
512102
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
8216
x-served-by
cache-tw-fra1-cr1-12-TWFRA1
last-modified
Fri, 29 Sep 2017 21:47:20 GMT
x-timer
S1507470391.051580,VS0,VE0
etag
"9b4c8cd4b0955209c8ffefe0f31af82e+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
__utm.gif
ssl.google-analytics.com/r/ 		35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.0&utms=1&utmn=1103207230&utmhn=shellgam3.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shellgam3.com&utmhid=445576332&utmr=-&utmp=%2F&utmht=1507470391003&utmac=UA-52447-2&utmcc=__utma%3D1.940037597.1507470391.1507470391.1507470391.1%3B%2B__utmz%3D1.1507470391.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2082847535&utmredir=1&utmu=uhAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/r/__utm.gif?utmwv=5.7.0&utms=1&utmn=1103207230&utmhn=shellgam3.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shellgam3.com&utmhid=445576332&utmr=-&utmp=%2F&utmht=1507470391003&utmac=UA-52447-2&utmcc=__utma%3D1.940037597.1507470391.1507470391.1507470391.1%3B%2B__utmz%3D1.1507470391.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2082847535&utmredir=1&utmu=uhAAAAAAAAAAAAAAAAAAAAAE~
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
ssl.google-analytics.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
twitter_cookies.html
platform.twitter.com/widgets/ Frame 5174 		0
0
publishertag.js
static.criteo.net/js/ld/ Frame 5174 		59 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.74 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
static.criteo.net
Software
nginx /
Resource Hash
f54d8981534c25d7d2abe7180267560de52b05985fa0ba027f550161dc59dd51

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.criteo.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Connection
keep-alive
Cache-Control
no-cache

Response headers

Date
Sun, 08 Oct 2017 13:46:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Sep 2007 08:50:25 GMT
Server
nginx
ETag
W/"59d37d13-ed54"
Transfer-Encoding
chunked
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400 public
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Mon, 09 Oct 2017 13:46:30 GMT
Cookie set pixel
s.pubmine.com/ Frame 5174 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/pixel?id=14&type=img
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; lcai9h=!43,1,1507470390; lcri5m=!163,1,1507470390; ar1d=!0,1,1507470390
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
us=!14,308249191; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set match
s.pubmine.com/ Frame 5174
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=wordpress
  • https://r.254a.com/bsw_match?bidswitch_ssp_id=wordpress
  • https://r.254a.com/ul_cb/bsw_match?bidswitch_ssp_id=wordpress
  • https://x.bidswitch.net/sync?dsp_id=6&user_id=636695d3-fc49-4cd1-8ab2-12335230f5a9&user_group=1&ssp=wordpress
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; lcai9h=!43,1,1507470390; lcri5m=!163,1,1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
/
s.pubmine.com/wl_pixel/EXOUdf-WZSWW4t1_OFOM7JrAWMD-Xq5jDj86YgZgo5DKbr-zKMEF9bFJpILFGRUYYfyiSJwHJfeITsNBlrPg35jO2uIDukU_HF4mOW2SCwswbup5M4Z2QiocJhRYkZxnKZfXicpMVlHSkRfzpMwOD3NE_AE_lXmnhckOZTEPbOifne... Frame 5174 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/wl_pixel/EXOUdf-WZSWW4t1_OFOM7JrAWMD-Xq5jDj86YgZgo5DKbr-zKMEF9bFJpILFGRUYYfyiSJwHJfeITsNBlrPg35jO2uIDukU_HF4mOW2SCwswbup5M4Z2QiocJhRYkZxnKZfXicpMVlHSkRfzpMwOD3NE_AE_lXmnhckOZTEPbOifneubWlEvit6Zo7cfHuqdWC_2A_f3aPGqQkQJzoszRjrFcd0iI3HXizbQkuBIRuBzmlEB90ZVuLVwK30tsJBjuwy1usT5I8S6dR7qS-gDlhgVGfggE9NjMZo5vyrj7ECt7PFo5NzJwxDqjFCd0p0KEk6mH0q5VqtyGrJnMULIV_niBd9zmwa88rTcbCkwjV_mFgmwjQI6M28ULj2fFNNDXMyNvn5Zogi0TVp00akxvfXEJTPyrSARyBtEOCpsrOsbin36UKcWKyDDQQGqDrRYZ9nEfMUYvIx6YvJN1A/
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.49.211 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
211.49.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; lcai9h=!43,1,1507470390; lcri5m=!163,1,1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set ajs.php
cas.criteo.com/delivery/ Frame 5174 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.criteo.com/delivery/ajs.php?ptv=27&containerid=crt-877078&zoneid=877078&cb=45705488794&nodis=1&charset=UTF-8&wpdt0=https%3A%2F%2Fs.pubmine.com%2Fimp_pixel%2FEXOUdf-WZSWW4t1_OFOM7JrAWMD-Xq5jDj86YgZgo5DKbr-zKMEF9bFJpILFGRUYYfyiSJwHJfeITsNBlrPg35jO2uIDukU_HF4mOW2SCwswbup5M4Z2QiocJhRYkZxnKZfXicpMVlHSkRfzpMwOD3NE_AE_lXmnhckOZTEPbOifneubWlEvit6Zo7cfHuqdWC_2A_f3aPGqQkQJzoszRjrFcd0iI3HXizbQkuBIRuBzmlEB90ZVuLVwK30tsJBjuwy1usT5I8S6dR7qS-gDlhgVGfggE9NjMZo5vyrj7ECt7PFo5NzJwxDqjFCd0p0KEk6mH0q5VqtyGrJnMULIV_niBd9zmwa88rTcbCkwjV_mFgmwjQI6M28ULj2fFNNDXMyNvn5Zogi0TVp00akxvfXEJTPyrSARyBtEOCpsrOsbin36UKcWKyDDQQGqDrRYZ9nEfMUYvIx6YvJN1A%2F&dc=1&atfr=0&loc=https%3A%2F%2Fshellgam3.com%2F
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.71 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
cas.criteo.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1873ab953fd34bd84892d8812f281c6f2604673ed74af70a49a8b31e05f103c7

Request headers

Pragma
no-cache
Origin
https://shellgam3.com
Accept-Encoding
gzip, deflate
Host
cas.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
https://shellgam3.com/
Origin
https://shellgam3.com

Response headers

Date
Sun, 08 Oct 2017 13:46:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
ASP.NET
P3P
CP='CUR ADM OUR NOR STA NID'
Content-Length
1531
Pragma
no-cache
Server
Microsoft-IIS/8.5
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://shellgam3.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Set-Cookie
uid=f88dba31-657a-46d3-80f6-1840a8d1dfa0; domain=.criteo.com; expires=Mon, 08-Oct-2018 13:46:30 GMT; path=/ uid=f88dba31-657a-46d3-80f6-1840a8d1dfa0; domain=.criteo.com; expires=Mon, 08-Oct-2018 13:46:30 GMT; path=/ zdi=*1m5y%2baSO%2bQV1OFyZnchGZxg%3d%3d; domain=.criteo.com; expires=Sun, 08-Apr-2018 13:46:30 GMT; path=/
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Expires
Mon, 26 Jul 1997 05:00:00 GMT
publishertag.js
static.criteo.net/js/ld/ Frame 5174 		59 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.74 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
static.criteo.net
Software
nginx /
Resource Hash
f54d8981534c25d7d2abe7180267560de52b05985fa0ba027f550161dc59dd51

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.criteo.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Connection
keep-alive
Cache-Control
no-cache

Response headers

Date
Sun, 08 Oct 2017 13:46:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Sep 2007 08:50:25 GMT
Server
nginx
ETag
W/"59d37d13-ed54"
Transfer-Encoding
chunked
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400 public
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Mon, 09 Oct 2017 13:46:30 GMT
Cookie set pixel
s.pubmine.com/ Frame 5174 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/pixel?id=14&type=img
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.49.211 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
211.49.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; lcai9h=!43,1,1507470390; lcri5m=!163,1,1507470390; ar1d=!0,1,1507470390
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
us=!14,308249191; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set match
s.pubmine.com/ Frame 5174
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=wordpress
  • https://sync-eu.exe.bid/bidswitch/sync?sub1=wordpress
  • https://sync-eu.exe.bid/bidswitch/sync?sub1=wordpress&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9zaGVsbGdhbTMuY29tLyJdfX0
  • https://x.bidswitch.net/sync?dsp_id=140&user_id=24175d92-09cd-416f-8047-c8b3d1fa9bb8&expires=14&ssp=wordpress
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; lcai9h=!43,1,1507470390; lcri5m=!163,1,1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
/
s.pubmine.com/wl_pixel/N96hci6m9aSArUmiy4F9EnbSlucUhSKiKA_gAzFze2n5XQTjbwrRAih08uRAXQ0rbrjj270o0QeRfpjLSc_HX2MpceOMM4Zc24dHy_NV1X0TxLT_5R18y6nj3NipV-nXgBEc1yOkhOp6WRVtWI6tT6KP4YaRDoxhHpqXJYnYsYNw_r... Frame 5174 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/wl_pixel/N96hci6m9aSArUmiy4F9EnbSlucUhSKiKA_gAzFze2n5XQTjbwrRAih08uRAXQ0rbrjj270o0QeRfpjLSc_HX2MpceOMM4Zc24dHy_NV1X0TxLT_5R18y6nj3NipV-nXgBEc1yOkhOp6WRVtWI6tT6KP4YaRDoxhHpqXJYnYsYNw_rrRDLD21li6fNNnZ2v6_CCokqpRIJbR0fbBNRbyGN9KLbAO7kf__l2IvTuENldyBAA_sW_Hm7Q9ySyQ7Weqyqjt9GYi7UxC-ptQj4MnWffA5iSSIAYTDJ5-HfkqQfin-6TrPEWd6ZtcFKVlqaoF4xj3Ja-lgON9YtkgiySm4iSPXPb1X7aS_mDoBsWEDGqk9PvtSxGJdVcf3tQshIN75yn8PF593bK19emhf9iYLRwPArOevm6_F9y5rofEzLLC8Khg0z4pJm0bK2oqUINFGw3tP0fvT6y3vhoGBw/
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; lcai9h=!43,1,1507470390; lcri5m=!163,1,1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set ajs.php
cas.criteo.com/delivery/ Frame 5174 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.criteo.com/delivery/ajs.php?ptv=27&containerid=crt-877078&zoneid=877078&cb=61253052549&nodis=1&charset=UTF-8&wpdt0=https%3A%2F%2Fs.pubmine.com%2Fimp_pixel%2FN96hci6m9aSArUmiy4F9EnbSlucUhSKiKA_gAzFze2n5XQTjbwrRAih08uRAXQ0rbrjj270o0QeRfpjLSc_HX2MpceOMM4Zc24dHy_NV1X0TxLT_5R18y6nj3NipV-nXgBEc1yOkhOp6WRVtWI6tT6KP4YaRDoxhHpqXJYnYsYNw_rrRDLD21li6fNNnZ2v6_CCokqpRIJbR0fbBNRbyGN9KLbAO7kf__l2IvTuENldyBAA_sW_Hm7Q9ySyQ7Weqyqjt9GYi7UxC-ptQj4MnWffA5iSSIAYTDJ5-HfkqQfin-6TrPEWd6ZtcFKVlqaoF4xj3Ja-lgON9YtkgiySm4iSPXPb1X7aS_mDoBsWEDGqk9PvtSxGJdVcf3tQshIN75yn8PF593bK19emhf9iYLRwPArOevm6_F9y5rofEzLLC8Khg0z4pJm0bK2oqUINFGw3tP0fvT6y3vhoGBw%2F&dc=1&atfr=0&loc=https%3A%2F%2Fshellgam3.com%2F
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.71 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
cas.criteo.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
af71fd5360713b08b9b3af5b915e7cf5a95e52bff3afae1bb766f1d8e4ebe6b1

Request headers

Pragma
no-cache
Origin
https://shellgam3.com
Accept-Encoding
gzip, deflate
Host
cas.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
https://shellgam3.com/
Origin
https://shellgam3.com

Response headers

Date
Sun, 08 Oct 2017 13:46:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
ASP.NET
P3P
CP='CUR ADM OUR NOR STA NID'
Content-Length
1524
Pragma
no-cache
Server
Microsoft-IIS/8.5
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://shellgam3.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Set-Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; domain=.criteo.com; expires=Mon, 08-Oct-2018 13:46:31 GMT; path=/ uid=447ece62-2227-48a8-8336-247757000e1e; domain=.criteo.com; expires=Mon, 08-Oct-2018 13:46:31 GMT; path=/ zdi=*1dsewzqYWwWanUDzOyaiE3w%3d%3d; domain=.criteo.com; expires=Sun, 08-Apr-2018 13:46:31 GMT; path=/
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Expires
Mon, 26 Jul 1997 05:00:00 GMT
711269536427876352
cdn.syndication.twimg.com/widgets/timelines/ 		128 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/widgets/timelines/711269536427876352?callback=__twttr.callbacks.tl_i0_711269536427876352_old&dnt=false&domain=shellgam3.com&lang=en&suppress_response_codes=true&t=1674967&tz=GMT%2B0000
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=20111117
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:1a46:1c04:1676:610:129d , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
tsa_o /
Resource Hash
bb578e16024e7332f4402b3fde9cc43d4bc468c97559a568eb28eda6af1883c6
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cdn.syndication.twimg.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename=jsonp.jsonp
Content-Length
12342
x-xss-protection
1; mode=block
x-response-time
263
last-modified
Sun, 08 Oct 2017 13:46:31 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
Content-Type
application/javascript;charset=utf-8
cache-control
must-revalidate, max-age=300
x-connection-hash
08bdd7c5cda1d32033263228ec3b54a8
set-cookie
lang=en; Path=/
timing-allow-origin
*
x-transaction
00ac944f007f1359
expires
Sun, 08 Oct 2017 13:51:31 GMT
syndication
syndication.twitter.com/i/jot/ 		43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1507470391064%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1507470391064%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
syndication.twitter.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
1; mode=block
x-response-time
104
pragma
no-cache
last-modified
Sun, 08 Oct 2017 13:46:31 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
964e55edca15fdae7d1048e49ac81e7d
x-transaction
00af677000e4a80b
expires
Tue, 31 Mar 1981 05:00:00 GMT
passback.html
s.pubmine.com/ Frame 5174 		0
0
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5174 		0
0
passback.html
s.pubmine.com/ Frame 5174 		0
0
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5174 		0
0
Cookie set match
s.pubmine.com/ Frame 5174
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=wordpress
  • https://sync.upravel.com/bidswitch/sync?sub1=wordpress
  • https://sync.upravel.com/bidswitch/sync?sub1=wordpress&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9zaGVsbGdhbTMuY29tLyJdfX0
  • https://x.bidswitch.net/sync?dsp_id=310&user_id=13a212f5-c47a-496d-ac05-e0bc26759083&expires=30&ssp=wordpress
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.49.211 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
211.49.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; lcai9h=!43,5,1507470391; lcri5m=!163,5,1507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
Cookie set ajs.php
cas.criteo.com/delivery/ Frame 5174 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.criteo.com/delivery/ajs.php?ptv=27&containerid=crt-772456&zoneid=772456&cb=42294080393&nodis=1&charset=UTF-8&wpdt0=https%3A%2F%2Fs.pubmine.com%2Fimp_pixel%2FjE8W27MaiS25lgb4fjYMgbKDbSjfE8gacFy-pRV8l3QLlrNRD1j-7c07eu6hdVGSQPd9qJQmyk1zBwhV4Yg4kLO0I_NVmVS2r9mY1Xp3ioPFH9RefmGg8U0P9F9kXaB4AtDqswkikKscA1AmQkegGnHTmdDM91tpoAZDbH55hTAAjKIVXUI2GYBW1m73ANK_CsbXT0fvYNV7rdEpzARPKyUbm5erItHrUYwAEb6_7cTt98hw8IvLjmQga3VEDlZUCljrcWw8i9jFiceg4VyILpsZyOjqUcPPza7EbkWPgYQvSTgU583pi1jiqkPhtT8-XxHz0f9fuLFrh1J-4Lo81yTMeypqZRtYQHanMMRNxfKDSp7dxr-znaYlfvfEd7txrDpKjVj36Pq3sA-CqgZt-qKJ2xyuQS4Z8mqiKblZBagUCe58tkpsz4eQMcsru-E6UHM5fNGTGioENn1L1A%2F&dc=1&atfr=0&loc=https%3A%2F%2Fshellgam3.com%2F
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.71 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
cas.criteo.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
41aac02e055605c3716ec62a8f549b2bc6f0d0f37cbc7e9364e76e44bf9831be

Request headers

Pragma
no-cache
Origin
https://shellgam3.com
Accept-Encoding
gzip, deflate
Host
cas.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1dsewzqYWwWanUDzOyaiE3w%3d%3d
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
https://shellgam3.com/
Origin
https://shellgam3.com

