shell-shockers.co Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shell-shockers.co/
Effective URL:
https://shell-shockers.co/
Submission: On September 14 via api (September 14th 2022, 7:29:26 am UTC) from SG — Scanned from NL

Summary HTTP 311 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 23 domains to perform 311 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is shell-shockers.co. The Cisco Umbrella rank of the primary domain is 926929.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2022. Valid for: a year.

This is the only time shell-shockers.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 36	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
15	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
96	2606:4700:20:... 2606:4700:20::681a:894	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 23	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
2	2606:4700:310... 2606:4700:3108::ac42:28be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
3	13.35.253.90 13.35.253.90	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:810::200a	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	65.9.66.123 65.9.66.123	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 7	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	99.86.4.6 99.86.4.6	16509 (AMAZON-02) (AMAZON-02)
5 7	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	18.66.147.62 18.66.147.62	16509 (AMAZON-02) (AMAZON-02)
311	34

36 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

shell-shockers.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

96 2606:4700:20::681a:894 (United States)

ASN13335 (CLOUDFLARENET, US)

shellshock.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

sdk.crazygames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:28be (United States)

ASN13335 (CLOUDFLARENET, US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.253.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-90.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:810::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-123.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-6.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-62.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
96	shellshock.io shellshock.io — Cisco Umbrella Rank: 185409	20 MB
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	654 KB
36	shell-shockers.co 1 redirects shell-shockers.co — Cisco Umbrella Rank: 926929	851 KB
27	gstatic.com fonts.gstatic.com www.gstatic.com	458 KB
26	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 stats.g.doubleclick.net — Cisco Umbrella Rank: 188	359 KB
10	fbcdn.net static.xx.fbcdn.net	415 KB
10	google.com 5 redirects adservice.google.com — Cisco Umbrella Rank: 142 region1.analytics.google.com — Cisco Umbrella Rank: 3915 www.google.com — Cisco Umbrella Rank: 19	2 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120 imasdk.googleapis.com — Cisco Umbrella Rank: 456	133 KB
7	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 111	36 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	264 KB
5	google.nl adservice.google.nl — Cisco Umbrella Rank: 10122 www.google.nl — Cisco Umbrella Rank: 6102	2 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	283 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	40 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 871 script.hotjar.com — Cisco Umbrella Rank: 1152 vars.hotjar.com — Cisco Umbrella Rank: 1247	68 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 362	46 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	215 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 972 www.googleadservices.com — Cisco Umbrella Rank: 159	18 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3423 onesignal.com — Cisco Umbrella Rank: 947	73 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	166 KB
2	adinplay.com api.adinplay.com — Cisco Umbrella Rank: 50021	136 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 493	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1568	5 KB
1	crazygames.com sdk.crazygames.com — Cisco Umbrella Rank: 116271	8 KB
311	23

	Domain	Requested by
96	shellshock.io	shell-shockers.co shellshock.io static.cloudflareinsights.com
36	shell-shockers.co	1 redirects shell-shockers.co
35	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
22	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
19	pagead2.googlesyndication.com	shell-shockers.co pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	www.gstatic.com	shellshock.io googleads.g.doubleclick.net
10	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
10	fonts.gstatic.com	fonts.googleapis.com
9	fonts.googleapis.com	shell-shockers.co shellshock.io www.gstatic.com googleads.g.doubleclick.net
7	www.google.com	5 redirects shellshock.io tpc.googlesyndication.com
7	www.facebook.com	2 redirects shellshock.io connect.facebook.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	connect.facebook.net	shell-shockers.co connect.facebook.net shellshock.io
4	www.google-analytics.com	shell-shockers.co www.google-analytics.com
3	www.google.nl	shellshock.io
3	c.amazon-adsystem.com	api.adinplay.com c.amazon-adsystem.com
3	www.googletagmanager.com	shellshock.io shell-shockers.co www.googletagmanager.com
3	cdnjs.cloudflare.com	shellshock.io cdnjs.cloudflare.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	securepubads.g.doubleclick.net	api.adinplay.com securepubads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.nl	pagead2.googlesyndication.com
2	cdn.onesignal.com	shellshock.io cdn.onesignal.com
2	api.adinplay.com	shellshock.io api.adinplay.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	onesignal.com	cdn.onesignal.com
1	imasdk.googleapis.com	api.adinplay.com
1	cdn.jsdelivr.net	api.adinplay.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.cloudflareinsights.com	shellshock.io
1	sdk.crazygames.com	shellshock.io
311	35

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-11` - `2023-07-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-23` - `2022-09-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
store.cohortcs.com GTS CA 1D4	`2022-09-01` - `2022-11-30`	3 months	crt.sh
adinplay.com Cloudflare Inc ECC CA-3	`2022-06-21` - `2023-06-21`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://shell-shockers.co/
Frame ID: 204DF1F3DBBB09F28CD50DFF71F8F595
Requests: 52 HTTP requests in this frame

Frame: https://shell-shockers.co/shell-shockers.embed
Frame ID: F76ADD4915B96841D6D76F8453AE982D
Requests: 1 HTTP requests in this frame

Frame: https://shellshock.io/
Frame ID: BA6DE2D7368FFE076EDAFAEA2325B189
Requests: 144 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html
Frame ID: FB93124CACD9C0561BC3D998374CC8F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&adk=1812271804&adf=3025194257&lmt=1663140561&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshell-shockers.co%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560758&bpp=2&bdt=560&idt=242&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5820490533469&frm=20&pv=2&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=258
Frame ID: FA9A7468B594CFD57A71A28118210962
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=3387905186&adf=3610118697&pi=t.ma~as.2589404083&w=1200&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560760&bpp=2&bdt=562&idt=262&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=87&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LMs5zLgH5g&p=https%3A//shell-shockers.co&dtd=267
Frame ID: F13A928358FAB8C00F2E5AA7638C2DC7
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=2578728252&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560762&bpp=1&bdt=565&idt=270&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UImC1EFgnH&p=https%3A//shell-shockers.co&dtd=272
Frame ID: C5FD64EBF0A79C9AE6ACDCF14E7E4E57
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=779800344&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560763&bpp=1&bdt=565&idt=276&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1435&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mDnzpqWhIC&p=https%3A//shell-shockers.co&dtd=278
Frame ID: A3BE327B8AF057AC36C166355B0F5825
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282
Frame ID: 47929944EEC4F5C77C7A87B41FCC9F2B
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10208165358550059533/Bram_160x600.html
Frame ID: 2A3C6762C4E80CDA3685547A50CBC256
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C14AE67C3540DD64B8D2CB4D5714D105
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1
Frame ID: D85D08C8ABCC0964B2C9CB4D036F03C5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1
Frame ID: FCA5A1F620CEDEBA007AC9038E8CCE97
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E20D09B835F70FA0A1B8B0946C13F314
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js
Frame ID: 5CA05EB4DEF82A69CCCCADDCDDABDD20
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js
Frame ID: F1389BA878E3C98B53C950BFD59111E1
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 95CE03954316BBBF1D6A7E4FDB6A4C55
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 7EF50A83617B0778A5085BF3C5F3CF28
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1CDC4A6635894E8BC05BE6361C0645CE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8C7A6963C45A16702402EFA22C23E77D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js
Frame ID: 44B19C6C457B86EFAAD436254C89F3CD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js
Frame ID: BF1EA0FA6D7F54B407E875A642575EA9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3501be0ed1df98%26domain%3Dshell-shockers.co%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshell-shockers.co%252Ff39655b42063a68%26relation%3Dparent.parent&color_scheme=light&container_width=990&height=100&href=http%3A%2F%2Fshell-shockers.co%2F&locale=en_US&numposts=5&sdk=joey&version=v3.3&width
Frame ID: 4D5642FC7AAF0493BDC1CB2FC0CF618F
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D510AEB9CA66E92331F7271DD5838E04
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EEAB433171BD79A634ED90F2DB078CAC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shell Shockers

Page URL History Show full URLs

http://shell-shockers.co/ HTTP 301
https://shell-shockers.co/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

311
Requests

99 %
HTTPS

76 %
IPv6

23
Domains

35
Subdomains

34
IPs

4
Countries

24889 kB
Transfer

81897 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shell-shockers.co/ HTTP 301
https://shell-shockers.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 242

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 245

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 260

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/662950613/?random=214093516&cv=9&fst=1663140563678&num=1&value=0&label=u82gCJTLqdcBENWlj7wC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fshellshock.io%2F&ref=https%3A%2F%2Fshell-shockers.co%2F&tiba=Shell%20Shockers%20%7C%20geometry.monster&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=04IhY7rgL9qF9fgPqr-T-Ac&sscte=1&crd=&eitems=ChAI8PeFmQYQju_No6WFiPRTEh0AYyfw4RG_Hf6gls-9SveBaMhexWV62BCGBWZKSw HTTP 302
https://www.google.com/pagead/1p-conversion/662950613/?random=214093516&cv=9&fst=1663140563678&num=1&value=0&label=u82gCJTLqdcBENWlj7wC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fshellshock.io%2F&ref=https%3A%2F%2Fshell-shockers.co%2F&tiba=Shell%20Shockers%20%7C%20geometry.monster&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=04IhY7rgL9qF9fgPqr-T-Ac&cid=CAQSKQCsnQUxQQUQ0PmH2YN8lsqwCjG-tmFmuC7K2XGwlgJYn1WV24FC6YS3&eitems=ChAI8PeFmQYQju_No6WFiPRTEh0AYyfw4YOU3rlHJ9XsbZ-zFjEuKRbAvTa621D5og&random=1194304528&resp=GooglemKTybQhCsO HTTP 302
https://www.google.nl/pagead/1p-conversion/662950613/?random=214093516&cv=9&fst=1663140563678&num=1&value=0&label=u82gCJTLqdcBENWlj7wC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fshellshock.io%2F&ref=https%3A%2F%2Fshell-shockers.co%2F&tiba=Shell%20Shockers%20%7C%20geometry.monster&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=04IhY7rgL9qF9fgPqr-T-Ac&cid=CAQSKQCsnQUxQQUQ0PmH2YN8lsqwCjG-tmFmuC7K2XGwlgJYn1WV24FC6YS3&eitems=ChAI8PeFmQYQju_No6WFiPRTEh0AYyfw4YOU3rlHJ9XsbZ-zFjEuKRbAvTa621D5og&random=1194304528&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 265

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 268

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 290

https://www.facebook.com/v3.3/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3501be0ed1df98%26domain%3Dshell-shockers.co%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshell-shockers.co%252Ff39655b42063a68%26relation%3Dparent.parent&color_scheme=light&container_width=990&height=100&href=http%3A%2F%2Fshell-shockers.co%2F&locale=en_US&numposts=5&sdk=joey&version=v3.3&width= HTTP 302
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3501be0ed1df98%26domain%3Dshell-shockers.co%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshell-shockers.co%252Ff39655b42063a68%26relation%3Dparent.parent&color_scheme=light&container_width=990&height=100&href=http%3A%2F%2Fshell-shockers.co%2F&locale=en_US&numposts=5&sdk=joey&version=v3.3&width HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3501be0ed1df98%26domain%3Dshell-shockers.co%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshell-shockers.co%252Ff39655b42063a68%26relation%3Dparent.parent&color_scheme=light&container_width=990&height=100&href=http%3A%2F%2Fshell-shockers.co%2F&locale=en_US&numposts=5&sdk=joey&version=v3.3&width