Response headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
ASP.NET
P3P
CP='CUR ADM OUR NOR STA NID'
Content-Length
1534
Pragma
no-cache
Server
Microsoft-IIS/8.5
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://shellgam3.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Set-Cookie
zdi=*1boIuumnqYVjCaSa3cByQ6PlmjS4DFEdP7n%2bkgSkVVGo%3d; domain=.criteo.com; expires=Sun, 08-Apr-2018 13:46:31 GMT; path=/
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set jE8W27MaiS25lgb4fjYMgbKDbSjfE8gacFy-pRV8l3QLlrNRD1j-7c07eu6hdVGSQPd9qJQmyk1zBwhV4Yg4kLO0I_NVmVS2r9mY1Xp3ioPFH9RefmGg8U0P9F9kXaB4AtDqswkikKscA1AmQkegGnHTmdDM91tpoAZDbH55hTAAjKIVXUI2GYBW1m73ANK_CsbXT...
s.pubmine.com/passback/EXOUdf-WZSWW4t1_OFOM7JrAWMD-Xq5jDj86YgZgo5DKbr-zKMEF9bFJpILFGRUYYfyiSJwHJfeITsNBlrPg35jO2uIDukU_HF4mOW2SCwswbup5M4Z2QiocJhRYkZxnKZfXicpMVlHSkRfzpMwOD3NE_AE_lXmnhckOZTEPbOifne... 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/passback/EXOUdf-WZSWW4t1_OFOM7JrAWMD-Xq5jDj86YgZgo5DKbr-zKMEF9bFJpILFGRUYYfyiSJwHJfeITsNBlrPg35jO2uIDukU_HF4mOW2SCwswbup5M4Z2QiocJhRYkZxnKZfXicpMVlHSkRfzpMwOD3NE_AE_lXmnhckOZTEPbOifneubWlEvit6Zo7cfHuqdWC_2A_f3aPGqQkQJzoszRjrFcd0iI3HXizbQkuBIRuBzmlEB90ZVuLVwK30tsJBjuwy1usT5I8S6dR7qS-gDlhgVGfggE9NjMZo5vyrj7ECt7PFo5NzJwxDqjFCd0p0KEk6mH0q5VqtyGrJnMULIV_niBd9zmwa88rTcbCkwjV_mFgmwjQI6M28ULj2fFNNDXMyNvn5Zogi0TVp00akxvfXEJTPyrSARyBtEOCpsrOsbin36UKcWKyDDQQGqDrRYZ9nEfMUYvIx6YvJN1A/jE8W27MaiS25lgb4fjYMgbKDbSjfE8gacFy-pRV8l3QLlrNRD1j-7c07eu6hdVGSQPd9qJQmyk1zBwhV4Yg4kLO0I_NVmVS2r9mY1Xp3ioPFH9RefmGg8U0P9F9kXaB4AtDqswkikKscA1AmQkegGnHTmdDM91tpoAZDbH55hTAAjKIVXUI2GYBW1m73ANK_CsbXT0fvYNV7rdEpzARPKyUbm5erItHrUYwAEb6_7cTt98hw8IvLjmQga3VEDlZUCljrcWw8i9jFiceg4VyILpsZyOjqUcPPza7EbkWPgYQvSTgU583pi1jiqkPhtT8-XxHz0f9fuLFrh1J-4Lo81yTMeypqZRtYQHanMMRNxfKDSp7dxr-znaYlfvfEd7txrDpKjVj36Pq3sA-CqgZt-qKJ2xyuQS4Z8mqiKblZBagUCe58tkpsz4eQMcsru-E6UHM5fNGTGioENn1L1A?imp_delay=211
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; lcai9h=!43,1,1507470390; lcri5m=!163,1,1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
lcai9h=!43,2,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT lcri5m=!163,2,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set match
s.pubmine.com/ Frame 5174
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=wordpress
  • https://pix.impdesk.com/csync/bidswitch?bidswitch_ssp_id=wordpress
  • https://pix.impdesk.com/csync/bidswitch?_cc=1&bidswitch_ssp_id=wordpress
  • https://x.bidswitch.net/sync?dsp_id=25&expires=30&user_id=59da2c3721821b000fa28903&ssp=wordpress
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; lcri5m=!163,6,1507470391; lcai9h=!43,6,1507470391; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
Cookie set ajs.php
cas.criteo.com/delivery/ Frame 5174 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.criteo.com/delivery/ajs.php?ptv=27&containerid=crt-772456&zoneid=772456&cb=65924155592&nodis=1&charset=UTF-8&wpdt0=https%3A%2F%2Fs.pubmine.com%2Fimp_pixel%2Fz0SmPqoHIiLY5_ebWMVL90QJkRs-rTbjrVHQ9OoRlfLcdT55F4byM3IzmTiaGnRUpScklDdddMR4mFzgGuF5oAjjxugaEVdBofwzggVg_NH_TH9JSnT5ix8aikzufHiIFYJwx6jhB8IGCOTl9NfQAaQp9xbryoqK23FlUr_5rkIawWd80vn4UzFSuwGzHzBmhSynZjrCFEG4iSlFywRcZG2Lq3HSaN9xvtqu1Ygc5xP8ZV-7aBbdEkq49K1NRg9vDrOEhC9moXVxh_zFL4jmKGZpJKy2m_ryj6kJE3jtp6lgw-j6aThnONxvg_A8OkcYLPAp-g0TmzmK7wUxLX1Kkyb3Ua_MtwoGCrQaIYqSzcTNNZhoVSZ0Kd85o8spcUh7HYh-ZC78ahRCUfjCGGCXsTzLwGDG1xvUVTpfUB2rA60A3GIdJzuU9irOivNZ8nAc3IO4MNHmwxDXnQSZCA%2F&dc=1&atfr=0&loc=https%3A%2F%2Fshellgam3.com%2F
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.71 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
cas.criteo.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a7e78b98e3acb54649733c38e5ef3b8cfa6f14fbd2de2e47e74cf86542ee7288

Request headers

Pragma
no-cache
Origin
https://shellgam3.com
Accept-Encoding
gzip, deflate
Host
cas.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1dsewzqYWwWanUDzOyaiE3w%3d%3d
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
https://shellgam3.com/
Origin
https://shellgam3.com

Response headers

Date
Sun, 08 Oct 2017 13:46:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
ASP.NET
P3P
CP='CUR ADM OUR NOR STA NID'
Content-Length
1533
Pragma
no-cache
Server
Microsoft-IIS/8.5
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://shellgam3.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Set-Cookie
zdi=*1boIuumnqYVjCaSa3cByQ6PlmjS4DFEdP7n%2bkgSkVVGo%3d; domain=.criteo.com; expires=Sun, 08-Apr-2018 13:46:31 GMT; path=/
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set z0SmPqoHIiLY5_ebWMVL90QJkRs-rTbjrVHQ9OoRlfLcdT55F4byM3IzmTiaGnRUpScklDdddMR4mFzgGuF5oAjjxugaEVdBofwzggVg_NH_TH9JSnT5ix8aikzufHiIFYJwx6jhB8IGCOTl9NfQAaQp9xbryoqK23FlUr_5rkIawWd80vn4UzFSuwGzHzBmhSynZ...
s.pubmine.com/passback/N96hci6m9aSArUmiy4F9EnbSlucUhSKiKA_gAzFze2n5XQTjbwrRAih08uRAXQ0rbrjj270o0QeRfpjLSc_HX2MpceOMM4Zc24dHy_NV1X0TxLT_5R18y6nj3NipV-nXgBEc1yOkhOp6WRVtWI6tT6KP4YaRDoxhHpqXJYnYsYNw_r... 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/passback/N96hci6m9aSArUmiy4F9EnbSlucUhSKiKA_gAzFze2n5XQTjbwrRAih08uRAXQ0rbrjj270o0QeRfpjLSc_HX2MpceOMM4Zc24dHy_NV1X0TxLT_5R18y6nj3NipV-nXgBEc1yOkhOp6WRVtWI6tT6KP4YaRDoxhHpqXJYnYsYNw_rrRDLD21li6fNNnZ2v6_CCokqpRIJbR0fbBNRbyGN9KLbAO7kf__l2IvTuENldyBAA_sW_Hm7Q9ySyQ7Weqyqjt9GYi7UxC-ptQj4MnWffA5iSSIAYTDJ5-HfkqQfin-6TrPEWd6ZtcFKVlqaoF4xj3Ja-lgON9YtkgiySm4iSPXPb1X7aS_mDoBsWEDGqk9PvtSxGJdVcf3tQshIN75yn8PF593bK19emhf9iYLRwPArOevm6_F9y5rofEzLLC8Khg0z4pJm0bK2oqUINFGw3tP0fvT6y3vhoGBw/z0SmPqoHIiLY5_ebWMVL90QJkRs-rTbjrVHQ9OoRlfLcdT55F4byM3IzmTiaGnRUpScklDdddMR4mFzgGuF5oAjjxugaEVdBofwzggVg_NH_TH9JSnT5ix8aikzufHiIFYJwx6jhB8IGCOTl9NfQAaQp9xbryoqK23FlUr_5rkIawWd80vn4UzFSuwGzHzBmhSynZjrCFEG4iSlFywRcZG2Lq3HSaN9xvtqu1Ygc5xP8ZV-7aBbdEkq49K1NRg9vDrOEhC9moXVxh_zFL4jmKGZpJKy2m_ryj6kJE3jtp6lgw-j6aThnONxvg_A8OkcYLPAp-g0TmzmK7wUxLX1Kkyb3Ua_MtwoGCrQaIYqSzcTNNZhoVSZ0Kd85o8spcUh7HYh-ZC78ahRCUfjCGGCXsTzLwGDG1xvUVTpfUB2rA60A3GIdJzuU9irOivNZ8nAc3IO4MNHmwxDXnQSZCA?imp_delay=215
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; lcai9h=!43,2,1507470391; lcri5m=!163,2,1507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
lcai9h=!43,3,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT lcri5m=!163,3,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
passback.html
s.pubmine.com/ Frame 5174 		0
0
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5174 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=b3MD8XxQMjZXTlUyMnVZaklQVGF1b3ArOVVnczBPNFcySS9YZnRKNHVzWHRUaGxuMlBuNVNFbEw2d3dEZ2d6aDZOSkh5a0hScU1pS0lzelk1Vkc5OTNleWVDaHk0T2dWbjg2YzBNQ1ZOR3A5R2hZZUxNOUtQZG9ZMzZLazFaMU03ZXpnWkhLdEVGKzRoUUNERCszU3lWNGg2Si9ITi96NEN2QTJMcTRQZEJTOVdFN3RJSUcxRUUwU2g0eG1jZERvM0VrYTY3eWxJdVFsdFpQZkxTZ28xeDc5NGtxZDZaVDV4ZVJoZzFMQUg1cVFacDU3WStqV0dJV1ZPVmY0RmJxOEsvalFOfA%3D%3D
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.66 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cat.nl.eu.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1boIuumnqYVjCaSa3cByQ6PlmjS4DFEdP7n%2bkgSkVVGo%3d
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-cache
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
passback.html
s.pubmine.com/ Frame 5174 		0
0
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5174 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=HNTonXxQMjZXTlUyMnVZaklQVGF1b3ArOVVnczBPNFcySS9YZnRKNHVzWHRUaGxrRW5Zay9ud0VhOWVwZ0EvUFBCeHBtNWtTRjdiUDg0SDVFZVlaZ0lrVmNwSlBQRXc3aWNNNW90QlNGZVovUU1vUW45c2VpNUZYVSt4VlZBWGhpTW1vQU1MVk9oRWJ6ZXo2anpGb2FiajlBU291R2JJeFdrTEw3K2MzQWg4eGVCQlo3bUM1NUsrNTJCUG9odlIzaVowRkptUHVLcTJwd0xVd01SMEZYdXpzUy9VdmwxVXVZeEd2K3Z5RFBBcm9ZUC9HdVVVMzErTXFLT25FL29ISWdZYlozfA%3D%3D
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.66 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cat.nl.eu.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1boIuumnqYVjCaSa3cByQ6PlmjS4DFEdP7n%2bkgSkVVGo%3d
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:30 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-cache
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
c1.adform.net/serving/cookie/match/ Frame 5174
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=wordpress
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=wordpress
0
0
Cookie set ajs.php
cas.criteo.com/delivery/ Frame 5174 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.criteo.com/delivery/ajs.php?ptv=27&containerid=crt-772452&zoneid=772452&cb=11150874752&nodis=1&charset=UTF-8&wpdt0=https%3A%2F%2Fs.pubmine.com%2Fimp_pixel%2F8OurEXoG2wxabdxgYeiTqj1O-hGKuXqIB0ayfPS2MiRCnuxlYyzfGLkzqnpt4oFu8c_4Cfdm9gB0PhrxRYlqBoQFl2V-tpNz2Wv2-KKjZVayd7qYS3W-X7z79NaJAm9URcDjL0sTXEgSY9PfCtJYXJTaBdnEfuUxW8LqrES6NJimkwXKe5osCaK2lpkHRexLm8IbSM-SWE1jTMwtJujr6TAehWRzcdU0ukktreceyeq9QYpTPKjUqdWYFXwWuyeTBY_wmJs99z9Vyh5vRm4rUY-oyirUA4CcVacX6w3gbSHojuh-ZZ5p9yVOEaAqF5izX-4oFVND_IxAB63DWZNBlF8_VApdOT7agzSW9kuSqDLyDtL28YBij0BKl57Evv0UeEiyt8jWbi59GQAqqucTk0DJss8kmCit7J3DgEsvs4KTUeptdgeyjtupWIMhPW_ZeKBc94Yec7odhqnA3g%2F&dc=1&atfr=0&loc=https%3A%2F%2Fshellgam3.com%2F
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.71 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
cas.criteo.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
93cfa9599ba1112c9f806cb8eacd803d7b50c069ada7f9222deab25055b74a7b

Request headers

Pragma
no-cache
Origin
https://shellgam3.com
Accept-Encoding
gzip, deflate
Host
cas.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1boIuumnqYVjCaSa3cByQ6PlmjS4DFEdP7n%2bkgSkVVGo%3d
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
https://shellgam3.com/
Origin
https://shellgam3.com

Response headers

Date
Sun, 08 Oct 2017 13:46:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
ASP.NET
P3P
CP='CUR ADM OUR NOR STA NID'
Content-Length
1523
Pragma
no-cache
Server
Microsoft-IIS/8.5
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://shellgam3.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Set-Cookie
zdi=*1hQMWmTfzT0WewbcaBpx0BEMoXus3mPs4XjQXO1iILeDVDeTdB0ENwSl9Mxte6Ihi; domain=.criteo.com; expires=Sun, 08-Apr-2018 13:46:31 GMT; path=/
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set 8OurEXoG2wxabdxgYeiTqj1O-hGKuXqIB0ayfPS2MiRCnuxlYyzfGLkzqnpt4oFu8c_4Cfdm9gB0PhrxRYlqBoQFl2V-tpNz2Wv2-KKjZVayd7qYS3W-X7z79NaJAm9URcDjL0sTXEgSY9PfCtJYXJTaBdnEfuUxW8LqrES6NJimkwXKe5osCaK2lpkHRexLm8IbS...
s.pubmine.com/passback/jE8W27MaiS25lgb4fjYMgbKDbSjfE8gacFy-pRV8l3QLlrNRD1j-7c07eu6hdVGSQPd9qJQmyk1zBwhV4Yg4kLO0I_NVmVS2r9mY1Xp3ioPFH9RefmGg8U0P9F9kXaB4AtDqswkikKscA1AmQkegGnHTmdDM91tpoAZDbH55hTAAjK... 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/passback/jE8W27MaiS25lgb4fjYMgbKDbSjfE8gacFy-pRV8l3QLlrNRD1j-7c07eu6hdVGSQPd9qJQmyk1zBwhV4Yg4kLO0I_NVmVS2r9mY1Xp3ioPFH9RefmGg8U0P9F9kXaB4AtDqswkikKscA1AmQkegGnHTmdDM91tpoAZDbH55hTAAjKIVXUI2GYBW1m73ANK_CsbXT0fvYNV7rdEpzARPKyUbm5erItHrUYwAEb6_7cTt98hw8IvLjmQga3VEDlZUCljrcWw8i9jFiceg4VyILpsZyOjqUcPPza7EbkWPgYQvSTgU583pi1jiqkPhtT8-XxHz0f9fuLFrh1J-4Lo81yTMeypqZRtYQHanMMRNxfKDSp7dxr-znaYlfvfEd7txrDpKjVj36Pq3sA-CqgZt-qKJ2xyuQS4Z8mqiKblZBagUCe58tkpsz4eQMcsru-E6UHM5fNGTGioENn1L1A/8OurEXoG2wxabdxgYeiTqj1O-hGKuXqIB0ayfPS2MiRCnuxlYyzfGLkzqnpt4oFu8c_4Cfdm9gB0PhrxRYlqBoQFl2V-tpNz2Wv2-KKjZVayd7qYS3W-X7z79NaJAm9URcDjL0sTXEgSY9PfCtJYXJTaBdnEfuUxW8LqrES6NJimkwXKe5osCaK2lpkHRexLm8IbSM-SWE1jTMwtJujr6TAehWRzcdU0ukktreceyeq9QYpTPKjUqdWYFXwWuyeTBY_wmJs99z9Vyh5vRm4rUY-oyirUA4CcVacX6w3gbSHojuh-ZZ5p9yVOEaAqF5izX-4oFVND_IxAB63DWZNBlF8_VApdOT7agzSW9kuSqDLyDtL28YBij0BKl57Evv0UeEiyt8jWbi59GQAqqucTk0DJss8kmCit7J3DgEsvs4KTUeptdgeyjtupWIMhPW_ZeKBc94Yec7odhqnA3g?imp_delay=71
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; lcai9h=!43,3,1507470391; lcri5m=!163,3,1507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
lcai9h=!43,4,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT lcri5m=!163,4,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set match
s.pubmine.com/ Frame 5174
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=wordpress
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=wordpress
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=wordpress
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7911423862854385862&ssp=wordpress
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; lcri5m=!214,2,1507470391!163,6,1507470391; lcai9h=!50,2,1507470391!43,6,1507470391; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
Cookie set ajs.php
cas.criteo.com/delivery/ Frame 5174 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.criteo.com/delivery/ajs.php?ptv=27&containerid=crt-772452&zoneid=772452&cb=17758317393&nodis=1&charset=UTF-8&wpdt0=https%3A%2F%2Fs.pubmine.com%2Fimp_pixel%2Fc2r9XoR3804mJPxVNQWA2Q43fxx8KXgaz-A8aPdqUaDuDpmna1Jbbf3VaSKMlISSLk-Cihdy92dLKCQaLbxPGm8G7P9RK1iGtzlUtr6IKFQHZT1FGr9DO8WINwBlt546QM2HYMGVmQlZZKFmtCSTytYvnqHKO_kuKBYp-oYe-urMttC5w1Orjku4o9nQOnHftrDMwLvx66OGm2dhwAa_1AbnKyiu0Mba3jMSnJbj-R5nvKqHpo7bo3fJnPEtpFCqDvWE8jFNrgp1Tiir0eUfgIL3-wXafQvT9PEk0TlOGGlomM3X0CQXtZiIiWzn1-hxKC04o04jMgk0y6TFwUvEl4OWS9dBmmrZySJ4TSQewSDHE6MXdwzBhoGsCrVKpxE8WGGHNrn5cwsAhEwSroSBVgDQLW0mRDAB_ugo4eH0Kd3CPzJTuWy3LhO2cFLDkPJQljqW-tE5Kw--5X7R9w%2F&dc=1&atfr=0&loc=https%3A%2F%2Fshellgam3.com%2F
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.71 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
cas.criteo.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a52d544ec8ade552331e659a7116303f3c60d467a593dadad7e34f039ab0e9a3

Request headers

Pragma
no-cache
Origin
https://shellgam3.com
Accept-Encoding
gzip, deflate
Host
cas.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1boIuumnqYVjCaSa3cByQ6PlmjS4DFEdP7n%2bkgSkVVGo%3d
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
https://shellgam3.com/
Origin
https://shellgam3.com

Response headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
ASP.NET
P3P
CP='CUR ADM OUR NOR STA NID'
Content-Length
1532
Pragma
no-cache
Server
Microsoft-IIS/8.5
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://shellgam3.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Set-Cookie
zdi=*1hQMWmTfzT0WewbcaBpx0BNHTuGwFHsZ0PjsWyDrHvPCxv47i0ZxSymh9XCkz2v7I; domain=.criteo.com; expires=Sun, 08-Apr-2018 13:46:31 GMT; path=/
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set c2r9XoR3804mJPxVNQWA2Q43fxx8KXgaz-A8aPdqUaDuDpmna1Jbbf3VaSKMlISSLk-Cihdy92dLKCQaLbxPGm8G7P9RK1iGtzlUtr6IKFQHZT1FGr9DO8WINwBlt546QM2HYMGVmQlZZKFmtCSTytYvnqHKO_kuKBYp-oYe-urMttC5w1Orjku4o9nQOnHftrDMw...
s.pubmine.com/passback/z0SmPqoHIiLY5_ebWMVL90QJkRs-rTbjrVHQ9OoRlfLcdT55F4byM3IzmTiaGnRUpScklDdddMR4mFzgGuF5oAjjxugaEVdBofwzggVg_NH_TH9JSnT5ix8aikzufHiIFYJwx6jhB8IGCOTl9NfQAaQp9xbryoqK23FlUr_5rkIawW... 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/passback/z0SmPqoHIiLY5_ebWMVL90QJkRs-rTbjrVHQ9OoRlfLcdT55F4byM3IzmTiaGnRUpScklDdddMR4mFzgGuF5oAjjxugaEVdBofwzggVg_NH_TH9JSnT5ix8aikzufHiIFYJwx6jhB8IGCOTl9NfQAaQp9xbryoqK23FlUr_5rkIawWd80vn4UzFSuwGzHzBmhSynZjrCFEG4iSlFywRcZG2Lq3HSaN9xvtqu1Ygc5xP8ZV-7aBbdEkq49K1NRg9vDrOEhC9moXVxh_zFL4jmKGZpJKy2m_ryj6kJE3jtp6lgw-j6aThnONxvg_A8OkcYLPAp-g0TmzmK7wUxLX1Kkyb3Ua_MtwoGCrQaIYqSzcTNNZhoVSZ0Kd85o8spcUh7HYh-ZC78ahRCUfjCGGCXsTzLwGDG1xvUVTpfUB2rA60A3GIdJzuU9irOivNZ8nAc3IO4MNHmwxDXnQSZCA/c2r9XoR3804mJPxVNQWA2Q43fxx8KXgaz-A8aPdqUaDuDpmna1Jbbf3VaSKMlISSLk-Cihdy92dLKCQaLbxPGm8G7P9RK1iGtzlUtr6IKFQHZT1FGr9DO8WINwBlt546QM2HYMGVmQlZZKFmtCSTytYvnqHKO_kuKBYp-oYe-urMttC5w1Orjku4o9nQOnHftrDMwLvx66OGm2dhwAa_1AbnKyiu0Mba3jMSnJbj-R5nvKqHpo7bo3fJnPEtpFCqDvWE8jFNrgp1Tiir0eUfgIL3-wXafQvT9PEk0TlOGGlomM3X0CQXtZiIiWzn1-hxKC04o04jMgk0y6TFwUvEl4OWS9dBmmrZySJ4TSQewSDHE6MXdwzBhoGsCrVKpxE8WGGHNrn5cwsAhEwSroSBVgDQLW0mRDAB_ugo4eH0Kd3CPzJTuWy3LhO2cFLDkPJQljqW-tE5Kw--5X7R9w?imp_delay=69
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; lcai9h=!43,4,1507470391; lcri5m=!163,4,1507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
lcai9h=!43,5,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT lcri5m=!163,5,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
passback.html
s.pubmine.com/ Frame 5174 		0
0
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5174 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=zhe49Xw1YVlZcGx6bS9hOUgrZmk1bFZEak82a1JPWWJlOUwrODZrUFZjM2V0enVOUXpRaWhnMnlDbnhKa1o0QTR4WFBmM1lwVWVrdk11d1NNb3JhR2VSdnlSbGcwV1BkT1A1TCtnWmFnMDJzMlpYdUpCUlNZMG1QNHIwd0dhK2ZqVU5OdkVrTWMvb1ZodldqVFh2S0t6ZkNObTZiVHd2elY3UnJTN2c0Q25sTS9vUUJNN3Z3VGdVQTFGLzEvZXVZZDlkKzlQaUVSZjlhVW93OE1oMWxvZUF6c3RBeGRKL3BZQndLU202ZW9HOWlMQVJpTDRUV05rM3B3WDRIcDczOW1pSThzfA%3D%3D
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.66 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cat.nl.eu.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1hQMWmTfzT0WewbcaBpx0BEMoXus3mPs4XjQXO1iILeDVDeTdB0ENwSl9Mxte6Ihi
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:30 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-cache
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
passback.html
s.pubmine.com/ Frame 5174 		0
0
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5174 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=LJMhn3w1YVlZcGx6bS9hOUgrZmk1bFZEak82a1JPWWJlOUwrODZrUFZjM2V0enVQTGFhbDRoUFN5LytpQXZ4eGpnS2d5SmZYZysxTHBuTFlCQmkzaU9YRmZkWWlYT3NyK2dvd1NwTjdiSktxbDdjdHNGQml0cW5EVy9sWkkyTzUrT2s2NHBFdzVuSUpHc2paUDI3aVMrRnRUOTlYVFJIYnNoZnpJMTdsWkhqWVAveVdXRXN5UldEQzErZ3ViTFhCM2xZc3FFb29pdy9hZGk3N0doMS8vTHFSa2o2VE11c0JSWEV3WTJYUnZoOGw5Y0JqRmJqRVRZaW1HMGs2WFlBbGFVcDNwfA%3D%3D
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.66 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cat.nl.eu.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1hQMWmTfzT0WewbcaBpx0BEMoXus3mPs4XjQXO1iILeDVDeTdB0ENwSl9Mxte6Ihi
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-cache
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set ajs.php
cas.criteo.com/delivery/ Frame 5174 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.criteo.com/delivery/ajs.php?ptv=27&containerid=crt-772448&zoneid=772448&cb=48459144476&nodis=1&charset=UTF-8&wpdt0=https%3A%2F%2Fs.pubmine.com%2Fimp_pixel%2FTy9c41beSc_XH_KWyPdNr8ZECLN38-NZrdgC0CXdBhHxuWOV5BYGIsLfJ33-FxowDQWzwmM7DjgZfDg-KeSBJ8py2u0_G_pK5gzNPOPX97AG8ZQdxLKXyGfyhUN4k8WfPWV5MwEfP2m2YERKt8DBcLfoXfmZfLC_4pck9LJRfKlm9QExDs6c45rHVlh1lyqoVb8yFk1sCBN-0-0KDg72a2ZpBFZ8iZ8nKjsRz9Am8Z_b9F3G6mtWSMc5LGHLfVxRxRxw1IIpnt7RZmbcTT709nYDrJOnXJq502fp2ceLrIBG1qwDJw0LJQesXjEKs06G5xjdMgFiuH0_78MvqnerGCiHJs9-XI_ZasjGOpBohe_cGhBJHfUk-gzgO1AMMzmXRYVKkvXqWOrYFsvxuOlD9sUGKhD2rsDZUs_IjS0NjpOXjbUCnQ6e9ZIu6uiJAfkT1t2RNKoD-MEeUWpU9w%2F&dc=1&atfr=0&loc=https%3A%2F%2Fshellgam3.com%2F
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.71 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
cas.criteo.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3ca9e330aa19a86fbea89bc3628dd654785569f8541147ab80bb240a8e1cdeba

Request headers

Pragma
no-cache
Origin
https://shellgam3.com
Accept-Encoding
gzip, deflate
Host
cas.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1hQMWmTfzT0WewbcaBpx0BEMoXus3mPs4XjQXO1iILeDVDeTdB0ENwSl9Mxte6Ihi
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
https://shellgam3.com/
Origin
https://shellgam3.com

Response headers

Date
Sun, 08 Oct 2017 13:46:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
ASP.NET
P3P
CP='CUR ADM OUR NOR STA NID'
Content-Length
1535
Pragma
no-cache
Server
Microsoft-IIS/8.5
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://shellgam3.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Set-Cookie
zdi=*1WI9EMDsELHv6%2fId1hZU7BytRQN%2fXF09cp%2bd%2bNtJh2UAOpkd74Sv0ukOpAjqGpni%2b; domain=.criteo.com; expires=Sun, 08-Apr-2018 13:46:31 GMT; path=/
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set Ty9c41beSc_XH_KWyPdNr8ZECLN38-NZrdgC0CXdBhHxuWOV5BYGIsLfJ33-FxowDQWzwmM7DjgZfDg-KeSBJ8py2u0_G_pK5gzNPOPX97AG8ZQdxLKXyGfyhUN4k8WfPWV5MwEfP2m2YERKt8DBcLfoXfmZfLC_4pck9LJRfKlm9QExDs6c45rHVlh1lyqoVb8yF...
s.pubmine.com/passback/c2r9XoR3804mJPxVNQWA2Q43fxx8KXgaz-A8aPdqUaDuDpmna1Jbbf3VaSKMlISSLk-Cihdy92dLKCQaLbxPGm8G7P9RK1iGtzlUtr6IKFQHZT1FGr9DO8WINwBlt546QM2HYMGVmQlZZKFmtCSTytYvnqHKO_kuKBYp-oYe-urMtt... 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/passback/c2r9XoR3804mJPxVNQWA2Q43fxx8KXgaz-A8aPdqUaDuDpmna1Jbbf3VaSKMlISSLk-Cihdy92dLKCQaLbxPGm8G7P9RK1iGtzlUtr6IKFQHZT1FGr9DO8WINwBlt546QM2HYMGVmQlZZKFmtCSTytYvnqHKO_kuKBYp-oYe-urMttC5w1Orjku4o9nQOnHftrDMwLvx66OGm2dhwAa_1AbnKyiu0Mba3jMSnJbj-R5nvKqHpo7bo3fJnPEtpFCqDvWE8jFNrgp1Tiir0eUfgIL3-wXafQvT9PEk0TlOGGlomM3X0CQXtZiIiWzn1-hxKC04o04jMgk0y6TFwUvEl4OWS9dBmmrZySJ4TSQewSDHE6MXdwzBhoGsCrVKpxE8WGGHNrn5cwsAhEwSroSBVgDQLW0mRDAB_ugo4eH0Kd3CPzJTuWy3LhO2cFLDkPJQljqW-tE5Kw--5X7R9w/Ty9c41beSc_XH_KWyPdNr8ZECLN38-NZrdgC0CXdBhHxuWOV5BYGIsLfJ33-FxowDQWzwmM7DjgZfDg-KeSBJ8py2u0_G_pK5gzNPOPX97AG8ZQdxLKXyGfyhUN4k8WfPWV5MwEfP2m2YERKt8DBcLfoXfmZfLC_4pck9LJRfKlm9QExDs6c45rHVlh1lyqoVb8yFk1sCBN-0-0KDg72a2ZpBFZ8iZ8nKjsRz9Am8Z_b9F3G6mtWSMc5LGHLfVxRxRxw1IIpnt7RZmbcTT709nYDrJOnXJq502fp2ceLrIBG1qwDJw0LJQesXjEKs06G5xjdMgFiuH0_78MvqnerGCiHJs9-XI_ZasjGOpBohe_cGhBJHfUk-gzgO1AMMzmXRYVKkvXqWOrYFsvxuOlD9sUGKhD2rsDZUs_IjS0NjpOXjbUCnQ6e9ZIu6uiJAfkT1t2RNKoD-MEeUWpU9w?imp_delay=75
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; lcai9h=!43,5,1507470391; lcri5m=!163,5,1507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
lcri5m=!163,6,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT lcai9h=!43,6,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set match
s.pubmine.com/ Frame 5174
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=wordpress
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=wordpress
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=wordpress
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=1c5f968f-c4fc-4b78-a977-abfb3600acd3&ssp=wordpress
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; lcri5m=!214,1,1507470391!163,6,1507470391; lcai9h=!50,1,1507470391!43,6,1507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
Cookie set ajs.php
cas.criteo.com/delivery/ Frame 5174 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.criteo.com/delivery/ajs.php?ptv=27&containerid=crt-772448&zoneid=772448&cb=11660283239&nodis=1&charset=UTF-8&wpdt0=https%3A%2F%2Fs.pubmine.com%2Fimp_pixel%2Fqk-X7AI3VRQPK7qvVfVDhidoh9o4iwy7i677QYCyZ-CUj13Tm3VxNshoerVA_I6AY8wVAoLUBH84seEXdCUYzCgOpwk5u2I7OZgjnH-nbnQ0T4-CZ490P7wWbnzs5EgUg3DYHFro3YBQaBBP7ZfTA1ima_lwdS8DyQb_i8lCeNmz14vy-ut6GQw5mAIlnFNEcRerU74JARl4hkCknGnTSETI8vZMOvo1ncP-TCFQo8zoOChvfiKU1_G8eZGS5fqPG8pFq7Wk1WKxU3UYwAIuZkkpHkNj8BFAb54hQyqBPR5LFW386oLvbr7d_BawJA8naWPfXYSh6y0DelrXA6XGFwbpDidzlDVfV9kiNTfYuhrT5-YKGwqMHch_-hmKndNBW7svOtG-YznDUixvvQSzxPSXj7-d534sJ4rJtE3_MKOSTX0PnexgnuOzfnQa_rk-VUMWBz84cH1wpfNxhg%2F&dc=1&atfr=0&loc=https%3A%2F%2Fshellgam3.com%2F
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.71 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
cas.criteo.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5772669ecc33a0eebd8b58e050c89cf44e8bfbe3d1575c4aeec0b05a62612b7d

Request headers

Pragma
no-cache
Origin
https://shellgam3.com
Accept-Encoding
gzip, deflate
Host
cas.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1hQMWmTfzT0WewbcaBpx0BEMoXus3mPs4XjQXO1iILeDVDeTdB0ENwSl9Mxte6Ihi
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
https://shellgam3.com/
Origin
https://shellgam3.com