311 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
shell-shockers.co/
Redirect Chain

http://shell-shockers.co/
https://shell-shockers.co/

176 KB
29 KB

324ms
262ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: f287f6b3b241dbe0ab9f7659c05fb425f480efb6e1042836dd364eeacd9faa9a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=7200
cf-cache-status: DYNAMIC
cf-ray: 74a76933b986b734-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 07:29:20 GMT
expires: Wed, 14 Sep 2022 09:29:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tsLIfpDKcwOj7wE%2FOeEyhC%2FTvZqTfFQ5g7ROhzgGoKFeI5KqDwTLll3uv1SWcwR1R0VQ0rLngbqgEZYcfvw8b1RsADEnkaysUAUAPrg%2FNKlIi3PVuo5tX79xYJGVRLZujPxQId%2FVx0bs1s81gAywQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/5.6.40

Redirect headers

CF-RAY: 74a769331c660c79-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 14 Sep 2022 07:29:19 GMT
Expires: Wed, 14 Sep 2022 08:29:19 GMT
Location: https://shell-shockers.co/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ew0YAWjCMo1oWEiaIUOtpbYLufxwye0JKPkAmEyWfVywGIGztK19UpOYP4VtJ9JWWXX%2FFSaKFPS9eesywgHRebWJuj338EyaBy36VOqEuFP8VI5Fz%2FOUOUOx3MLbDotVoKuFSrZY1p7vqSqLePjsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 708 B
869 B 198ms
71ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Host: shell-shockers.co
URL: https://shell-shockers.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76b2a103a4feac2ee3aa1bf11ce12032a38d8fa566fb95a39bcac61204811c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 06:24:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 07:29:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 07:29:20 GMT

GET
H2 200 font-awesome.css
shell-shockers.co/themes/shell%20shockers/rs/css/ 30 KB
7 KB 39ms
38ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shell-shockers.co/themes/shell%20shockers/rs/css/font-awesome.css
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 939678
cf-polished: origSize=37414
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Nov 2019 11:25:00 GMT
server: cloudflare
etag: W/"5e9d2-9226-597389d811b00"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CyBq7ngcntFijUVOh6hLEHgVs2HG8Nr%2FWFqZBYQt6QaEVdFJMdwZZr%2BqVMapt56uY4T9YY4ydyee1RQ5wgEDtDyKX12N3HDvMkLpPQ%2FqATzyQVlFUl8nCghFQ2IKj0t9LMEc6ZVzEfV19aldGbsyyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Fri, 09 Sep 2022 10:28:02 GMT
cache-control: public, max-age=2678400
cf-ray: 74a769356c84b734-AMS
cf-bgj: minify

GET
H2 200 common.css
shell-shockers.co/themes/shell%20shockers/rs/css/ 11 KB
3 KB 38ms
37ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shell-shockers.co/themes/shell%20shockers/rs/css/common.css
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4b8b1b840883ed9af57c209757899f837c7aa8ebee945950d1c116224b130e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 939678
cf-polished: origSize=15532
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 07 Dec 2019 13:30:26 GMT
server: cloudflare
etag: W/"5e9d0-3cac-5991d2a47c080"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuDRsnKmz407LQI1uSmQaJumMePi6%2Fk1KW8gwSIMKdiJo9e4FJcFLnDwWCpBwdx0JUP0L7EkKq0Z6aSWdqjUTFlrk1Su7MUp4v%2By6486fKaQjEw5kBg4BPW9WCpW6bPcFuPTyMweuZqLT5cP5J%2FeqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Fri, 09 Sep 2022 10:28:02 GMT
cache-control: public, max-age=2678400
cf-ray: 74a769356c86b734-AMS
cf-bgj: minify

GET
H2 200 main.css
shell-shockers.co/themes/shell%20shockers/rs/css/ 9 KB
3 KB 33ms
33ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shell-shockers.co/themes/shell%20shockers/rs/css/main.css?v=1.8
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4899139a1d2a5c179f834cd1041a556123aeef87d21c0b9f5448a8bbcc82bc0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 435160
cf-polished: status=cannot_optimize
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 10 Jun 2021 07:26:28 GMT
server: cloudflare
etag: W/"5e9d4-22c9-5c4644f31f100"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTuPa9arPtX3p7asvF%2Bh%2BMHioQ4GldsQdmLDKsw40jvd1O2YJLro6V4tmEmlmiVJ1ql%2BaNwudu5fK3sPkj%2BSBwtNdokP7i%2BUX%2BEJhUR%2Fu0y4mHZZDRvC6fG6rxO%2FgjRWywE9MczdSjNdq3TFtvNpCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Thu, 15 Sep 2022 06:36:40 GMT
cache-control: public, max-age=2678400
cf-ray: 74a769356c89b734-AMS
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 251ms
135ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: shell-shockers.co
URL: https://shell-shockers.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d78968b9a3ee4c6aa64297d07bb652a808b1e6446b3665e531d1f8221a494791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52039
x-xss-protection: 0
server: cafe
etag: 5622751188834809167
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 07:29:20 GMT

GET
H3 200 lg.png
shell-shockers.co/themes/shell%20shockers/rs/images/ 148 KB
149 KB 63ms
62ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/themes/shell%20shockers/rs/images/lg.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9c4dc0b77f932f99a061cd74e00449ba316c28847ba5d208d3b35bfe30d5b02

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 515693
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 151989
last-modified: Thu, 05 Dec 2019 15:34:34 GMT
server: cloudflare
etag: "5ea06-251b5-598f6aa887680"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAY1WnhVp7RqhobvXSRBMdNiEpmTVXNz0TSd65SdwZuWZv0XoGvg%2FIxd3GEBjyN8Tt0XzNhyu39%2Bh7cedlCaQqVj2AxEsLp77z406YqOY%2BprOE5QTu0FlF%2BepFGBpCT31oY9KV3LK%2B%2BNeg3WwJDYgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a76936a896b915-AMS
expires: Sun, 09 Oct 2022 08:14:27 GMT

GET
H3 200 shell-shockers-logo-m200x200.jpg
shell-shockers.co/upload/cache/upload/imgs/ 14 KB
14 KB 35ms
34ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/shell-shockers-logo-m200x200.jpg
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2cb2c51de8a9f9c9d05e07864f3a3bbff11bc39bfb1503d296ab907048f8680