Response headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
ASP.NET
P3P
CP='CUR ADM OUR NOR STA NID'
Content-Length
1522
Pragma
no-cache
Server
Microsoft-IIS/8.5
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://shellgam3.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Set-Cookie
zdi=*1WI9EMDsELHv6%2fId1hZU7BytRQN%2fXF09cp%2bd%2bNtJh2UCWm3Ma4%2fWGxJ2nHH8xedVc; domain=.criteo.com; expires=Sun, 08-Apr-2018 13:46:31 GMT; path=/
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set qk-X7AI3VRQPK7qvVfVDhidoh9o4iwy7i677QYCyZ-CUj13Tm3VxNshoerVA_I6AY8wVAoLUBH84seEXdCUYzCgOpwk5u2I7OZgjnH-nbnQ0T4-CZ490P7wWbnzs5EgUg3DYHFro3YBQaBBP7ZfTA1ima_lwdS8DyQb_i8lCeNmz14vy-ut6GQw5mAIlnFNEcRerU...
s.pubmine.com/passback/8OurEXoG2wxabdxgYeiTqj1O-hGKuXqIB0ayfPS2MiRCnuxlYyzfGLkzqnpt4oFu8c_4Cfdm9gB0PhrxRYlqBoQFl2V-tpNz2Wv2-KKjZVayd7qYS3W-X7z79NaJAm9URcDjL0sTXEgSY9PfCtJYXJTaBdnEfuUxW8LqrES6NJimkw... 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/passback/8OurEXoG2wxabdxgYeiTqj1O-hGKuXqIB0ayfPS2MiRCnuxlYyzfGLkzqnpt4oFu8c_4Cfdm9gB0PhrxRYlqBoQFl2V-tpNz2Wv2-KKjZVayd7qYS3W-X7z79NaJAm9URcDjL0sTXEgSY9PfCtJYXJTaBdnEfuUxW8LqrES6NJimkwXKe5osCaK2lpkHRexLm8IbSM-SWE1jTMwtJujr6TAehWRzcdU0ukktreceyeq9QYpTPKjUqdWYFXwWuyeTBY_wmJs99z9Vyh5vRm4rUY-oyirUA4CcVacX6w3gbSHojuh-ZZ5p9yVOEaAqF5izX-4oFVND_IxAB63DWZNBlF8_VApdOT7agzSW9kuSqDLyDtL28YBij0BKl57Evv0UeEiyt8jWbi59GQAqqucTk0DJss8kmCit7J3DgEsvs4KTUeptdgeyjtupWIMhPW_ZeKBc94Yec7odhqnA3g/qk-X7AI3VRQPK7qvVfVDhidoh9o4iwy7i677QYCyZ-CUj13Tm3VxNshoerVA_I6AY8wVAoLUBH84seEXdCUYzCgOpwk5u2I7OZgjnH-nbnQ0T4-CZ490P7wWbnzs5EgUg3DYHFro3YBQaBBP7ZfTA1ima_lwdS8DyQb_i8lCeNmz14vy-ut6GQw5mAIlnFNEcRerU74JARl4hkCknGnTSETI8vZMOvo1ncP-TCFQo8zoOChvfiKU1_G8eZGS5fqPG8pFq7Wk1WKxU3UYwAIuZkkpHkNj8BFAb54hQyqBPR5LFW386oLvbr7d_BawJA8naWPfXYSh6y0DelrXA6XGFwbpDidzlDVfV9kiNTfYuhrT5-YKGwqMHch_-hmKndNBW7svOtG-YznDUixvvQSzxPSXj7-d534sJ4rJtE3_MKOSTX0PnexgnuOzfnQa_rk-VUMWBz84cH1wpfNxhg?imp_delay=81
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.49.211 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
211.49.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; lcri5m=!163,6,1507470391; lcai9h=!43,6,1507470391; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
lcai9h=!43,2,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT lcri5m=!163,2,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
passback.html
s.pubmine.com/ Frame 5174 		0
0
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5174 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=0KBylXxSemNMalRmeTNyWm41R2pHU0JUamoydWIvUUhrRnkzMFRseHNDSHcxUzZwMnRvN0xzOEJmK2kwTGU5aW9YRG8zeDFjUnFrYlMyWlhMSm9WcGkwUkhVSXZGOWpnSlZQWnB0WTc4SUFYK1NjVFdVbzV3Y0RKMGJ3ZWVYTUJBZXZ2UXMydUhVUENVQ2lLaEM4SEErcXhXZnpEV1lnRkIzSGtJYlE4cFFPb1o5RXVQNmdYVUIzMUM1NW53emdZazF4azA5VCtxN2o1RnE0cEFNWGVZZ1oyV25VT3o0cTdhYnhIRVZIZHQ4ZHJFbzBXcXdpZjJmSDA1azYvb2lxb1VvUkxZfA%3D%3D
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.66 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cat.nl.eu.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1WI9EMDsELHv6%2fId1hZU7BytRQN%2fXF09cp%2bd%2bNtJh2UCWm3Ma4%2fWGxJ2nHH8xedVc
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-cache
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
passback.html
s.pubmine.com/ Frame 5174 		0
0
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5174 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=g%2B9uBnxSemNMalRmeTNyWm41R2pHU0JUamoydWIvUUhrRnkzMFRseHNDSHcxUzZyQ3ltcUxxT2w5dW1HUmoybG5FWGlmd1MvSVg5elhYNXZ0dEMwR1JKRU9ZN3V0Tllyc3VpeE1MaHNHL2tYckxqS1FrcXFHMHdRbjNMN1V1VllmMS9KYll0SzRrOEtQYnZPemRkdjBXUi9qbUFOVTBrS1haOUFuNjl1TWI1WGNlODN4Y1EzU0RPZmcyUjhWNmJyM1ZKbjloS2V3SDArUFhDY21rY0t1anRReHA3T1JXeVhucjZMWGoybit3ZVJUdnkrVzJ1T2JER01mamhQRUVRVitiSjAyfA%3D%3D
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.66 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cat.nl.eu.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1WI9EMDsELHv6%2fId1hZU7BytRQN%2fXF09cp%2bd%2bNtJh2UCWm3Ma4%2fWGxJ2nHH8xedVc
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-cache
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set match
s.pubmine.com/ Frame 5174
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=wordpress
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=wordpress
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=639863001597420005&expires=30&ssp=wordpress
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.49.211 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
211.49.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; lcri5m=!214,1,1507470391!163,6,1507470391; lcai9h=!50,1,1507470391!43,6,1507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
Cookie set ajs.php
cas.criteo.com/delivery/ Frame 5174 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.criteo.com/delivery/ajs.php?ptv=27&containerid=crt-772445&zoneid=772445&cb=13983990780&nodis=1&charset=UTF-8&wpdt0=https%3A%2F%2Fs.pubmine.com%2Fimp_pixel%2Fc39By2YTdlWIZF44x6VYBOEZyIeWm-JFx6TdLpHkccYHOkc0smx_xQbvL-C4yNrflvly2gqsyzPHEoXHZmmGddTtciHJ3w7pSkYZ5meUBtFkUxM17_8qzTBO-L1bkcpMtMfvEUlVHBrKvXqUqdtMyV-XgbrAOq3ep0kuar6uSyxkZ3XuCZA-4L3zdD_m7Ae5oPAA9V47vXQrv_AxQEUMgy5AXzl9qdSyyKNDcpXq9YVVSWiMvSS8uDQaXjC2JeOgvTle2ZqXvj5_7WwLqeFKWkWCvZ7EfBLDBtVeE_KKPzaOs8ifFKlGWqABAagyDaED2re8J9_liisfLw1iDVtCnSloDrrw_FIVt70nO-vSOnwhKQT4yi7YF7flaWN52Vzcdv4kObM-ZjY3yifdZJxhtzyoT7SED2MTfr4SE_fBv6StsF4Gj1cLzQ9mYv4SWCgvhQ8-W45UcE49GskveA%2F&dc=1&atfr=0&loc=https%3A%2F%2Fshellgam3.com%2F
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.71 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
cas.criteo.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6c18785829b836fc1afefe1fa65e9034d1d2b52867a75cc41675355459f911b2

Request headers

Pragma
no-cache
Origin
https://shellgam3.com
Accept-Encoding
gzip, deflate
Host
cas.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1WI9EMDsELHv6%2fId1hZU7BytRQN%2fXF09cp%2bd%2bNtJh2UCWm3Ma4%2fWGxJ2nHH8xedVc
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
https://shellgam3.com/
Origin
https://shellgam3.com

Response headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
ASP.NET
P3P
CP='CUR ADM OUR NOR STA NID'
Content-Length
1529
Pragma
no-cache
Server
Microsoft-IIS/8.5
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://shellgam3.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Set-Cookie
zdi=*1tCzIYVyWm5zVAQ%2bHkPCUePE4FAfDSDSNfN668xZsDUpgdOdfhi6TPpvmUP77dhZzn3n9JSwEishc28kgNlK7Jg%3d%3d; domain=.criteo.com; expires=Sun, 08-Apr-2018 13:46:31 GMT; path=/
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set c39By2YTdlWIZF44x6VYBOEZyIeWm-JFx6TdLpHkccYHOkc0smx_xQbvL-C4yNrflvly2gqsyzPHEoXHZmmGddTtciHJ3w7pSkYZ5meUBtFkUxM17_8qzTBO-L1bkcpMtMfvEUlVHBrKvXqUqdtMyV-XgbrAOq3ep0kuar6uSyxkZ3XuCZA-4L3zdD_m7Ae5oPAA9...
s.pubmine.com/passback/Ty9c41beSc_XH_KWyPdNr8ZECLN38-NZrdgC0CXdBhHxuWOV5BYGIsLfJ33-FxowDQWzwmM7DjgZfDg-KeSBJ8py2u0_G_pK5gzNPOPX97AG8ZQdxLKXyGfyhUN4k8WfPWV5MwEfP2m2YERKt8DBcLfoXfmZfLC_4pck9LJRfKlm9Q... 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/passback/Ty9c41beSc_XH_KWyPdNr8ZECLN38-NZrdgC0CXdBhHxuWOV5BYGIsLfJ33-FxowDQWzwmM7DjgZfDg-KeSBJ8py2u0_G_pK5gzNPOPX97AG8ZQdxLKXyGfyhUN4k8WfPWV5MwEfP2m2YERKt8DBcLfoXfmZfLC_4pck9LJRfKlm9QExDs6c45rHVlh1lyqoVb8yFk1sCBN-0-0KDg72a2ZpBFZ8iZ8nKjsRz9Am8Z_b9F3G6mtWSMc5LGHLfVxRxRxw1IIpnt7RZmbcTT709nYDrJOnXJq502fp2ceLrIBG1qwDJw0LJQesXjEKs06G5xjdMgFiuH0_78MvqnerGCiHJs9-XI_ZasjGOpBohe_cGhBJHfUk-gzgO1AMMzmXRYVKkvXqWOrYFsvxuOlD9sUGKhD2rsDZUs_IjS0NjpOXjbUCnQ6e9ZIu6uiJAfkT1t2RNKoD-MEeUWpU9w/c39By2YTdlWIZF44x6VYBOEZyIeWm-JFx6TdLpHkccYHOkc0smx_xQbvL-C4yNrflvly2gqsyzPHEoXHZmmGddTtciHJ3w7pSkYZ5meUBtFkUxM17_8qzTBO-L1bkcpMtMfvEUlVHBrKvXqUqdtMyV-XgbrAOq3ep0kuar6uSyxkZ3XuCZA-4L3zdD_m7Ae5oPAA9V47vXQrv_AxQEUMgy5AXzl9qdSyyKNDcpXq9YVVSWiMvSS8uDQaXjC2JeOgvTle2ZqXvj5_7WwLqeFKWkWCvZ7EfBLDBtVeE_KKPzaOs8ifFKlGWqABAagyDaED2re8J9_liisfLw1iDVtCnSloDrrw_FIVt70nO-vSOnwhKQT4yi7YF7flaWN52Vzcdv4kObM-ZjY3yifdZJxhtzyoT7SED2MTfr4SE_fBv6StsF4Gj1cLzQ9mYv4SWCgvhQ8-W45UcE49GskveA?imp_delay=71
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.49.211 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
211.49.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; lcai9h=!43,2,1507470391; lcri5m=!163,2,1507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
lcai9h=!43,3,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT lcri5m=!163,3,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set match
s.pubmine.com/ Frame 5174
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=wordpress
  • https://ws1.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=wordpress
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; lcri5m=!214,1,1507470391!163,6,1507470391; lcai9h=!50,1,1507470391!43,6,1507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
Cookie set ajs.php
cas.criteo.com/delivery/ Frame 5174 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.criteo.com/delivery/ajs.php?ptv=27&containerid=crt-772445&zoneid=772445&cb=81517228048&nodis=1&charset=UTF-8&wpdt0=https%3A%2F%2Fs.pubmine.com%2Fimp_pixel%2FHrzfJezZq6NYheaWm0Zvrk46IcJmreE2PikVV1y3mUdqwwvfvDb5qVme0lZY30MOQ_jfXeNats9BHKH5ctf-EnGmEimAH33BhEzg-45HL0zaOEwmRzse0nAYi3VqoL6mv3JVQ3wGgiamuyd0BU55V-DoH_3XN40tIvYh_lZAFZMBYdHsyiHKcPuqi8axPgRlC2xtm7IhLPrsQxs3EqErLOuRzcZTjgPu2TuwOhu-HZ23HZeabeBdgstexu2GlpLlzQtZ58aUUQRwAsJgc2IrLHtb8LXuCdwBnPCYB_8NxGvWc5Pm22cvJgfwYB6ynZK1_F03yhzEQaKRgC6JdsrGs60R5SXiHwWb3__5FRjaDjz7HUQ-P9jAahbj1f78CgxwbOZzhthGC6-sGYNA4IFKEKxs4VzkBwwKdh76VW2VF6Abl4a2WreDrLPpZ18CcK0zrannSZ8husg2h2nzVg%2F&dc=1&atfr=0&loc=https%3A%2F%2Fshellgam3.com%2F
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.71 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
cas.criteo.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c437c4d58601a8edcee08a9871183395c11d27b8f477ad238a089d4d6941beeb

Request headers

Pragma
no-cache
Origin
https://shellgam3.com
Accept-Encoding
gzip, deflate
Host
cas.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1WI9EMDsELHv6%2fId1hZU7BytRQN%2fXF09cp%2bd%2bNtJh2UCWm3Ma4%2fWGxJ2nHH8xedVc
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
https://shellgam3.com/
Origin
https://shellgam3.com

Response headers

Date
Sun, 08 Oct 2017 13:46:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
ASP.NET
P3P
CP='CUR ADM OUR NOR STA NID'
Content-Length
1519
Pragma
no-cache
Server
Microsoft-IIS/8.5
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://shellgam3.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Set-Cookie
zdi=*1tCzIYVyWm5zVAQ%2bHkPCUePE4FAfDSDSNfN668xZsDUrDsYaV8JGfiDa6m4QvF%2fmJ8R9CLmKpJyXT7mIIwZaNTQ%3d%3d; domain=.criteo.com; expires=Sun, 08-Apr-2018 13:46:31 GMT; path=/
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set HrzfJezZq6NYheaWm0Zvrk46IcJmreE2PikVV1y3mUdqwwvfvDb5qVme0lZY30MOQ_jfXeNats9BHKH5ctf-EnGmEimAH33BhEzg-45HL0zaOEwmRzse0nAYi3VqoL6mv3JVQ3wGgiamuyd0BU55V-DoH_3XN40tIvYh_lZAFZMBYdHsyiHKcPuqi8axPgRlC2xtm...
s.pubmine.com/passback/qk-X7AI3VRQPK7qvVfVDhidoh9o4iwy7i677QYCyZ-CUj13Tm3VxNshoerVA_I6AY8wVAoLUBH84seEXdCUYzCgOpwk5u2I7OZgjnH-nbnQ0T4-CZ490P7wWbnzs5EgUg3DYHFro3YBQaBBP7ZfTA1ima_lwdS8DyQb_i8lCeNmz14... 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/passback/qk-X7AI3VRQPK7qvVfVDhidoh9o4iwy7i677QYCyZ-CUj13Tm3VxNshoerVA_I6AY8wVAoLUBH84seEXdCUYzCgOpwk5u2I7OZgjnH-nbnQ0T4-CZ490P7wWbnzs5EgUg3DYHFro3YBQaBBP7ZfTA1ima_lwdS8DyQb_i8lCeNmz14vy-ut6GQw5mAIlnFNEcRerU74JARl4hkCknGnTSETI8vZMOvo1ncP-TCFQo8zoOChvfiKU1_G8eZGS5fqPG8pFq7Wk1WKxU3UYwAIuZkkpHkNj8BFAb54hQyqBPR5LFW386oLvbr7d_BawJA8naWPfXYSh6y0DelrXA6XGFwbpDidzlDVfV9kiNTfYuhrT5-YKGwqMHch_-hmKndNBW7svOtG-YznDUixvvQSzxPSXj7-d534sJ4rJtE3_MKOSTX0PnexgnuOzfnQa_rk-VUMWBz84cH1wpfNxhg/HrzfJezZq6NYheaWm0Zvrk46IcJmreE2PikVV1y3mUdqwwvfvDb5qVme0lZY30MOQ_jfXeNats9BHKH5ctf-EnGmEimAH33BhEzg-45HL0zaOEwmRzse0nAYi3VqoL6mv3JVQ3wGgiamuyd0BU55V-DoH_3XN40tIvYh_lZAFZMBYdHsyiHKcPuqi8axPgRlC2xtm7IhLPrsQxs3EqErLOuRzcZTjgPu2TuwOhu-HZ23HZeabeBdgstexu2GlpLlzQtZ58aUUQRwAsJgc2IrLHtb8LXuCdwBnPCYB_8NxGvWc5Pm22cvJgfwYB6ynZK1_F03yhzEQaKRgC6JdsrGs60R5SXiHwWb3__5FRjaDjz7HUQ-P9jAahbj1f78CgxwbOZzhthGC6-sGYNA4IFKEKxs4VzkBwwKdh76VW2VF6Abl4a2WreDrLPpZ18CcK0zrannSZ8husg2h2nzVg?imp_delay=70
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.49.211 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
211.49.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; lcai9h=!43,3,1507470391; lcri5m=!163,3,1507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
lcai9h=!43,4,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT lcri5m=!163,4,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link
t.skimresources.com/api/ 		22 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/725X1342.skimlinks.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.210.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-251-210-91.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Origin
https://shellgam3.com
Accept-Encoding
gzip, deflate
Host
t.skimresources.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://shellgam3.com/
Connection
keep-alive
Content-Length
2130
Referer
https://shellgam3.com/
Origin
https://shellgam3.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.10.2
Access-Control-Allow-Methods
GET, POST
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
Content-Length
22
track.php
t.skimresources.com/api/ 		22 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/track.php
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/725X1342.skimlinks.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.210.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-251-210-91.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Origin
https://shellgam3.com
Accept-Encoding
gzip, deflate
Host
t.skimresources.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://shellgam3.com/
Connection
keep-alive
Content-Length
578
Referer
https://shellgam3.com/
Origin
https://shellgam3.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.10.2
Access-Control-Allow-Methods
GET, POST
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
Content-Length
22
passback.html
s.pubmine.com/ Frame 5174 		0
0
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5174 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=toxn9nx2cWp3WG8rS2ZYazhzM0xrZUVYR2dJNXJ1ZGxhRnNuU2RMeVJlYVFtd2diNDA5c1BScEkvMitNb2dzaWNDRVZSbDBMSTRvT2poeTRZRHpWbCs1Vm8wUEY4dTBqeFNNSU1FdEZib215cDFPNDlEZGVkcEhCbHgvcDhXU1lqdDBGY2MrZjZlZ1lvN2xLYmFlUkhGK1dELzUwem1VVDhEUHUzUGtPSG5jbGhuVnk3OTlHek95QVNjYWhlMkZ5c2lRaUxyNlNCOUpHYjRKSkptaVFic1Z4TkQ3cGVFdGYwMGxtdXkvT0xIb3ArNndXZldabm5jODVsSEZxenlndXFwOG1ifA%3D%3D
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.66 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cat.nl.eu.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1tCzIYVyWm5zVAQ%2bHkPCUePE4FAfDSDSNfN668xZsDUrDsYaV8JGfiDa6m4QvF%2fmJ8R9CLmKpJyXT7mIIwZaNTQ%3d%3d
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-cache
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
passback.html
s.pubmine.com/ Frame 5174 		0
0
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5174 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=dxBDznx2cWp3WG8rS2ZYazhzM0xrZUVYR2dJNXJ1ZGxhRnNuU2RMeVJlYVFtd2daT1lFcWY1Nk44Q1FWOEF1VytqMlI2eTRzdjdGSmdtV3QyY2F2UUI3S1MrdU5FL0N5c0Jwc011MlRMR2FjSWF0UzEyZUZBZm13RnhpRkY2L3Z6bUJvbGdvYk5QTG5oWERCQkVNMExKUTM4clc0bllXNDgrZGZJVVFIeUVRTGZXVXNwcDJOSG0wT2JWZzdMSzJCQld2ODJTSnNpVm8xN05yeWtPeVJxdC83cmJPKzU3UmxuVTVMSlJGMWNNN3IwVmV3MmxwZ0tmVW1uZVljeUhYQlBRaE1SfA%3D%3D
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.2.66 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cat.nl.eu.criteo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
uid=447ece62-2227-48a8-8336-247757000e1e; zdi=*1tCzIYVyWm5zVAQ%2bHkPCUePE4FAfDSDSNfN668xZsDUpgdOdfhi6TPpvmUP77dhZzn3n9JSwEishc28kgNlK7Jg%3d%3d
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-cache
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set sat.js
delivery.g.switchadhub.com/adserver/ Frame 5174 		68 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.g.switchadhub.com/adserver/sat.js
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.154.251.148 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
host95-154-251-148.swtch.io
Software
nginx/1.10.1 /
Resource Hash
3c3f4e09b96ac4d467ded5bd94a4c4b5e360b582a6ffb27c34a83a572115d05b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
delivery.g.switchadhub.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Set-Cookie
SERVERID=delivery-009.g.switchadhub.com; path=/
Cache-control
private
Connection
close
Expires
Mon, 09 Oct 2017 13:46:31 GMT
Cookie set Sz065rwffLfedPreEWUOik0jn1AOeXhhqCcyYXizBnqw6ak6E1s2EVYH0Dx0i72Cr177uZjoMmzS5RqaD2PQUwiTlymChGUnhlmH8RHSy_c4TfXHk0K9x_ZQXkhljL8w5TA8HZ_1dCMrNdxLLJYsGKAEGDAtFogHW2QFCDhveALZ6Ti_YQRlO2G2YG65xL8taXrSv...
s.pubmine.com/passback/HrzfJezZq6NYheaWm0Zvrk46IcJmreE2PikVV1y3mUdqwwvfvDb5qVme0lZY30MOQ_jfXeNats9BHKH5ctf-EnGmEimAH33BhEzg-45HL0zaOEwmRzse0nAYi3VqoL6mv3JVQ3wGgiamuyd0BU55V-DoH_3XN40tIvYh_lZAFZMBYd... 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/passback/HrzfJezZq6NYheaWm0Zvrk46IcJmreE2PikVV1y3mUdqwwvfvDb5qVme0lZY30MOQ_jfXeNats9BHKH5ctf-EnGmEimAH33BhEzg-45HL0zaOEwmRzse0nAYi3VqoL6mv3JVQ3wGgiamuyd0BU55V-DoH_3XN40tIvYh_lZAFZMBYdHsyiHKcPuqi8axPgRlC2xtm7IhLPrsQxs3EqErLOuRzcZTjgPu2TuwOhu-HZ23HZeabeBdgstexu2GlpLlzQtZ58aUUQRwAsJgc2IrLHtb8LXuCdwBnPCYB_8NxGvWc5Pm22cvJgfwYB6ynZK1_F03yhzEQaKRgC6JdsrGs60R5SXiHwWb3__5FRjaDjz7HUQ-P9jAahbj1f78CgxwbOZzhthGC6-sGYNA4IFKEKxs4VzkBwwKdh76VW2VF6Abl4a2WreDrLPpZ18CcK0zrannSZ8husg2h2nzVg/Sz065rwffLfedPreEWUOik0jn1AOeXhhqCcyYXizBnqw6ak6E1s2EVYH0Dx0i72Cr177uZjoMmzS5RqaD2PQUwiTlymChGUnhlmH8RHSy_c4TfXHk0K9x_ZQXkhljL8w5TA8HZ_1dCMrNdxLLJYsGKAEGDAtFogHW2QFCDhveALZ6Ti_YQRlO2G2YG65xL8taXrSvFj8I3grTOWoDd-_HcmCNYaOY-2A18_p0rQEnAtMJ4J8HhzI0jfnbnCud-F-MOHROEkRdc_Ho3--DCxKZrtOIS0vg80bmNyEMPvwXtM6K982c1k5kkgm3wNQOUFaLtpdPgc4-H6Rcw9Ne-QBi3V0JTbkV_Sgk4YIF-2AtofoCaPmCgTvxi_7ASxuCcF0uWS3bYs3wCrGn7SvjKkG_164rB0UtlFUNx_D-MylMxMWAaQG0F9axt8mWDvtHW3Rmsouvu0rLCSMQDpLAA?imp_delay=70
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; lcai9h=!43,4,1507470391; lcri5m=!163,4,1507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
lcri5m=!214,1,1507470391!163,6,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT lcai9h=!50,1,1507470391!43,6,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set sat.js
delivery.g.switchadhub.com/adserver/ Frame 5174 		68 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.g.switchadhub.com/adserver/sat.js
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.154.251.126 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
host95-154-251-126.swtch.io
Software
nginx/1.10.1 /
Resource Hash
3c3f4e09b96ac4d467ded5bd94a4c4b5e360b582a6ffb27c34a83a572115d05b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
delivery.g.switchadhub.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Set-Cookie
SERVERID=delivery-009.g.switchadhub.com; path=/
Cache-control
private
Connection
close
Expires
Mon, 09 Oct 2017 13:46:31 GMT
Cookie set match
s.pubmine.com/ Frame 5174
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=wordpress
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dwordpress
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=ralxRZsu1E1bUz5&expires=30&ssp=wordpress
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; lcri5m=!214,2,1507470391!163,6,1507470391; lcai9h=!50,2,1507470391!43,6,1507470391; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//s.pubmine.com/match?bidder_id=1&external_user_id=425417ec-954c-4c07-9ce4-5b0b5f48b99c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
Cookie set baxhBgbRR3ungO4O7ISUthT9SEpW5yGAj8FGRlvy0CdEg7zJmhvbnP-N94fTuEj2T6B2Au4OeIyvhFuTXBt_-nNou_UTqgV9Ckm1p3lyNrwwbQTBqwmLXNimVtT_63urmYz2JaMiEhkNCEiwyidf2UeKxCkhrgMGhXUahpl-DGtaISRwOKARKxvE31wyWD-j1VkSl...
s.pubmine.com/passback/c39By2YTdlWIZF44x6VYBOEZyIeWm-JFx6TdLpHkccYHOkc0smx_xQbvL-C4yNrflvly2gqsyzPHEoXHZmmGddTtciHJ3w7pSkYZ5meUBtFkUxM17_8qzTBO-L1bkcpMtMfvEUlVHBrKvXqUqdtMyV-XgbrAOq3ep0kuar6uSyxkZ3... 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/passback/c39By2YTdlWIZF44x6VYBOEZyIeWm-JFx6TdLpHkccYHOkc0smx_xQbvL-C4yNrflvly2gqsyzPHEoXHZmmGddTtciHJ3w7pSkYZ5meUBtFkUxM17_8qzTBO-L1bkcpMtMfvEUlVHBrKvXqUqdtMyV-XgbrAOq3ep0kuar6uSyxkZ3XuCZA-4L3zdD_m7Ae5oPAA9V47vXQrv_AxQEUMgy5AXzl9qdSyyKNDcpXq9YVVSWiMvSS8uDQaXjC2JeOgvTle2ZqXvj5_7WwLqeFKWkWCvZ7EfBLDBtVeE_KKPzaOs8ifFKlGWqABAagyDaED2re8J9_liisfLw1iDVtCnSloDrrw_FIVt70nO-vSOnwhKQT4yi7YF7flaWN52Vzcdv4kObM-ZjY3yifdZJxhtzyoT7SED2MTfr4SE_fBv6StsF4Gj1cLzQ9mYv4SWCgvhQ8-W45UcE49GskveA/baxhBgbRR3ungO4O7ISUthT9SEpW5yGAj8FGRlvy0CdEg7zJmhvbnP-N94fTuEj2T6B2Au4OeIyvhFuTXBt_-nNou_UTqgV9Ckm1p3lyNrwwbQTBqwmLXNimVtT_63urmYz2JaMiEhkNCEiwyidf2UeKxCkhrgMGhXUahpl-DGtaISRwOKARKxvE31wyWD-j1VkSlubQSZgn8u-D5CghNjtU1MVZbSkDzGiscR2l0R3KGLrJrskC2MUW_8lYvArEuDQ0GrjyyXOpXEYXIwA_9hRiwjbRhEiSQ5XtT9Ge7SzqzN2JqNDNM1U9XLTREmTVb-X-kivPwV6xDSchSkxVRfSBNw_od7Nx7JOF5YHUVTJxIPDQ961PNWVEVV4afLwf5SKTc_LN_Uhqy2Vss2bbRZjmOi898OTs56d-3a-I0Rel8jxGyRilJunj6baPL-fIPTl4qvVEc0xuvHHuXg?imp_delay=88
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.187.37.134 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
134.37.187.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.pubmine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Cookie
tuuid=da8ddd46-4697-4eeb-a924-53101a989163; tuuid_last_update=1507470390; ar1d=!0,1,1507470390; us=!14,308249191; rum=!1,425417ec-954c-4c07-9ce4-5b0b5f48b99c,276713191; lcri5m=!214,1,1507470391!163,6,1507470391; lcai9h=!50,1,1507470391!43,6,1507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
lcri5m=!214,2,1507470391!163,6,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT lcai9h=!50,2,1507470391!43,6,1507470391; path=/; expires=Tue, 08-Oct-2019 13:46:31 GMT
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
1f643.png
abs.twimg.com/emoji/v2/72x72/ Frame 5174 		918 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f643.png
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4188) /
Resource Hash
19fae5f2db47b8b3ebeac86e05fd1f9e88cf9a47d035987739c5e4968fc5fad6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/emoji/v2/72x72/1f643.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
abs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
x-ton-expected-size
918
x-cache
HIT
status
200
content-length
918
x-response-time
122
surrogate-key
twitter-assets
last-modified
Mon, 31 Jul 2017 16:38:43 GMT
server
ECS (fcn/4188)
etag
"+kRNVgtToc0SGX8vBO4CPQ=="
content-type
image/png
access-control-allow-origin
*
x-connection-hash
d12c56010a5d65754e47077eaad7af5c
accept-ranges
bytes
expires
Mon, 08 Oct 2018 13:46:31 GMT
1f31f.png
abs.twimg.com/emoji/v2/72x72/ Frame 5174 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f31f.png
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41B9) /
Resource Hash
6797fa92908bbdf799cbeac5076b9265e81fca8c2b8c55c8b63330663d8abfbf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/emoji/v2/72x72/1f31f.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
abs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
x-ton-expected-size
1084
x-cache
HIT
status
200
content-length
1084
x-response-time
118
surrogate-key
twitter-assets
last-modified
Mon, 31 Jul 2017 16:38:32 GMT
server
ECS (fcn/41B9)
etag
"03c73906u19KhIVlNxk2zw=="
content-type
image/png
access-control-allow-origin
*
x-connection-hash
14278c8d491352245206279301b63985
accept-ranges
bytes
expires
Mon, 08 Oct 2018 13:46:31 GMT
fcosDj0T
pbs.twimg.com/card_img/912514515572609025/ Frame 5174 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/912514515572609025/fcosDj0T?format=jpg&name=144x144_2
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40FD) /
Resource Hash
60a313ffd9bd870c45e08eb1c3dd0d69627f0bf258bb6e5a1c341957475de3c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/card_img/912514515572609025/fcosDj0T?format=jpg&name=144x144_2
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-response-time
135
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
surrogate-key
card_img card_img/bucket/3 card_img/912514515572609025
last-modified
Tue, 26 Sep 2017 03:07:48 GMT
server
ECS (fcn/40FD)
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
fa3b142fd33c4d58a9977fa53e5d46de
accept-ranges
bytes
content-length
5234
6qArO7J0
pbs.twimg.com/card_img/914325606988374017/ Frame 5174 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/914325606988374017/6qArO7J0?format=png&name=144x144_2
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40D4) /
Resource Hash
df7ce2ce7da48fd042e9be2729062daeb67c7daff2616d3d7667ef72affd3440
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/card_img/914325606988374017/6qArO7J0?format=png&name=144x144_2
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-response-time
167
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
surrogate-key
card_img card_img/bucket/1 card_img/914325606988374017
last-modified
Sun, 01 Oct 2017 03:04:26 GMT
server
ECS (fcn/40D4)
status
200
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
584ae0f5def008ea683d3dbe1ba86d21
accept-ranges
bytes
content-length
13533
Q2iAGAxZ
pbs.twimg.com/card_img/916766995680555009/ Frame 5174 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/916766995680555009/Q2iAGAxZ?format=jpg&name=600x314
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41B1) /
Resource Hash
abff8ff6f9e2c392c348061487b12170d514e22b945971c3142e33c575004d78
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/card_img/916766995680555009/Q2iAGAxZ?format=jpg&name=600x314
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-response-time
166
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
surrogate-key
card_img card_img/bucket/2 card_img/916766995680555009
last-modified
Sat, 07 Oct 2017 20:45:39 GMT
server
ECS (fcn/41B1)
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
1325a8e6a80784cd027e4bf4a664b36f
accept-ranges
bytes
content-length
39470
8SDu6Ods
pbs.twimg.com/card_img/914773373686820865/ Frame 5174 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/914773373686820865/8SDu6Ods?format=jpg&name=600x314
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/418C) /
Resource Hash
d0e19dcc5c50a2c61ebf52fae68dd026ac3a847d8efb43165063d70afbf553bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/card_img/914773373686820865/8SDu6Ods?format=jpg&name=600x314
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-response-time
154
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
surrogate-key
card_img card_img/bucket/1 card_img/914773373686820865
last-modified
Mon, 02 Oct 2017 08:43:42 GMT
server
ECS (fcn/418C)
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
e84e6135d4f5d9a2a2db6829565442ec
accept-ranges
bytes
content-length
16178
1f525.png
abs.twimg.com/emoji/v2/72x72/ Frame 5174 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f525.png
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40D1) /
Resource Hash
3e02ae015d219946d503c08ea30190593b0b6e6c2746e1479a4dd265edbc4568
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/emoji/v2/72x72/1f525.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
abs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
x-ton-expected-size
1118
x-cache
HIT
status
200
content-length
1118
x-response-time
107
surrogate-key
twitter-assets
last-modified
Mon, 31 Jul 2017 16:38:41 GMT
server
ECS (fcn/40D1)
etag
"QQyVNwOskMSP2HRbYmRc2Q=="
content-type
image/png
access-control-allow-origin
*
x-connection-hash
6972f85c1f92e13cfccc510ac363b8bb
accept-ranges
bytes
expires
Mon, 08 Oct 2018 13:46:31 GMT
g294S_bR
pbs.twimg.com/card_img/915367045050576896/ Frame 5174 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/915367045050576896/g294S_bR?format=jpg&name=144x144_2
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AB) /
Resource Hash
5f9be6b06f2bb5dd291ce5c1128d6d208b261927605f75abfdd23f011f389442
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/card_img/915367045050576896/g294S_bR?format=jpg&name=144x144_2
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-response-time
134
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
surrogate-key
card_img card_img/bucket/6 card_img/915367045050576896
last-modified
Wed, 04 Oct 2017 00:02:44 GMT
server
ECS (fcn/41AB)
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
69f85e9c4460ed6f7d6cd4f88274e693
accept-ranges
bytes
content-length
5140
x9_uDN0C
pbs.twimg.com/card_img/915581566834954242/ Frame 5174 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/915581566834954242/x9_uDN0C?format=jpg&name=600x314
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41CE) /
Resource Hash
c21a7134e438b832152e2b659e484dd1d244935da6758674cd029e5b4a5b2248
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/card_img/915581566834954242/x9_uDN0C?format=jpg&name=600x314
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-response-time
169
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
surrogate-key
card_img card_img/bucket/5 card_img/915581566834954242
last-modified
Wed, 04 Oct 2017 14:15:10 GMT
server
ECS (fcn/41CE)
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
ca60eb30de0136c4a7e976a4f08a3015
accept-ranges
bytes
content-length
56802
timeline.0ae8d8e1525a9988c1780bb256789e6e.light.ltr.css
platform.twitter.com/css/ Frame 5174 		57 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/css/timeline.0ae8d8e1525a9988c1780bb256789e6e.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=20111117
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
41771164ef553a1e5a147886f283baa1b025f330d3f2b79c10fa28c1d5019cc3