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 840777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14194
last-modified: Fri, 16 Apr 2021 03:31:39 GMT
server: cloudflare
etag: "5fe13-3772-5c00e9e2d8e89"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYanJoK2a4hAb2lzfyDsuRhbHdic7HXpRC9vEeSQrwWq5JP%2BYoUpQ%2FrWRPZhspMmN1KlTjPmvAcvlytbBMDJt2MB0Y4WiujaTBHrTwOJhbl5VGREi2fgus6USX3ysGD%2FuJcEa%2BuJHPMRtQdLdJSqjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a76936a897b915-AMS
expires: Wed, 05 Oct 2022 13:56:23 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 105ms
32ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: shell-shockers.co
URL: https://shell-shockers.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83db7099a5e308e6ee45948d7166c6db8b93bd9b3413e6753ba57e0aec012d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://shell-shockers.co/
Origin: https://shell-shockers.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Qp0woocPcjzJwR4havgSxA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 1TMik51q3RRq5iPRMzNBeQtDsBQ86tDRruePSEKBUShVUbkDhUoMV06ihGVZ5rmUFrgdzgKpHqF56I2TlOWTlQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 9a15744393a018bec2406628daa4c30a
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 07:29:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "db01918ca28dd65c01c9670eae9c9847"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 14 Sep 2022 07:45:44 GMT

GET
H3 200 jquery.min.js Show response
shell-shockers.co/themes/shell%20shockers/rs/js/ 92 KB
34 KB 277ms
277ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shell-shockers.co/themes/shell%20shockers/rs/js/jquery.min.js
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3739b485ac39b157caa066b883e4d9d3f74c50beff0b86cd8a24ce407b179a23

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 13 Nov 2019 11:25:00 GMT
server: cloudflare
etag: W/"5ea21-16eab-597389d811b00"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGjVeQmmhPuirf0m7Sm%2B8ccMRrcJwYxwM6tCJYsbiVUvG1y4g9wPGKZW3lW3fbHtzST3y2keVm9tlt0xoomm1Hiqv%2FqoyIyt5KNROzV%2BG97R5QNLtLYWI2sRneAbhKNyIA8QUbfjPqoHZoS%2BoM1yAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2678400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76935aeb5b915-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 15 Oct 2022 07:29:20 GMT

GET
H3 200 jquery.raty.min.js Show response
shell-shockers.co/themes/shell%20shockers/rs/plugins/raty/ 8 KB
3 KB 198ms
198ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shell-shockers.co/themes/shell%20shockers/rs/plugins/raty/jquery.raty.min.js
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eca2486761672e30bd75cc6b58eeb3374c42daa18878dd1a2e8356855845173a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 13 Nov 2019 11:25:00 GMT
server: cloudflare
etag: W/"5ea35-1e40-597389d811b00"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2Q1G8XEf%2FnOwLikjaaJ8s3MnxHSHaR95LOULK%2FcTJwnyClooovEBBDkEAPxr6F73M2eLScRBEHZUmaBHPv9vI%2FN5LxtpApvaMxd0l5nwwIPzzisCGLNrmxzApIoQvfoZb73ZfJQIIQAI0vDtQFxRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2678400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76936a891b915-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 15 Oct 2022 07:29:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 157ms
59ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: shell-shockers.co
URL: https://shell-shockers.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1640
date: Wed, 14 Sep 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 14 Sep 2022 09:02:00 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 136ms
35ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shell-shockers.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 51671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:08:09 GMT

GET
H3 200 fontawesome-webfont.woff2
shell-shockers.co/themes/shell%20shockers/rs/fonts/ 75 KB
76 KB 194ms
194ms Font
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shell-shockers.co/themes/shell%20shockers/rs/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/themes/shell%20shockers/rs/css/font-awesome.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Request headers

Referer: https://shell-shockers.co/themes/shell%20shockers/rs/css/font-awesome.css
Origin: https://shell-shockers.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Aug 2019 16:53:30 GMT
server: cloudflare
etag: W/"5e9eb-12d68-58f9de5b47680"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2B1Kz3sYHqZuAfGsNKB6pJ0X8WL5UGQG6BzESN05rAuzooqfnTF%2Ftq%2BU%2FKXdjga3S1wskOWRFvvuGiplxZRNGUVxogyeDv8vQbHR9HvFj%2B2uUQzPiodw4U0qIUyGVP1aFg%2FikwEsrRlpsLM0DtiLng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76936a8a0b915-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 14 Sep 2022 07:29:21 GMT

GET
H3 200 shell-shockers.embed Show response
shell-shockers.co/ Frame F76A 2 KB
1 KB 205ms
205ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shell-shockers.co/shell-shockers.embed
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 41b102ac428bec8c0b2dd9753928a04d02d69e1be7be6921f184a06429e12720

Request headers

Referer: https://shell-shockers.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=7200
cf-cache-status: DYNAMIC
cf-ray: 74a76936c8d3b915-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 07:29:20 GMT
expires: Wed, 14 Sep 2022 09:29:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaFBp6CvG1bDsRlauJGjVB1xBHrh20DUf%2BYGj4G%2B%2FWhlJD6zrNziq7zTaDUfFNEwAed3fMh8msn7F%2FCrJHuj84H81h2VcrYQphWUciS9oDKfM8giy6bCNfTmqLPTFBZwKd5J0hd2OcxdEAdA8MEwwA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/5.6.40

GET
H3 200 paper-io-2-logo-m170x129.jpg
shell-shockers.co/upload/cache/upload/imgs/ 9 KB
10 KB 79ms
78ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/paper-io-2-logo-m170x129.jpg
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3b7c703aa3175bfe52c84decde1589b371f1f00bef84886a31e424cf5925166