Request headers

:path
/css/timeline.0ae8d8e1525a9988c1780bb256789e6e.light.ltr.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
platform.twitter.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
content-encoding
gzip
age
512102
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
12708
x-served-by
cache-tw-fra1-cr1-12-TWFRA1
last-modified
Fri, 29 Sep 2017 21:47:19 GMT
x-timer
S1507470392.516052,VS0,VE0
etag
"ebda55f85bbfe532097cb7f0b8079982+gzip"
vary
Accept-Encoding,Host
content-type
text/css; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
timeline.0ae8d8e1525a9988c1780bb256789e6e.light.ltr.css
platform.twitter.com/css/ 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.twitter.com/css/timeline.0ae8d8e1525a9988c1780bb256789e6e.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=20111117
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/css/timeline.0ae8d8e1525a9988c1780bb256789e6e.light.ltr.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
platform.twitter.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
content-encoding
gzip
age
512102
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
12708
x-served-by
cache-tw-fra1-cr1-12-TWFRA1
last-modified
Fri, 29 Sep 2017 21:47:19 GMT
x-timer
S1507470392.548459,VS0,VE0
etag
"ebda55f85bbfe532097cb7f0b8079982+gzip"
vary
Accept-Encoding,Host
content-type
text/css; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
F9IV31fb_normal.jpg
pbs.twimg.com/profile_images/742746526716440576/ Frame 5174 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/742746526716440576/F9IV31fb_normal.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41C8) /
Resource Hash
2dda4973d1a04ada0f2b437c0f53cbdd8531ce4881425cce963c5a93ad8bc5eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/profile_images/742746526716440576/F9IV31fb_normal.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
content-md5
6KT7siN2+z6rJ4RuF/IE/w==
x-cache
HIT
status
200
content-length
1959
x-response-time
142
surrogate-key
profile_images profile_images/bucket/3 profile_images/742746526716440576
last-modified
Tue, 14 Jun 2016 15:50:26 GMT
server
ECS (fcn/41C8)
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
6be29161920c27398411b4a7be59593e
accept-ranges
bytes
pJF_QRsx_normal.jpg
pbs.twimg.com/profile_images/908070645703036928/ Frame 5174 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/908070645703036928/pJF_QRsx_normal.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40D4) /
Resource Hash
4f05a9335fed73c4fad4e70ec95d29e7a9de2d44413f44ffcf90eacb1996f240
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/profile_images/908070645703036928/pJF_QRsx_normal.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-response-time
116
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
surrogate-key
profile_images profile_images/bucket/3 profile_images/908070645703036928
last-modified
Wed, 13 Sep 2017 20:49:27 GMT
server
ECS (fcn/40D4)
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
50b590b822c6d4b70ecedb76180b3820
accept-ranges
bytes
content-length
2111
nrjQE4M4_normal.jpg
pbs.twimg.com/profile_images/789130818128080896/ Frame 5174 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/789130818128080896/nrjQE4M4_normal.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4195) /
Resource Hash
115822430b8e10bda0d16c3a957aac330a024461487ec8fcee0498ed58a92831
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/profile_images/789130818128080896/nrjQE4M4_normal.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
content-md5
Bj1B7GcR/fAvv+NHSM8w0w==
x-cache
HIT
status
200
content-length
2035
x-response-time
117
surrogate-key
profile_images profile_images/bucket/3 profile_images/789130818128080896
last-modified
Thu, 20 Oct 2016 15:45:03 GMT
server
ECS (fcn/4195)
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
0b83e00706111ab5451c4a3af869439a
accept-ranges
bytes
H5eRszcn_normal.jpg
pbs.twimg.com/profile_images/912846116684685312/ Frame 5174 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/912846116684685312/H5eRszcn_normal.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41D9) /
Resource Hash
ecd2f7ba07e3aa62d1576238d50bf731c62cd6858cf5f42d5182d846727c9745
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/profile_images/912846116684685312/H5eRszcn_normal.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-response-time
108
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
surrogate-key
profile_images profile_images/bucket/5 profile_images/912846116684685312
last-modified
Wed, 27 Sep 2017 01:05:28 GMT
server
ECS (fcn/41D9)
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
491e003342ce4a05a8e7d581825a8ef6
accept-ranges
bytes
content-length
2111
KcfbLNDe_normal.jpg
pbs.twimg.com/profile_images/912323218312019968/ Frame 5174 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/912323218312019968/KcfbLNDe_normal.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40FB) /
Resource Hash
3edb092260e12bc468aaa44bdcd02221472c1372ad0270f04d4ee0e076f36b33
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/profile_images/912323218312019968/KcfbLNDe_normal.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-response-time
118
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
surrogate-key
profile_images profile_images/bucket/4 profile_images/912323218312019968
last-modified
Mon, 25 Sep 2017 14:27:40 GMT
server
ECS (fcn/40FB)
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7059ed3ebfcd1cc10565c74c0f7e5f56
accept-ranges
bytes
content-length
2111
wwooLWft_normal.jpg
pbs.twimg.com/profile_images/909126133794443264/ Frame 5174 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/909126133794443264/wwooLWft_normal.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41E6) /
Resource Hash
2639c95f5baf75aaa085b8cebeaac7e5d913f25d8db1e985fb34113bb5af940a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/profile_images/909126133794443264/wwooLWft_normal.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-response-time
129
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
surrogate-key
profile_images profile_images/bucket/3 profile_images/909126133794443264
last-modified
Sat, 16 Sep 2017 18:43:35 GMT
server
ECS (fcn/41E6)
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
2c17297ba87cffdb59a8060d74642f95
accept-ranges
bytes
content-length
2187
CCT45H1E_normal.jpg
pbs.twimg.com/profile_images/891857982551707648/ Frame 5174 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/891857982551707648/CCT45H1E_normal.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41EC) /
Resource Hash
b0a5cbea5cc7d84378f0455528fa8c7e9bcbe6abfe1f9ebf51841776e87740a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/profile_images/891857982551707648/CCT45H1E_normal.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
content-md5
DoSw31Q5x/eX5yRsP5efrA==
x-cache
HIT
status
200
content-length
2111
x-response-time
126
surrogate-key
profile_images profile_images/bucket/2 profile_images/891857982551707648
last-modified
Mon, 31 Jul 2017 03:06:07 GMT
server
ECS (fcn/41EC)
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
96a91eab2805993712e0ca490035739c
accept-ranges
bytes
4w5oB7JV_normal.jpg
pbs.twimg.com/profile_images/737278620377436161/ Frame 5174 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/737278620377436161/4w5oB7JV_normal.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41CF) /
Resource Hash
84750f5c3572a6eb49b91c8f245ea25c07a92f4ba34a3afaf3c81f35c2b167a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/profile_images/737278620377436161/4w5oB7JV_normal.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
content-md5
+ezf4AwABHXJZEeplhtRUw==
x-cache
HIT
status
200
content-length
2111
x-response-time
122
surrogate-key
profile_images profile_images/bucket/2 profile_images/737278620377436161
last-modified
Mon, 30 May 2016 13:42:55 GMT
server
ECS (fcn/41CF)
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
67bab3581bb1ac6ac040f146a9e3f15b
accept-ranges
bytes
OgNF6I4-_normal.jpg
pbs.twimg.com/profile_images/863403109183365120/ Frame 5174 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/863403109183365120/OgNF6I4-_normal.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41CF) /
Resource Hash
408829a071496ff4cded2021a577b2395bb65e90797fc0a23537ababf05ea3a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/profile_images/863403109183365120/OgNF6I4-_normal.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
content-md5
slaN2R8/bWEpqydueOy5QQ==
x-cache
HIT
status
200
content-length
2035
x-response-time
133
surrogate-key
profile_images profile_images/bucket/7 profile_images/863403109183365120
last-modified
Sat, 13 May 2017 14:36:37 GMT
server
ECS (fcn/41CF)
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
2a2e5a133dd129432bc410dedf35b4b7
accept-ranges
bytes
rYdMHqMQ_normal.jpg
pbs.twimg.com/profile_images/913770184665595904/ Frame 5174 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/913770184665595904/rYdMHqMQ_normal.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41D8) /
Resource Hash
9aa19f87b87a842d957e5f2dd3294b4d5dc3194990f5e0b3eb8d5e5944941287
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/profile_images/913770184665595904/rYdMHqMQ_normal.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-response-time
107
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
surrogate-key
profile_images profile_images/bucket/5 profile_images/913770184665595904
last-modified
Fri, 29 Sep 2017 14:17:23 GMT
server
ECS (fcn/41D8)
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
eadbba1b592e4f34245175183668af95
accept-ranges
bytes
content-length
2263
tavis_ormandy_normal.jpg
pbs.twimg.com/profile_images/497251061/ Frame 5174 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/497251061/tavis_ormandy_normal.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4190) /
Resource Hash
6f34ceda8ed39a1497430e9774c912a240f1043de1d8a448daa7eb637d24e380
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/profile_images/497251061/tavis_ormandy_normal.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
content-md5
5fhPXn+SJ4MkgCSWAHT74g==
x-cache
HIT
status
200
content-length
7190
x-response-time
118
surrogate-key
profile_images profile_images/bucket/1 profile_images/497251061
last-modified
Thu, 04 Nov 2010 01:42:54 GMT
server
ECS (fcn/4190)
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
f2abed87f17d79de4e71f44df65310e6
accept-ranges
bytes
DLdVG2eVAAIZyDB.jpg:small
pbs.twimg.com/media/ Frame 5174 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/DLdVG2eVAAIZyDB.jpg:small
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/418D) /
Resource Hash
411617b523c1fc35f3890a8ab5054e065c47867a367b566b6cfb5004634eafe6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/media/DLdVG2eVAAIZyDB.jpg:small
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-response-time
117
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
surrogate-key
media media/bucket/6 media/916294625383481346
last-modified
Fri, 06 Oct 2017 13:28:37 GMT
server
ECS (fcn/418D)
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7bbc8cb090a8156e6eba0c50880394fa
accept-ranges
bytes
content-length
54724
DD2VgPnXYAAujkK.jpg:small
pbs.twimg.com/media/ Frame 5174 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/DD2VgPnXYAAujkK.jpg:small
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40F9) /
Resource Hash
b12e03e513824a9848dbf804abb7974c8532a068e68fa11be5a7ed412dd0f8a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/media/DD2VgPnXYAAujkK.jpg:small
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
content-md5
Muxfp8BNSVcZV8v0eZPNXQ==
x-cache
HIT
status
200
content-length
57139
x-response-time
109
surrogate-key
media media/bucket/4 media/882025483214479360
last-modified
Mon, 03 Jul 2017 23:55:17 GMT
server
ECS (fcn/40F9)
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
65b37e79de5b23cca5627683dd35890b
accept-ranges
bytes
DDW_5qyUIAAwFqJ.jpg:small
pbs.twimg.com/media/ Frame 5174 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/DDW_5qyUIAAwFqJ.jpg:small
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41BD) /
Resource Hash
4942259a098ca90cd92c86edb2cddb94683c875d125e684fbeb76820723633d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/media/DDW_5qyUIAAwFqJ.jpg:small
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
content-md5
LDpKR/dMFgTlOx9fxFAVag==
x-cache
HIT
status
200
content-length
50377
x-response-time
111
surrogate-key
media media/bucket/8 media/879820299679571968
last-modified
Tue, 27 Jun 2017 21:52:40 GMT
server
ECS (fcn/41BD)
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
be07ef2de531d3cf3246b8bc97f34fa3
accept-ranges
bytes
DDWnlIeXsAAoaCj.jpg:small
pbs.twimg.com/media/ Frame 5174 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/DDWnlIeXsAAoaCj.jpg:small
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41C4) /
Resource Hash
a0d3cdc8512139037b4230a27b361baa5e0dcfa5e069e2ae7a64a641eb9ff30d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/media/DDWnlIeXsAAoaCj.jpg:small
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
content-md5
MAghEEL/A1db13t2V6uSiA==
x-cache
HIT
status
200
content-length
48588
x-response-time
108
surrogate-key
media media/bucket/2 media/879793558592663552
last-modified
Tue, 27 Jun 2017 20:06:24 GMT
server
ECS (fcn/41C4)
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b737e32ed7811a3465bc924f23dfd16d
accept-ranges
bytes
C-i9cfxVwAAI1vk.jpg:small
pbs.twimg.com/media/ Frame 5174 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/C-i9cfxVwAAI1vk.jpg:small
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AB) /
Resource Hash
221695a23da38f0a5aca182ef696df2dc22945c890cc69ca7598328deec75537
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/media/C-i9cfxVwAAI1vk.jpg:small
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
content-md5
T1c0kDysLpg0xdu1v7yznw==
x-cache
HIT
status
200
content-length
49611
x-response-time
108
surrogate-key
media media/bucket/9 media/858144026276511744
last-modified
Sat, 29 Apr 2017 02:18:54 GMT
server
ECS (fcn/41AB)
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
f275596bd498f1318968862299222ba8
accept-ranges
bytes
DKmFTTiX0AEfhty.jpg:small
pbs.twimg.com/media/ Frame 5174 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/DKmFTTiX0AEfhty.jpg:small
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/418D) /
Resource Hash
fbc63ebebb4af3d1f370c26d8e25eeceeed8ef0aa106ff28369d99c9ac26af3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/media/DKmFTTiX0AEfhty.jpg:small
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-response-time
115
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
surrogate-key
media media/bucket/0 media/912406966227685377
last-modified
Mon, 25 Sep 2017 20:00:27 GMT
server
ECS (fcn/418D)
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
5a75418ca1bc3b7332e8d37e146f30ad
accept-ranges
bytes
content-length
10089
DKmFTTmXkAAUxv8.jpg:small
pbs.twimg.com/media/ Frame 5174 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/DKmFTTmXkAAUxv8.jpg:small
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4185) /
Resource Hash
49692a53ac71e496186981d63b7442f2b9840b20c8a40ca32a1a8bbfb5e68d57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/media/DKmFTTmXkAAUxv8.jpg:small
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-response-time
152
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
surrogate-key
media media/bucket/5 media/912406966244446208
last-modified
Mon, 25 Sep 2017 20:00:27 GMT
server
ECS (fcn/4185)
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
524be907b69eb3de693d7cf64a553926
accept-ranges
bytes
content-length
11913
DKmFTTjXcAEDE8p.jpg:small
pbs.twimg.com/media/ Frame 5174 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/DKmFTTjXcAEDE8p.jpg:small
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A1) /
Resource Hash
c78b4aedf4f3c6379a07d9d884f94f67363a2ff211b6bacd04b40a842f83406f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/media/DKmFTTjXcAEDE8p.jpg:small
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pbs.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

x-response-time
110
date
Sun, 08 Oct 2017 13:46:31 GMT
x-content-type-options
nosniff
surrogate-key
media media/bucket/7 media/912406966231855105
last-modified
Mon, 25 Sep 2017 20:00:27 GMT
server
ECS (fcn/41A1)
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
086f764d4f72de90ad28ab3079c48a25
accept-ranges
bytes
content-length
20824
syndication_bundle_v1_82bf0e17151661577a10f7dd1e3e30dea8e59ed9.css
ton.twimg.com/tfw/css/ Frame 5174 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_82bf0e17151661577a10f7dd1e3e30dea8e59ed9.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=20111117
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.46.231 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
4702bd1e2ecb726f066d8540d580f06918a85683a2270bbd6c97b610572656dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/tfw/css/syndication_bundle_v1_82bf0e17151661577a10f7dd1e3e30dea8e59ed9.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
ton.twimg.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
udL0iEPg+TkBnMRv5og4FQ==
age
415200
x-ton-expected-size
44914
x-cache
HIT
status
200
content-length
6785
x-served-by
cache-tw-fra1-cr1-7-TWFRA1
x-response-time
117
access-control-allow-origin
https://twitter.com
last-modified
Thu, 21 Sep 2017 16:42:54 GMT
etag
"udL0iEPg+TkBnMRv5og4FQ=="
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=31536000
x-connection-hash
e1b304e1e7b117a385368d68bddb2c3b
accept-ranges
bytes
expires
Tue, 03 Oct 2017 18:26:31 GMT
syndication_bundle_v1_82bf0e17151661577a10f7dd1e3e30dea8e59ed9.css
ton.twimg.com/tfw/css/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_82bf0e17151661577a10f7dd1e3e30dea8e59ed9.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=20111117
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.46.231 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/tfw/css/syndication_bundle_v1_82bf0e17151661577a10f7dd1e3e30dea8e59ed9.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
ton.twimg.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
udL0iEPg+TkBnMRv5og4FQ==
age
415200
x-ton-expected-size
44914
x-cache
HIT
status
200
content-length
6785
x-served-by
cache-tw-fra1-cr1-7-TWFRA1
x-response-time
117
access-control-allow-origin
https://twitter.com
last-modified
Thu, 21 Sep 2017 16:42:54 GMT
etag
"udL0iEPg+TkBnMRv5og4FQ=="
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=31536000
x-connection-hash
e1b304e1e7b117a385368d68bddb2c3b
accept-ranges
bytes
expires
Tue, 03 Oct 2017 18:26:31 GMT
truncated
/ Frame 5174 		707 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5174 		825 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5174 		559 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd7887cf9a61431f64864df1e5fe9823e163638bf811dc97ee556268886bf865

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5174 		618 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b051420a41347f3e04fbe6745d5fa58c3dfd40a7209b8dc09a138bc6381bd8dc

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5174 		739 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5174 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml;charset=utf-8
meta_web.php
delivery.g.switchadhub.com/adserver/ Frame 5174 		0
0
meta_web.php
delivery.g.switchadhub.com/adserver/ Frame 5174 		0
0
news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg
ton.twimg.com/tfw/assets/ Frame 5174 		829 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ton.twimg.com/tfw/assets/news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.46.231 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/tfw/assets/news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
ton.twimg.com
referer
https://ton.twimg.com/tfw/css/syndication_bundle_v1_82bf0e17151661577a10f7dd1e3e30dea8e59ed9.css
:scheme
https
:method
GET
Referer
https://ton.twimg.com/tfw/css/syndication_bundle_v1_82bf0e17151661577a10f7dd1e3e30dea8e59ed9.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
CTUg6L9PuY+d9h5xpE0zmw==
age
320420
x-ton-expected-size
829
x-cache
HIT
status
200
content-length
395
x-served-by
cache-tw-fra1-cr1-7-TWFRA1
x-response-time
7
access-control-allow-origin
https://twitter.com
last-modified
Wed, 21 Jun 2017 18:40:00 GMT
etag
"CTUg6L9PuY+d9h5xpE0zmw=="
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish
cache-control
max-age=31536000
x-connection-hash
2192fb80d5131aa6a04cff0462ee87a7
accept-ranges
bytes
expires
Wed, 28 Jun 2017 20:46:13 GMT
sat.js
delivery.g.switchadhub.com/adserver/ Frame 5174 		68 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.g.switchadhub.com/adserver/sat.js
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.154.251.147 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
host95-154-251-147.swtch.io
Software
nginx/1.10.1 /
Resource Hash
3c3f4e09b96ac4d467ded5bd94a4c4b5e360b582a6ffb27c34a83a572115d05b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
delivery.g.switchadhub.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
SERVERID=delivery-009.g.switchadhub.com; SWID=59da2c37b91a81.6446720715795046541507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
Connection
close
Content-Type
text/javascript;charset=UTF-8
Transfer-Encoding
chunked
Expires
Mon, 09 Oct 2017 13:46:31 GMT
Cookie set sombrero.php
delivery.g.switchadhub.com/adserver/ Frame 5174 		1 KB
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.g.switchadhub.com/adserver/sombrero.php?instance_id=0&zone_id=984&token=T_14dhbpd2dsvbhr3ego2p3aa7puo&slb=1&load_id=3vm554a3h7736bkte8k21g5fpu8&bw=1600&bh=1200&tzo=0&charset=UTF-8&hc=1&fv=-&tm=1507470391807&jsv=5.5.1-548&chain_id=2b01bm2g3ec7414llddd1roalcg&cb=119329067.62278938&depth=1&fr=1&pw=300&ph=250&loc=https%3A%2F%2Fshellgam3.com%2F&referer=&atop=1&sw=1600&sh=1200&fw=300&fh=250&gth=https%3A%2F%2Fshellgam3.com&cfh=shellgam3.com
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.154.251.147 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
host95-154-251-147.swtch.io
Software
nginx/1.10.1 /
Resource Hash
0c28f20f4fffd22c100b2807b45da6585b1049a4b5c7d2e2351f60fea1233845