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 478075
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9692
last-modified: Mon, 26 Apr 2021 03:53:02 GMT
server: cloudflare
etag: "5f3c5-25dc-5c0d815156028"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7oduHbJjSmZbl23MMNAtqimXrYzZgb%2BtQCrL4dJvg4GR6rT9Gg0Q2hOXvJkzPyLaRsUDXtS%2F5DvVWf8iRzFoRTGGfRM7g9haB6DD%2BspqE6gh4asetsPW%2FA7Oz9iCHZkFTGFegzNWF1902azl8tpTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a76937094eb915-AMS
expires: Sun, 09 Oct 2022 18:41:25 GMT

GET
H3 200 hole-io-logo-m170x129.gif
shell-shockers.co/upload/cache/upload/imgs/ 14 KB
14 KB 79ms
74ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/hole-io-logo-m170x129.gif
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8a55a48641ac6c0f9b582079eed4f435c171344a3301b4fd7909e01bdce1ab7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 840777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13852
last-modified: Mon, 26 Apr 2021 03:53:02 GMT
server: cloudflare
etag: "5f3e8-361c-5c0d81516c3a0"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAroNwXbFrbpzbpYo3C%2ByeOYg4A4w1CGF1CNFdLxPNYuAdIgNabg5gXKUwrKhBn1A8qQfcRrO%2B9br7o%2BaxH00u1JX743byYvHB2ThJs9vvH9O96saUL7Q7eawen9rKsqHivEiDzaCG8YzYMgGygyWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769371958b915-AMS
expires: Wed, 05 Oct 2022 13:56:23 GMT

GET
H3 200 deeeep-io-logo-m170x129.png
shell-shockers.co/upload/cache/upload/imgs/ 37 KB
37 KB 79ms
75ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/deeeep-io-logo-m170x129.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d2c5e848e74a42621d27b6de0f3d1752df3614c0d44bf138be6d99eafcb1ace

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 840777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37537
last-modified: Fri, 14 May 2021 09:07:40 GMT
server: cloudflare
etag: "5fae7-92a1-5c2469366643c"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWR36vg8JGqY4UPxDXlkKHCvXk1VGmuU8m9v%2FScBj%2BCTGIbadicj8GhRH1cljTi1lseiUPlHiHG9LAe7SSh146EiRznmKM2%2FTCoC%2Btn6jP0NmhImuyveooVpMTXj9NJaf6PP20gVKirquqrmIxJCJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a76937195bb915-AMS
expires: Wed, 05 Oct 2022 13:56:23 GMT

GET
H3 200 krunker-io-logo-m170x129.jpg
shell-shockers.co/upload/cache/upload/imgs/ 5 KB
6 KB 81ms
76ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/krunker-io-logo-m170x129.jpg
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d07c737a3828def4546e1305591460eb7c2c048b1a170f23322d8c602ee7847e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 515692
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5215
last-modified: Mon, 26 Apr 2021 03:53:02 GMT
server: cloudflare
etag: "5f2ea-145f-5c0d8151158e9"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbjVy4jpJ8DLnDSQ9faSRjnL14PlZlF6ona3uM93%2Fnyabut61JZOocLMQAgSlO2ACfReVI6WmIcCOeMD6QTqPUW6wtbpeZtzBJGHoZZduyN%2FxiwcqVqUmHgTrCjUPg%2FXZwXPfXDWq8N1jAzcl6H9OA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a76937195cb915-AMS
expires: Sun, 09 Oct 2022 08:14:28 GMT

GET
H3 200 snowball-io-logo-m170x129.png
shell-shockers.co/upload/cache/upload/imgs/ 22 KB
23 KB 81ms
77ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/snowball-io-logo-m170x129.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 343522ba0dcda950ebb0299d62738b936771ddbf8f5266291382f1bcb15912ec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 840777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22940
last-modified: Fri, 12 Nov 2021 02:02:59 GMT
server: cloudflare
etag: "5f471-599c-5d08ddbc298ca"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaDmtf0xXTwQMc25eY8hIl8gG4VOilvMdWsa0CLzhXPyKnvL7SvH8e8JSUHgwtguU1NuXvKF5gjBFhx%2Brx2mVNCpOO4see%2B4opmgYH28MqjK1b9JliMHzBnUUYjqoGtj09XmCe%2F0g5pDjRJk9pbDrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a76937195db915-AMS
expires: Wed, 05 Oct 2022 13:56:23 GMT

GET
H3 200 surviv.io-m170x129.png
shell-shockers.co/upload/cache/upload/imgs/ 29 KB
30 KB 103ms
99ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/surviv.io-m170x129.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eb9c2bfabc8fdf4ee67b44dc0374099d8d338f9c8d70fd2e53bfffd6379218f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171887
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29797
last-modified: Mon, 26 Apr 2021 03:53:02 GMT
server: cloudflare
etag: "5f397-7465-5c0d815134ce8"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJGjoYEwXLTOipip3OmENrNAo4vfEqj2q7mhGOkUhnbmQ8qWuXdG4Yg1B4N%2BwGOTXIlwpoQ5BRF7S2zrPnfpoFt9VdPxaLZqRshBMg4fQEoq3UFizLYidcwO4Hs430VCBTigDV5%2B5cg25le1rLwwRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a76937195eb915-AMS
expires: Thu, 13 Oct 2022 07:44:33 GMT

GET
H3 200 drift3io-logo1-m170x129.png
shell-shockers.co/upload/cache/upload/imgs/ 40 KB
41 KB 104ms
100ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/drift3io-logo1-m170x129.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1c0acb8aaa4518c141bdb4cb8f53a0e4cc579ba71bb6e51794c855ff36df6a5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171887
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40959
last-modified: Sat, 04 Jun 2022 03:08:08 GMT
server: cloudflare
etag: "5fc63-9fff-5e0968c650587"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNWS7206CsH3UQ2FZGjuN7PkIpaeplnMRJ3RyapyHHT4LTwRQ0fEtfwl9NhvPUjzc2EYbqM7aY7j5qSAdwd2rZxKwjwnxogEidVkYjzc07pV9G%2F6gRhmA0SRcWeCD7hVwr5eGnrZh2Puv%2Frr6SEApw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a76937195fb915-AMS
expires: Thu, 13 Oct 2022 07:44:33 GMT