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
delivery.g.switchadhub.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
SERVERID=delivery-009.g.switchadhub.com; SWID=59da2c37b91a81.6446720715795046541507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
Set-Cookie
SWID=59da2c37b91a81.6446720715795046541507470391; expires=Mon, 08-Oct-2018 13:46:31 GMT; Max-Age=31536000; path=/ OAID=19aec73f442ef003a7b2fa5088e0c9ce; expires=Mon, 08-Oct-2018 13:46:31 GMT; Max-Age=31536000; path=/
Transfer-Encoding
chunked
Connection
close
Content-Type
text/html; charset=UTF-8
sat.js
delivery.g.switchadhub.com/adserver/ Frame 5174 		68 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.g.switchadhub.com/adserver/sat.js
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.154.251.171 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
host95-154-251-171.swtch.io
Software
nginx/1.10.1 /
Resource Hash
3c3f4e09b96ac4d467ded5bd94a4c4b5e360b582a6ffb27c34a83a572115d05b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
delivery.g.switchadhub.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
SERVERID=delivery-009.g.switchadhub.com; SWID=59da2c37b91a81.6446720715795046541507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
Connection
close
Content-Type
text/javascript;charset=UTF-8
Transfer-Encoding
chunked
Expires
Mon, 09 Oct 2017 13:46:31 GMT
Cookie set sombrero.php
delivery.g.switchadhub.com/adserver/ Frame 5174 		1 KB
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.g.switchadhub.com/adserver/sombrero.php?instance_id=0&zone_id=984&token=T_3hvnmp3s9i44o2brsnecut1ca1&slb=1&load_id=r19uua18380bf2258vtf3iam7i3&bw=1600&bh=1200&tzo=0&charset=UTF-8&hc=1&fv=-&tm=1507470391835&jsv=5.5.1-548&chain_id=3cvqth52p5ls9i1n7r2k3r78ltd&cb=116617834.12118275&depth=1&fr=1&pw=300&ph=250&loc=https%3A%2F%2Fshellgam3.com%2F&referer=&atop=1&sw=1600&sh=1200&fw=300&fh=250&gth=https%3A%2F%2Fshellgam3.com&cfh=shellgam3.com
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.154.251.171 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
host95-154-251-171.swtch.io
Software
nginx/1.10.1 /
Resource Hash
516a70648adac1ef6e49969143acc8bce77f2b09dee748514e0f5be99952f06e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
delivery.g.switchadhub.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
SERVERID=delivery-009.g.switchadhub.com; SWID=59da2c37b91a81.6446720715795046541507470391
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:31 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
Set-Cookie
SWID=59da2c37b91a81.6446720715795046541507470391; expires=Mon, 08-Oct-2018 13:46:31 GMT; Max-Age=31536000; path=/ OAID=4202ce8e3c490d0a4b6d6a747bc8ef32; expires=Mon, 08-Oct-2018 13:46:31 GMT; Max-Age=31536000; path=/
Transfer-Encoding
chunked
Connection
close
Content-Type
text/html; charset=UTF-8
jot.html
platform.twitter.com/ Frame 5174
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
0
0
Cookie set lg.php
delivery.g.switchadhub.com/adserver/ Frame 5174 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.g.switchadhub.com/adserver/lg.php?bannerid=6886&campaignid=881&zoneid=984&token=T_14dhbpd2dsvbhr3ego2p3aa7puo&cb=26c30dd94a&chid=2b01bm2g3ec7414llddd1roalcg&load_id=3vm554a3h7736bkte8k21g5fpu8
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.154.251.126 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
host95-154-251-126.swtch.io
Software
nginx/1.10.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
delivery.g.switchadhub.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
SERVERID=delivery-009.g.switchadhub.com; SWID=59da2c37b91a81.6446720715795046541507470391; OAID=19aec73f442ef003a7b2fa5088e0c9ce
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:32 GMT
Server
nginx/1.10.1
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Set-Cookie
OAID=19aec73f442ef003a7b2fa5088e0c9ce; expires=Mon, 08-Oct-2018 13:46:32 GMT; Max-Age=31536000; path=/
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
Cookie set wp300.jpg
images.g.switchadhub.com/adserver/www/images/ Frame 5174 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.g.switchadhub.com/adserver/www/images/wp300.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.154.251.147 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
host95-154-251-147.swtch.io
Software
nginx/1.10.0 /
Resource Hash
a0ca5bc25c51ea914c656b6a3bbb0df4a3da54ba4457924d847e6cc730886193

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
images.g.switchadhub.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:32 GMT
Last-Modified
Fri, 08 Sep 2017 10:23:31 GMT
Server
nginx/1.10.0
ETag
"59b26fa3-4d67"
Connection
close
Content-Type
image/jpeg
Cache-control
private
Set-Cookie
SERVERID=admin-1.g.switchadhub.com; path=/
Accept-Ranges
bytes
Content-Length
19815
user_sync.php
delivery.swid.switchadhub.com/adserver/ Frame 5174 		0
0
jot
syndication.twitter.com/i/ 		43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fshellgam3.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_id%22%3A%22711269536427876352%22%2C%22widget_data_source%22%3A%22711269536427876352%22%2C%22message%22%3A%22jetpack%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1507470391991%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22d0987a1%3A1506634298927%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22element%22%3A%22notice%22%2C%22action%22%3A%22seen%22%7D%7D&notice_seen=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fshellgam3.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_id%22%3A%22711269536427876352%22%2C%22widget_data_source%22%3A%22711269536427876352%22%2C%22message%22%3A%22jetpack%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1507470391991%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22d0987a1%3A1506634298927%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22element%22%3A%22notice%22%2C%22action%22%3A%22seen%22%7D%7D&notice_seen=true
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
syndication.twitter.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
1; mode=block
x-response-time
105
pragma
no-cache
last-modified
Sun, 08 Oct 2017 13:46:32 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
964e55edca15fdae7d1048e49ac81e7d
x-transaction
0001811400cee4f7
expires
Tue, 31 Mar 1981 05:00:00 GMT
jot
syndication.twitter.com/i/ 		43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fshellgam3.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_id%22%3A%22711269536427876352%22%2C%22widget_data_source%22%3A%22711269536427876352%22%2C%22message%22%3A%22jetpack%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22widget_in_viewport%22%3Atrue%2C%22item_ids%22%3A%5B%22916295029412462592%22%2C%22912406976528863232%22%2C%22912213035124740096%22%2C%22901135234070069248%22%2C%22892003385888485376%22%2C%22892000219566669824%22%2C%22882985570401701888%22%2C%22881712481923723271%22%2C%22882345786033545217%22%2C%22882025887071440897%22%2C%22879738542276186114%22%2C%22879820306331860994%22%2C%22879793827267174400%22%2C%22870661797740765184%22%2C%22863499395102363648%22%2C%22863363969909698561%22%2C%22860679110728622080%22%2C%22858144593979854851%22%2C%22857166210684858370%22%2C%22856957171321458689%22%5D%2C%22item_details%22%3A%7B%22916295029412462592%22%3A%7B%22item_type%22%3A0%7D%2C%22912406976528863232%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22912456135034200064%22%7D%2C%22912213035124740096%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22912455397058990082%22%7D%2C%22901135234070069248%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22901154895608283140%22%7D%2C%22892003385888485376%22%3A%7B%22item_type%22%3A0%7D%2C%22892000219566669824%22%3A%7B%22item_type%22%3A0%7D%2C%22882985570401701888%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22883185964285214721%22%7D%2C%22881712481923723271%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22882566748909817856%22%7D%2C%22882345786033545217%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22882563541148065793%22%7D%2C%22882025887071440897%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22882562786559221760%22%7D%2C%22879738542276186114%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22879820508707082242%22%7D%2C%22879820306331860994%22%3A%7B%22item_type%22%3A0%7D%2C%22879793827267174400%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22879820273251487745%22%7D%2C%22870661797740765184%22%3A%7B%22item_type%22%3A0%7D%2C%22863499395102363648%22%3A%7B%22item_type%22%3A0%7D%2C%22863363969909698561%22%3A%7B%22item_type%22%3A0%7D%2C%22860679110728622080%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22860860997422243840%22%7D%2C%22858144593979854851%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22859368823740301312%22%7D%2C%22857166210684858370%22%3A%7B%22item_type%22%3A0%7D%2C%22856957171321458689%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1507470391992%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22d0987a1%3A1506634298927%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fshellgam3.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_id%22%3A%22711269536427876352%22%2C%22widget_data_source%22%3A%22711269536427876352%22%2C%22message%22%3A%22jetpack%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22widget_in_viewport%22%3Atrue%2C%22item_ids%22%3A%5B%22916295029412462592%22%2C%22912406976528863232%22%2C%22912213035124740096%22%2C%22901135234070069248%22%2C%22892003385888485376%22%2C%22892000219566669824%22%2C%22882985570401701888%22%2C%22881712481923723271%22%2C%22882345786033545217%22%2C%22882025887071440897%22%2C%22879738542276186114%22%2C%22879820306331860994%22%2C%22879793827267174400%22%2C%22870661797740765184%22%2C%22863499395102363648%22%2C%22863363969909698561%22%2C%22860679110728622080%22%2C%22858144593979854851%22%2C%22857166210684858370%22%2C%22856957171321458689%22%5D%2C%22item_details%22%3A%7B%22916295029412462592%22%3A%7B%22item_type%22%3A0%7D%2C%22912406976528863232%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22912456135034200064%22%7D%2C%22912213035124740096%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22912455397058990082%22%7D%2C%22901135234070069248%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22901154895608283140%22%7D%2C%22892003385888485376%22%3A%7B%22item_type%22%3A0%7D%2C%22892000219566669824%22%3A%7B%22item_type%22%3A0%7D%2C%22882985570401701888%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22883185964285214721%22%7D%2C%22881712481923723271%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22882566748909817856%22%7D%2C%22882345786033545217%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22882563541148065793%22%7D%2C%22882025887071440897%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22882562786559221760%22%7D%2C%22879738542276186114%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22879820508707082242%22%7D%2C%22879820306331860994%22%3A%7B%22item_type%22%3A0%7D%2C%22879793827267174400%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22879820273251487745%22%7D%2C%22870661797740765184%22%3A%7B%22item_type%22%3A0%7D%2C%22863499395102363648%22%3A%7B%22item_type%22%3A0%7D%2C%22863363969909698561%22%3A%7B%22item_type%22%3A0%7D%2C%22860679110728622080%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22860860997422243840%22%7D%2C%22858144593979854851%22%3A%7B%22item_type%22%3A10%2C%22target_type%22%3A0%2C%22target_id%22%3A%22859368823740301312%22%7D%2C%22857166210684858370%22%3A%7B%22item_type%22%3A0%7D%2C%22856957171321458689%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1507470391992%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22d0987a1%3A1506634298927%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
syndication.twitter.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 08 Oct 2017 13:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
1; mode=block
x-response-time
106
pragma
no-cache
last-modified
Sun, 08 Oct 2017 13:46:32 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
964e55edca15fdae7d1048e49ac81e7d
x-transaction
0006b91800846acf
expires
Tue, 31 Mar 1981 05:00:00 GMT
Cookie set wp300.jpg
images.g.switchadhub.com/adserver/www/images/ Frame 5174 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.g.switchadhub.com/adserver/www/images/wp300.jpg
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.154.251.148 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
host95-154-251-148.swtch.io
Software
nginx/1.10.0 /
Resource Hash
a0ca5bc25c51ea914c656b6a3bbb0df4a3da54ba4457924d847e6cc730886193

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
images.g.switchadhub.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://shellgam3.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:32 GMT
Last-Modified
Fri, 08 Sep 2017 10:23:31 GMT
Server
nginx/1.10.0
ETag
"59b26fa3-4d67"
Connection
close
Content-Type
image/jpeg
Cache-control
private
Set-Cookie
SERVERID=admin-1.g.switchadhub.com; path=/
Accept-Ranges
bytes
Content-Length
19815
Cookie set lg.php
delivery.g.switchadhub.com/adserver/ Frame 5174 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.g.switchadhub.com/adserver/lg.php?bannerid=6886&campaignid=881&zoneid=984&token=T_3hvnmp3s9i44o2brsnecut1ca1&cb=4e606480d0&chid=3cvqth52p5ls9i1n7r2k3r78ltd&load_id=r19uua18380bf2258vtf3iam7i3
Requested by
Host: shellgam3.com
URL: https://shellgam3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.154.251.156 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
host95-154-251-156.swtch.io
Software
nginx/1.10.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
delivery.g.switchadhub.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://shellgam3.com/
Cookie
SERVERID=delivery-009.g.switchadhub.com; SWID=59da2c37b91a81.6446720715795046541507470391; OAID=4202ce8e3c490d0a4b6d6a747bc8ef32
Connection
keep-alive
Cache-Control
no-cache
Referer
https://shellgam3.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 08 Oct 2017 13:46:32 GMT
Server
nginx/1.10.1
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Set-Cookie
OAID=4202ce8e3c490d0a4b6d6a747bc8ef32; expires=Mon, 08-Oct-2018 13:46:32 GMT; Max-Age=31536000; path=/
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
user_sync.php
delivery.swid.switchadhub.com/adserver/ Frame 5174 		0
0
settings
syndication.twitter.com/ 		57 B
91 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=20111117
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
d442331ca710bdda5dfc13b7f65f78d601d0f9576d83a9eb1e628dcbbbbb2ef6
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

:path
/settings
pragma
no-cache
origin
https://shellgam3.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
syndication.twitter.com
referer
https://shellgam3.com/
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
https://shellgam3.com/
Origin
https://shellgam3.com

Response headers

x-response-time
104
date
Sun, 08 Oct 2017 13:46:32 GMT
content-encoding
gzip
last-modified
Sun, 08 Oct 2017 13:46:32 GMT
server
tsa_o
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shellgam3.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
964e55edca15fdae7d1048e49ac81e7d
strict-transport-security
max-age=631138519
content-length
82

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
platform.twitter.com
URL
https://platform.twitter.com/widgets/twitter_cookies.html?namespace=twttr%3Acookies&origin=https%3A%2F%2Fshellgam3.com
Domain
platform.twitter.com
URL
https://platform.twitter.com/widgets/twitter_cookies.html?namespace=twttr%3Acookies&origin=https%3A%2F%2Fshellgam3.com
Domain
s.pubmine.com
URL
https://s.pubmine.com/passback.html
Domain
cat.nl.eu.criteo.com
URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=QZJk83x2WTlxbnVzSGpJMFhiSXd0L2RnbXFodldld1VHSXFCU3FpQnk5YnpYRmFlYStZTThDaTBKSjV2WTZkcFBSRDFLK2pHT2k1bmFoa2RjY3VjbDMvWExpdzVKQSthNFZtZ0U0OWQrWGF5YWVYL0xRQVpUZWVVOXRhdjVKVnh2bFFwMmNEbTBPVWd0Tmp2T0Z3RVJlSGNNNVN4UFY2QWpVK3lTajVOWEFtZlN5N0o0d09tMVE0NnlJVVRlQnVnNmN5dEhWVUpuYlJkYTlPeHRLSEpsSHlKUlMwYzQ1NDIrYk03MTFRYmF4aTMzdUhuQko1TVA5dmtrZDlVL3c3RnRTWE5kfA%3D%3D
Domain
s.pubmine.com
URL
https://s.pubmine.com/passback.html
Domain
cat.nl.eu.criteo.com
URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=1&cpp=po0bVnx2WTlxbnVzSGpJMFhiSXd0L2RnbXFodldld1VHSXFCU3FpQnk5YnpYRmFkbnFwNmorV0dEaHM2ZXltSlorUFljcUlkMks2RTBFWFZ1UXR4NjBtLzkycnlySE04NkwrcG9YYmxKVXozQUhPRC9QMzROUDdmQjRmSHZZYzlIenFxZEc0NnU1NmZNTTdEd3lxVWpSanFRS2kvQTlab2VBdlRCVWVrT1hKZnZIR1lmT3BDeE5PZHpmR1dWdkxRMFFVMzkxNXBybWlLVEtDRDJXYmVRZXN6YTVTMFg3L1UvM24veEoxcHMvNFk2R1N3bFhtdzJKVmJCWFNNdEptaHYzU1FpfA%3D%3D
Domain
s.pubmine.com
URL
https://s.pubmine.com/passback.html
Domain
s.pubmine.com
URL
https://s.pubmine.com/passback.html
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=wordpress
Domain
s.pubmine.com
URL
https://s.pubmine.com/passback.html
Domain
s.pubmine.com
URL
https://s.pubmine.com/passback.html
Domain
s.pubmine.com
URL
https://s.pubmine.com/passback.html
Domain
s.pubmine.com
URL
https://s.pubmine.com/passback.html
Domain
s.pubmine.com
URL
https://s.pubmine.com/passback.html
Domain
s.pubmine.com
URL
https://s.pubmine.com/passback.html
Domain
delivery.g.switchadhub.com
URL
https://delivery.g.switchadhub.com/adserver/meta_web.php?zone_id=984&instance_id=0
Domain
delivery.g.switchadhub.com
URL
https://delivery.g.switchadhub.com/adserver/meta_web.php?zone_id=984&instance_id=0
Domain
platform.twitter.com
URL
https://platform.twitter.com/jot.html
Domain
delivery.swid.switchadhub.com
URL
https://delivery.swid.switchadhub.com/adserver/user_sync.php?do[sync]=1
Domain
delivery.swid.switchadhub.com
URL
https://delivery.swid.switchadhub.com/adserver/user_sync.php?do[sync]=1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Domain/Path Name / Value
delivery.g.switchadhub.com/ Name: SERVERID
Value: delivery-009.g.switchadhub.com
delivery.g.switchadhub.com/ Name: SWID
Value: 59da2c37b91a81.6446720715795046541507470391
shellgam3.com/ Name: __utmz
Value: 1.1507470391.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
shellgam3.com/ Name: __utmc
Value: 1
shellgam3.com/ Name: __utmb
Value: 1.1.10.1507470391
shellgam3.com/ Name: __utma
Value: 1.940037597.1507470391.1507470391.1507470391.1
shellgam3.com/ Name: __utmt
Value: 1

1 Console Messages

Source Level URL
Text
console-api log URL: https://s1.wp.com/_static/??-eJyF0G0KwjAMBuAL2dXJxP0Rz1Lr60hdP2zaDT29FSYiVIVAIHkISeQcBDk95hNYmhLXjHhbUmN4JX8BYWmIKqGx5F5Ye5fg0tNaf6QRIjOiGkqtDDr7iguekwVzQZXu50rkJsL8lxmkoPRFRDDdUTuEw3vn7x9Y1MHu267fbfp2263NA675cvs=(Line 9)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.gravatar.com
1.gravatar.com
2.gravatar.com
a.volvelle.tech
abs.twimg.com
acuityplatform.com
bidder.criteo.com
c1.adform.net
cas.criteo.com
cat.nl.eu.criteo.com
cdn.syndication.twimg.com
delivery.g.switchadhub.com
delivery.swid.switchadhub.com
fonts.googleapis.com
fonts.gstatic.com
images.g.switchadhub.com
infosec584.files.wordpress.com
p.rfihub.com
p.skimresources.com
pbs.twimg.com
pix.impdesk.com
pixel.wp.com
platform.twitter.com
pm.w55c.net
r-login.wordpress.com
r.254a.com
r.skimresources.com
s.pubmine.com
s.skimresources.com
s0.wp.com
s1.wp.com
s2.wp.com
shellgam3.com
ssl.google-analytics.com
static.criteo.net
stats.wp.com
sync-eu.exe.bid
sync.upravel.com
syndication.twitter.com
t.skimresources.com
ton.twimg.com
ws1.rqtrk.eu
x.bidswitch.net
c1.adform.net
cat.nl.eu.criteo.com
delivery.g.switchadhub.com
delivery.swid.switchadhub.com
platform.twitter.com
s.pubmine.com
104.244.42.136
104.244.46.231
130.211.101.233
130.211.49.211
136.243.15.176
146.148.8.25
148.251.237.106
151.101.112.129
154.59.122.51
178.250.0.93
178.250.2.66
178.250.2.71
178.250.2.74
185.19.219.27
192.0.72.22
192.0.73.2
192.0.76.3
192.0.77.32
192.0.78.18
192.0.78.25
193.0.160.207
199.96.57.6
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:1a46:1c04:1676:610:129d
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::200a
2a00:1450:4001:81e::2008
34.251.210.91
35.187.37.134
35.187.60.88
35.187.83.163
35.189.237.203
35.190.40.172
35.190.74.53
37.157.6.253
54.76.253.20
54.93.149.237
95.154.251.126
95.154.251.147
95.154.251.148
95.154.251.156
95.154.251.171
016bbcedf89d0a6db6ae1753f56f3a55c31e62697adc0b43e7ec3b52dc5b5495
08b30d2b8406fe5e67fc2acd902ab15691bda85d1c2c2bc7d6d21f1bc68a34db
092b611e223ebc84e87bf5421811fcd15624e22b1c0e811f906593b7f76a5ee7
0c28f20f4fffd22c100b2807b45da6585b1049a4b5c7d2e2351f60fea1233845
0d9dc6fba71965d00ad1b27795c1ffbb8d97ff88f20d6758f4b05f77b602de15
0fe6f79ac2f97a652ba67581894ea266f73be0153ae316b37dc0e10d49da57ed
115822430b8e10bda0d16c3a957aac330a024461487ec8fcee0498ed58a92831
119eb5c4019d59b18651cb7ec1d25a35433f24c6757a445b88571f045baf4006
13c54e14dd6484efa5183c3463361ea4ad50fb0830b2a2a927ffc309de026aa9
15f67c17db3d5616cfa54580753390874c778e3733cee46cf0e3d0bea2b31c06
1873ab953fd34bd84892d8812f281c6f2604673ed74af70a49a8b31e05f103c7
19fae5f2db47b8b3ebeac86e05fd1f9e88cf9a47d035987739c5e4968fc5fad6
2194e3be1047737467aa2d9556d9b3f384d8bcf9de58d2635c28159bb8a79bde
21c557180f1bd074974eb41ae4228b6aa9c41234ab1729d780bc8f05761110bb
221695a23da38f0a5aca182ef696df2dc22945c890cc69ca7598328deec75537
24610920675a6818ca81b7737c043ff45b9e8bed9acf25f0c2b6184f1e52dbcd
2639c95f5baf75aaa085b8cebeaac7e5d913f25d8db1e985fb34113bb5af940a
2bce8afbf93b9ccc43079d60f3c7a93935506b359ebd094f24487f2f8e055ff3
2cc36325d084916070e1ccd243aa555bf19f82b72057d0a4a0e56f78eef9c396
2dda4973d1a04ada0f2b437c0f53cbdd8531ce4881425cce963c5a93ad8bc5eb
2f86c86224b094542523953c8416338261bcd94300bc56f4183cac560ef8c924
30bfd79520446356010fdda9b1ea81e7b5929407c21296870d085648782e30ee
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
34c7016ff8f26e82d4fca67d8a3bf85611345da3f7a3a9b04bed2ef28bdf496e
3527d152f0327598d75e31794f62269047e3281d39eff956cc208889556e0222
353ecc807854a9e20508bc6da4c3e21bf818e8f8349325f9dc674e35ab1f08fc
37e75aeaf5772cbe1d91228cd965745f6026124b1c5962c707d9b5fbed020f61
389dff87b22a9477895b49b48f56b25cd8b2e23703c8bb391487598d0928adcd
3ae4faa1046b62a5301b59ede742fabeba4a1b825fdb5a4d3ac1280796b8161e
3c3f4e09b96ac4d467ded5bd94a4c4b5e360b582a6ffb27c34a83a572115d05b
3ca9e330aa19a86fbea89bc3628dd654785569f8541147ab80bb240a8e1cdeba
3e02ae015d219946d503c08ea30190593b0b6e6c2746e1479a4dd265edbc4568
3e89cc37bf5ed3061f177a5a854c2f1aae684734ed3db3f7f0fa3aaf49f9235b
3edb092260e12bc468aaa44bdcd02221472c1372ad0270f04d4ee0e076f36b33
3f10442336cd9b12279a4662345ca628aa1dc48b9993a7cc75c2077b6ecbaf6b
408829a071496ff4cded2021a577b2395bb65e90797fc0a23537ababf05ea3a4
411617b523c1fc35f3890a8ab5054e065c47867a367b566b6cfb5004634eafe6
416ae12e61b9f8507e98270ef37a20feb621cad8c7cf2c522dfe2de582032dcf
41771164ef553a1e5a147886f283baa1b025f330d3f2b79c10fa28c1d5019cc3
41aac02e055605c3716ec62a8f549b2bc6f0d0f37cbc7e9364e76e44bf9831be
429211d484000410d07c8feb468def4de31954d1014f130e305f354d0214bfeb
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4530f8a9b22e4e948f50e8c88c809c7c484d0e0a86e891159a7013d3218cfc22
45b2a850b8696735e8f4f7f60413f3111db830ea0869bb6ec61a4754e36a1465
4702bd1e2ecb726f066d8540d580f06918a85683a2270bbd6c97b610572656dd
4942259a098ca90cd92c86edb2cddb94683c875d125e684fbeb76820723633d1
494fd6f659e78cac76813d77e70ad45320d5eebb128d930c199c8f2d50ef7cc7
49692a53ac71e496186981d63b7442f2b9840b20c8a40ca32a1a8bbfb5e68d57
4ab894c2d01326f1ada28df624d209bb0a9554685e48bbf906e33fecbdeb9e3d
4aba43327b701237b52a4e65b3f360256e31b2fc6b9d2e27b15d05438b95e0a7
4b1c725832e34537fd61c5e32945e48c2913e52be766afb44fd54b061bb5786d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
4f05a9335fed73c4fad4e70ec95d29e7a9de2d44413f44ffcf90eacb1996f240
516a70648adac1ef6e49969143acc8bce77f2b09dee748514e0f5be99952f06e
51a0e00d30c727ec35e1338efe85fa021fc7f407f8a5d59f138f71baad163568
524d06ca272af40f02113ee8e83ae4372e1c6e59c2c519a82e047c9ca092c116
54215d9c7409956986b2dc3f5e364b8aec4e97f21cce66acc67697c660b69e08
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5772669ecc33a0eebd8b58e050c89cf44e8bfbe3d1575c4aeec0b05a62612b7d
59ce49f6dfbeb8a71aeabba1e2075fbfe776319a5036a6eb48e9317fc300ccd2
5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7
5d2d710d1778a38f7dd6bfa27b253f32b80377605a942d406e52d6a0cae3df54
5f5b1548093f9690756ecfd97d3aea8976e6b18b2afdb371d19ce7ff09bc29f3
5f9be6b06f2bb5dd291ce5c1128d6d208b261927605f75abfdd23f011f389442
60754eb2a545a695803215bcdf5acc7fc98cc56ac059f64fd3607310953ac648
60a313ffd9bd870c45e08eb1c3dd0d69627f0bf258bb6e5a1c341957475de3c2
6169f8d39f199ab82cb3046d3675de542bbe13ea02404e599f05ecb0531c4c52
620504778cb12b61d103df1c2ec29dfceb60c3c1e68a6372c9e5a53416f4402c
62f674f9cedf2b92c536653669b281bfeb2966851cf75329b64e5676bb59d2f0
6344c75287c213a718b34deeb0c4c2207402ae262c6d39c18ad0f057c40f8de5
6797fa92908bbdf799cbeac5076b9265e81fca8c2b8c55c8b63330663d8abfbf
68077704463d37059a0002a569d4d887b4906a12bd5d6ea91ba81ca8bf73f3f4
6c18785829b836fc1afefe1fa65e9034d1d2b52867a75cc41675355459f911b2
6dfee18f331f7b0458db50064d57b24bfc694537bd83ae693f547e7308319cce
6f34ceda8ed39a1497430e9774c912a240f1043de1d8a448daa7eb637d24e380
6fb60f85f90f4b22f80e8fd1038aced648b483ba9c6934d37d88523872f91a18
7096f0e356b32f20ab2c7bf3aec0624733c9e4e77327b6cf69a1b04a6719d7ed
74c732148bee537014575036cba9fc94530268b7dc90fda2d42421d4ad883df6
7d08e9159f7d2bf0835085cbd1ffb0252b0e11de45ed07db4447f8e63f181dbf
7d81dd6d7509308def11162753549e8281723ac73a4518e0bb5d7e6e3d333189
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84750f5c3572a6eb49b91c8f245ea25c07a92f4ba34a3afaf3c81f35c2b167a1
87e71766cdef61d871279128579f493c29d289f2b676068721eea34c8485b245
8ef56295398484453fb3394b4043049dd2276352d45f4c582fce21b675cb3ee2
903b7e2441eaa650a66704d3c7dadaeffa3b2483de92888350440d4566d64a3f
920c9189a522af2214445b9b592232c64c6bcb262bd4bcf1e1abad27c5cbe606
93cfa9599ba1112c9f806cb8eacd803d7b50c069ada7f9222deab25055b74a7b
9615ab6515c577a5853ccef6743c781c4b356d86fa92310438d317de458a45d4
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
9aa19f87b87a842d957e5f2dd3294b4d5dc3194990f5e0b3eb8d5e5944941287
9ac52ba3443b8b979af1032a48bafc52ca9698c5dd41b74706b68027fdf87e03
9b512aa7bed2c3fe836caf29c903220a0b437a0535db428f5f187184ff0b26e0
9e719b95576554d54e724904371d82d7b21a971b5a6760900625252d89884cb9
9fa2b914492a2605d74904be1ff2b7325276f59fe28519e06d05f3845e1c9ff0
a0ca5bc25c51ea914c656b6a3bbb0df4a3da54ba4457924d847e6cc730886193
a0d3cdc8512139037b4230a27b361baa5e0dcfa5e069e2ae7a64a641eb9ff30d
a167f5ec488c197929d1ee3b1bd577f9a7f71e15ae762f2b4d25cbbfa6fe7093
a1ad4c5627049525d75de99023280d0bbfab3f8a010d4be967b3916b39017f54
a24f5ef74451abb86063c4b1859a841ed0ad2d329ed4e87dc402b4e5b97bbd8c
a4f5131506a633f7cdbd925cdc1c71c9a4a2f06531330566454773273c341d4a
a52d544ec8ade552331e659a7116303f3c60d467a593dadad7e34f039ab0e9a3
a7e78b98e3acb54649733c38e5ef3b8cfa6f14fbd2de2e47e74cf86542ee7288
a9cdd47e6c7abae2078f7d6843a2043b3878fa8a0ff7765569135644b12df54a
ab09289b59cbff4f9e603213b15ee3feb7c1605603c8be17b5848d4423f96f8c
ab7e2ffdc04169e144920d681f782403d86113dd0a50dee1eb0522fb4c92375b
abff8ff6f9e2c392c348061487b12170d514e22b945971c3142e33c575004d78
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adc3ebba0b9de47a3ad48efc55e8be3e9234b1156fb6f36be3b783134b5f4c3e
af71fd5360713b08b9b3af5b915e7cf5a95e52bff3afae1bb766f1d8e4ebe6b1
b051420a41347f3e04fbe6745d5fa58c3dfd40a7209b8dc09a138bc6381bd8dc
b054bf1eb2dfd78fef6679ceedc86af28a81d0f8d0b74030af4e375ff16f3dc2
b0a5cbea5cc7d84378f0455528fa8c7e9bcbe6abfe1f9ebf51841776e87740a7
b12e03e513824a9848dbf804abb7974c8532a068e68fa11be5a7ed412dd0f8a8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b156b5d24f65e76cfff6123c837215362fd186996f49ebf793b0297fc37acfc1
b385db8c3e8a12dcb58e1ac24dde8882b207e634414ef3a22be6618a6261c090
b73acea0a8d7587e40dc5550b0f9ed6f3fdba666f0db83b133e737ed38238a01
b78462818925e30baf818a090387b1f8275ba7834e48c97ec5d7dff6a6171891
b88ef88888a5e304169761f29af2892cf170297e48a2745c407330575162df57
b8b82297c5a2571c2c41c3f0b10dfa2843be30bf75b2fa592291c4d77426bd6d
bb578e16024e7332f4402b3fde9cc43d4bc468c97559a568eb28eda6af1883c6
bca05269d23d854077857366e80a834f238cace6a4bcef0cb03ef1c373e0c73f
c0e93b5ebf107af77d9e7d101d186b3b93e9d5ad4fbb6a74e2dea60173cc04f8
c21a7134e438b832152e2b659e484dd1d244935da6758674cd029e5b4a5b2248
c34f9419a1848d45fb8f61e0f17ff382de84b42f887ff07ec8f7215e62403324
c437c4d58601a8edcee08a9871183395c11d27b8f477ad238a089d4d6941beeb
c650600748deb7bbae7352ff9d3bd1013e916848b8aa10a36f60c0225228dcf8
c70b54f83a13aeaae5b49d9787d79db666721ba8d9c877dc732023c47304f071
c78b4aedf4f3c6379a07d9d884f94f67363a2ff211b6bacd04b40a842f83406f
c8e3699362d1d2ffc0c97b36e93b1e793034ca7b98896ca2260c2c1dcd973d59
ca9928a9089953036dd9bd12a9bccb612612b271b2cc048200da775a5c433394
cb0d7022e4aea6bd92147dd3dbecf8f41112be7d536999b290b1d7a64be5dfc4
cc8e6eaf41da278fc530470225ad6e0bfa4e628c2113dd69151e44f0a7182cc5
cd70441bcc2ef1e9d9c86d6cc51be1c51fafc7579e3df3f720faea0b4413c7b3
cd7887cf9a61431f64864df1e5fe9823e163638bf811dc97ee556268886bf865
cde4fcde212560c28911cee52ac368796a23dd0b10f37eff95c32be07ec70ab4
ce41cfc71abc987544c8fb3ddae7d42789c15bc47a8c9ebc850b915d9cfceebf
cf9c918781f2dabd58842ffe3ae1d888a65740bc182e5bb8f6bfc30e71410412
d078d3d647e88a95bef07fcf1b724fcf965a56dbfcc0ddedf49b8ed6c5efafcf
d0e19dcc5c50a2c61ebf52fae68dd026ac3a847d8efb43165063d70afbf553bb
d442331ca710bdda5dfc13b7f65f78d601d0f9576d83a9eb1e628dcbbbbb2ef6
dba6b80aceb1267fd1ed564e08a983730d272813e9b3aff85dc365c65333dd66
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd16d2b2bc7a1eb42c688ecdf304cf7861a8ae319ec3ea2f6f401d554379b167
de713eddc0f51a6247749174c3fd94e53fc1cedf9e723ea22c2b3cdb4e30ef70
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
df7ce2ce7da48fd042e9be2729062daeb67c7daff2616d3d7667ef72affd3440
e00a667fe4cad234d71296391e0d215e3e7dce81c2ba22b06e3b4eddc3e275bf
e21a78c956d1e720fa05c198498f217dbb98fe15394f182e1008a13c0cc6fd4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f6a232138a2992064e3f39aae317a816a4b892340be34695e42089e0e95cdc
ebb712ab09629f6c76116536d644bebeadc843199e9763b0bdf25dafd8382e7d
ecd2f7ba07e3aa62d1576238d50bf731c62cd6858cf5f42d5182d846727c9745
ed75b506b1bd69ad2b489104965a911ecbbdd30fcfaa35d05963cbad58a6fd66
edcddb9f0b4dfadef5e0af2e9c719fe0006bfbbd17e081e6a6b61a4f67f6637a
f19051df26a0d10922eb00de7856bc219f1430157c620b9b10fa93082e3e0e3e
f26a45aa4754cd28eb070423cf889861a4fdcb10da6c5503161dd40d7dcd8243
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f54d8981534c25d7d2abe7180267560de52b05985fa0ba027f550161dc59dd51
fbad7de11eaccc4476f08c2254fdb15c0d64d64f19f426dc76673c74e7f84e24
fbc63ebebb4af3d1f370c26d8e25eeceeed8ef0aa106ff28369d99c9ac26af3b
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe4e7706260db5eff9e91a497c9e90d6b5e24fb16992c6a32194f4925d778414