GET
H3 200 iscribble-io-logo-m170x129.png
shell-shockers.co/upload/cache/upload/imgs/ 22 KB
22 KB 105ms
101ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/iscribble-io-logo-m170x129.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4d5ac80f2bcf5ed4ab04f558cdbedf28ba4aae752b0782ba96fa0601320897c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171887
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22214
last-modified: Fri, 27 May 2022 02:10:17 GMT
server: cloudflare
etag: "5fbe7-56c6-5dff4cec7d169"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8f%2BBuVBx29oacLsccWBEl5Men%2F0BbQLJAizCpSlfSO8aRQ%2FInav7JA2SNIjvCXPkqzRU1%2Fr5eU%2BNI7e6Qy4qikLXgkczU%2FkzjTgXZm0EioMoLI8ytphXeoCsjYh6ZuE8Q8NSae27I%2FV1ZFCAhAjLGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769371961b915-AMS
expires: Thu, 13 Oct 2022 07:44:33 GMT

GET
H3 200 smash-karts-logo-m170x129.png
shell-shockers.co/upload/cache/upload/imgs/ 28 KB
29 KB 106ms
102ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/smash-karts-logo-m170x129.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caeedeb963b3f25c5f5d03f64e3bb75fa975960808c5c145b6d11ccc6d83c81d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171052
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28729
last-modified: Fri, 02 Jul 2021 03:17:53 GMT
server: cloudflare
etag: "5ff95-7039-5c61b66bdcd35"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6pkSSI7FxAPKFLY72SYUcb5Wz%2FjOsa85ppGv%2BhimsB96tyDbSAl95K%2FWgAhnVeme9Dd9%2BdtnyujJfUQbcPTcF7rYtUH%2BxSUMiP44SvaUwp59KJKIpdSdbAUkQAFrW8sT%2Bo1nbSe00SwTNiwPQUYKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769371962b915-AMS
expires: Thu, 13 Oct 2022 07:58:28 GMT

GET
H3 200 slope-3-logo1-m170x129.png
shell-shockers.co/upload/cache/upload/imgs/ 35 KB
36 KB 106ms
102ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/slope-3-logo1-m170x129.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6874cdb7e79f067bf2ce4a0b2bd2295fbae3ebf7a6dc3d697fd30882aac924ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36255
last-modified: Tue, 06 Jul 2021 09:54:34 GMT
server: cloudflare
etag: "5ffad-8d9f-5c67168bbd0e9"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSv8Z0TQXbXCglsBV%2F7UuO13ncesypLVWA6Rz%2FeesFtq4mpUNGcp17PzPHEJ9j%2BLzIuRHpcPpNBb9DAya%2F5PXCHCuQQLHtm9%2FcuAnxtJGxL6kdEW%2B3%2FHdshgt1ml9FqZcMf0GUpZ5A69U3wJ3y5hgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769371963b915-AMS
expires: Thu, 13 Oct 2022 10:57:21 GMT

GET
H3 200 shootz-io-356x200-m170x129.jpg
shell-shockers.co/upload/cache/upload/imgs/ 10 KB
11 KB 108ms
104ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/shootz-io-356x200-m170x129.jpg
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ffa604e9e5dd4a92b9fffbc7c4d26d57cdf12474f46828045e389d4946b7dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10618
last-modified: Mon, 26 Apr 2021 03:53:02 GMT
server: cloudflare
etag: "5f34b-297a-5c0d81512a108"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fvwBXY9smWNETj5YvtluliRbGXeWn%2FrvK2Po290LhWG8XjsynTuJt6czyY81ifQy2WbYbESme%2B8WnghxXCMoIShiFZ1lFS%2BpO06W0QmU724SXEvdGkaUYEQWhq5Da19%2B8xrtfnXl41KoCTI4RgeAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769371964b915-AMS
expires: Thu, 13 Oct 2022 10:57:21 GMT

GET
H3 200 happy-wheel-logo-m170x129.jpg
shell-shockers.co/upload/cache/upload/imgs/ 13 KB
13 KB 111ms
108ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/happy-wheel-logo-m170x129.jpg
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0f65df8b2bfda1e34247e999246ece53609d49ead40a2d8722ef51c632bcb90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12914
last-modified: Mon, 26 Apr 2021 03:53:02 GMT
server: cloudflare
etag: "5f2eb-3272-5c0d815117441"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9j4YlEvVEArxYsFIL%2BxsiN0Q0WTxmhHF%2BciOMXaqpEzeeEyHvmdT6NKu3DD6yB0D%2Fdabe4g45cDTeBtuFS4o11%2FwFEoYLnrkrH5SZ76gSBaS%2BpcMyI7sPDzureWeNO%2FiOal7Wfcn3UwUDXAMcXRQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769371965b915-AMS
expires: Thu, 13 Oct 2022 10:57:21 GMT

GET
H3 200 5dd0b18fb81d49da82ff459f08737390-512x340-m170x129.jpeg
shell-shockers.co/upload/cache/upload/imgs/ 11 KB
12 KB 130ms
127ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/5dd0b18fb81d49da82ff459f08737390-512x340-m170x129.jpeg
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ddb09cc767ad74449d0dc0e532b99819623af425cdd88efe7f908f2ae0590b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11731
last-modified: Mon, 26 Apr 2021 03:53:02 GMT
server: cloudflare
etag: "5f343-2dd3-5c0d815128999"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fa2Y0xEJ6vSab02aGjz5ZW3Yim7K6Snk8Cui82vjA0i49MA%2B5429HG1Rj5ZGY2W197u5fXq4x5SA4HZBlnucFoSkKz4wIBxHXnavCv4xRTfbk8lwtupnoP7AjOu%2FeoapvehCsMPcZNSzeE%2F%2FROusQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769371966b915-AMS
expires: Thu, 13 Oct 2022 10:57:21 GMT

GET
H3 200 taming-io-logo-m170x129.png
shell-shockers.co/upload/cache/upload/imgs/ 36 KB
37 KB 131ms
127ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/taming-io-logo-m170x129.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 818cd7bb9d5911e0b88fb921eb9e911cb9cd7c75bac6080e5edef269d7b555ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37141
last-modified: Tue, 28 Sep 2021 09:32:39 GMT
server: cloudflare
etag: "5f1f5-9115-5cd0ae5036f2d"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2F5VhuDs2IPeANpDkwkjQb5RDWTQXR0jIVvJkTEKvnAZew8svB5jvnAWdUEtMV5xN3pSWnauwAVAWEFtuNWjPPpwg1%2FXVtZWSVqyVWXkb4ynax6xPhMCFwza5qiTwj3MOq5uV0g7Y5jJjSaZzO2QUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769371967b915-AMS
expires: Thu, 13 Oct 2022 10:57:21 GMT

GET
H3 200 friday-night-funkin-logo-m170x129.png
shell-shockers.co/upload/cache/upload/imgs/ 41 KB
42 KB 131ms
128ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/friday-night-funkin-logo-m170x129.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 983030bf59b98e6664bb223d04ef1321af8425db721c2ec52e2b05957ee3099b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42337
last-modified: Tue, 09 Nov 2021 01:46:36 GMT
server: cloudflare
etag: "5f455-a561-5d05147a49ab1"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2xIWhej%2Bp5gi7j%2F%2BAjvbEbhVEmclu%2B8dg8H4z6TbljrF6m9lVS0RA6%2Fxm4hDjUe9f9gsXnlfdSBAefFs6bfO0kF5GZRMdfTJaa4ouMpQLAO%2FK6u90h8pEl0X%2BQMgk5R9NCV4SaiMHa8%2FR7WuYBwfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769371968b915-AMS
expires: Thu, 13 Oct 2022 10:57:21 GMT

GET
H3 200 maxresdefault2-m170x129.jpg
shell-shockers.co/upload/cache/upload/imgs/ 13 KB
13 KB 201ms
198ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/maxresdefault2-m170x129.jpg
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20fb93e1ec8872c0c8bd1b9b440eda32c0b5bf51f186d19cd6315e83fd77c902

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13055
last-modified: Mon, 26 Apr 2021 03:53:02 GMT
server: cloudflare
etag: "5f3f1-32ff-5c0d815177f20"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cj5R%2BNl7H52FH6vMDF6GjN8ZyxYw4rdHpza92FAa6fBOiu6XmAzJpOq7ds8YN97ozFrAWBghRCrUO3%2BDpmhoQKfRzkrXp7rwKz%2FqfGJPhPeJuFti03WHlQqPRcZVBNOCcLtBgvNnquBXDV487WkUJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a76937196ab915-AMS
expires: Sat, 15 Oct 2022 07:29:20 GMT

GET
H3 200 superhex.io-m170x129.png
shell-shockers.co/upload/cache/upload/imgs/ 33 KB
34 KB 361ms
358ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/superhex.io-m170x129.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3417a906ff14de09f6d7e5f5766e992d41796810fa2a24c7b818c25a840ba78

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33876
last-modified: Mon, 26 Apr 2021 03:53:02 GMT
server: cloudflare
etag: "5f3a6-8454-5c0d81514a4a8"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbKPxRHGbHE2Ib6HrjqYKkYJdesocI%2BgPtTdz7ywNRnLmXHepZkMfjBxSXLCmz2%2FJTHi3nGAT9ngHGP5EInEnicfqJZhi14gSmzUYJzs5%2FYQ6K5INdlHAC0ojMZ99l%2B04Tey3t1c7JM6iCchFNGUjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a76937196bb915-AMS
expires: Sat, 15 Oct 2022 07:29:20 GMT

GET
H3 200 swormio-logo1-m170x129.png
shell-shockers.co/upload/cache/upload/imgs/ 27 KB
28 KB 291ms
288ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/swormio-logo1-m170x129.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15a48f2664676e25915880d610477a92eda3d48e204436e923d9f4a29f54bf7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28040
last-modified: Tue, 11 May 2021 11:22:26 GMT
server: cloudflare
etag: "5fa1f-6d88-5c20c1bddc426"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcqgRu%2FNxd42%2BT2ovCBcac27GzHsdEIyFTN8tzL3rQ2tPMLcWQIYFZlOFzALzvVIN6tOmgmWPLtbOP%2BgFp6pJSy53cfneT3QuQm%2BWg0jC1ZvqV8emzYXrUQaXb0TdtUxOq32gCnVuhIwlsblkmYMCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a76937196db915-AMS
expires: Sat, 15 Oct 2022 07:29:20 GMT

GET
H3 200 geometry_dash_logo-m170x129.png
shell-shockers.co/upload/cache/upload/imgs/ 28 KB
28 KB 284ms
281ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/geometry_dash_logo-m170x129.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cafbc394ae4f8f5ad91ca7a5dbf659f42e2ebde573a14dfa5c88ddff000fea29

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28589
last-modified: Mon, 26 Apr 2021 03:53:02 GMT
server: cloudflare
etag: "5f3ba-6fad-5c0d8151544d0"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rV62VD3BsfFs%2F0T29ikWUhTF9pzhWL9pvy3A6%2BYpG7n9cGm1ds829E7bIZ4vQvlCM7Vn6T2iz2R43mjiFJkgLOg45WyGgoXgtno9945OaZ0DE%2FSwR3aNexOvmY8m9p9zYRTpsXgF1IvF7olfBxFcQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769371970b915-AMS
expires: Sat, 15 Oct 2022 07:29:20 GMT

GET
H3 200 flyordie.io-logo-m170x129.jpg
shell-shockers.co/upload/cache/upload/imgs/ 14 KB
14 KB 205ms
202ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/flyordie.io-logo-m170x129.jpg
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e11b034cf6479785885a5d635a95a2b2be6184e2598c326ba629274fd36874d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13978
last-modified: Sat, 26 Mar 2022 03:52:50 GMT
server: cloudflare
etag: "5f872-369a-5db17035f8387"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tzKt0oFdNQukFghmGdzNu7VdrSqm%2FA09%2FjB1YCWwc2O2aIyd0ICsaI7%2BH6jy6slskk8EHDt0CPOh9QNqFQhYmJZMBeuogX18TiouAUBpcPK7%2FtEfxttwJXUgf7ysjibLAmbQHc50wT9EIOf%2FKZDeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769371971b915-AMS
expires: Sat, 15 Oct 2022 07:29:20 GMT

GET
H3 200 egg-shockers-m170x129.jpg
shell-shockers.co/upload/cache/upload/imgs/ 11 KB
12 KB 203ms
200ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/egg-shockers-m170x129.jpg
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94cf16891e349085ae4765317eff29ee9324f61111082f08c66a5950a0a9f9ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11449
last-modified: Mon, 26 Apr 2021 03:53:03 GMT
server: cloudflare
etag: "5f5a1-2cb9-5c0d815242d37"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxI4UGSQjfN7qt9mxVwmMYMTAF4RdrXIYW7BQrfTy5OUBxUXWREsHAe6ejGp6O52CtX5X4fskuzjmP8ZTnx%2BSwtxwLY6814NfnB5aKt020w9ryLDSlcIUVAChEhw1RgG4ZNZCGzCYdowf4vM5hqRyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769371972b915-AMS
expires: Sat, 15 Oct 2022 07:29:20 GMT

GET
H3 200 run-3-m170x129.jpg
shell-shockers.co/upload/cache/upload/imgs/ 7 KB
8 KB 197ms
194ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/run-3-m170x129.jpg
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3461ecae540364af79fac19c7529bf48c24ce96dae654b3cc22d8651af736d92

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7293
last-modified: Mon, 26 Apr 2021 03:53:02 GMT
server: cloudflare
etag: "5f3d3-1c7d-5c0d8151573b0"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oiwy0rMykJkmjz%2FwzaO9dL7brTLWWgKOR17ISd1fyHBk2DCB5B9qYEmlim6MRIVS%2FB3LE4QOIBfYHf4eEDH9psHRmCyVKylexC994SWgxZtwvRbNdFLL7gjRJ9d4Y%2FlA48N76NV1TUw2RHr7x3r6Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769371974b915-AMS
expires: Sat, 15 Oct 2022 07:29:20 GMT

GET
H3 200 skribbl.io-m170x129.png
shell-shockers.co/upload/cache/upload/imgs/ 30 KB
31 KB 289ms
286ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/upload/cache/upload/imgs/skribbl.io-m170x129.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 673e48d51ded0aa9853d40c5f85b28bbc180e7105e26ca37e0420b575e0a8925

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30815
last-modified: Mon, 26 Apr 2021 03:53:02 GMT
server: cloudflare
etag: "5f39f-785f-5c0d81513be30"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taf1nmHXDmXOLZWJ%2F0L%2BV0BRpJBu6xIRhCDlzo3GfbBnQQPYnrbLjl8eG6ibZ6TcgtrcPfENB6bJeMeLO641WzONMciVOqkk9rgVcxEOCjfz79f4EO1uMTFlO7O%2Ft7BMhI0tWYxWgH7lCmffztsLVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769371975b915-AMS
expires: Sat, 15 Oct 2022 07:29:20 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 75ms
35ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=13cff4edc141d8e9be55593f6b0d3971

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cbf0d2c700fab27c821b4836c4024b7f5b47d65fb8ea141bf1f8fa1e2c8f4c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://shell-shockers.co/
Origin: https://shell-shockers.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: F2ONVQAAo9K00L578HegzA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88197
x-fb-rlafr: 0
x-fb-debug: CmwWSX43vOJB8IEeH7HvpAg1XfIGexSGQT30t6/V55rjkWY3jR5AWYzEJFo8D7+8Cxrgv3NmgXMyIeqUq34aiw==
x-fb-content-md5: b5a537f200d02478b5947af1fb647893
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 07:29:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "9489f54125246a5a19734a91a06e2342"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 14 Sep 2023 05:27:40 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 192ms
68ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=806162299&t=pageview&_s=1&dl=https%3A%2F%2Fshell-shockers.co%2F&ul=en-us&de=UTF-8&dt=Shell%20Shockers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=87358754&gjid=1133821677&cid=648878179.1663140561&tid=UA-155191068-1&_gid=722503066.1663140561&_r=1&_slc=1&z=1001171457

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shell-shockers.co/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shell-shockers.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 star-on.png
shell-shockers.co/themes/shell%20shockers/rs/plugins/raty/images/ 631 B
1 KB 43ms
42ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/themes/shell%20shockers/rs/plugins/raty/images/star-on.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd26bf0ea0990cfd808f7540f958eed324b86fc609bf56ec2b3a5612cdfde5f5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 840770
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 631
last-modified: Wed, 13 Nov 2019 11:25:00 GMT
server: cloudflare
etag: "5ea32-277-597389d811b00"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzAxWO%2B7nHm6S9HbIThAcGfrFUvcCfsEB6NqhAJbPNfxYJS2H45CmJOo%2Fvr2puU29t%2BIdm8DQyX2UyfO%2FuHXAOLR4qujuq9zReT7UW75%2B9KCkIIFib2Q9Y9q0MP5KEmuDe4A0PkHmdnuEBtPJKqbpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769382c35b915-AMS
expires: Wed, 05 Oct 2022 13:56:30 GMT

GET
H3 200 star-half.png
shell-shockers.co/themes/shell%20shockers/rs/plugins/raty/images/ 667 B
1 KB 38ms
37ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shell-shockers.co/themes/shell%20shockers/rs/plugins/raty/images/star-half.png
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db15fb9b3561d5c741d8aea9ef4f0957bd9bc51aa1caa6d7a5c316e083c1abd5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 840770
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 667
last-modified: Wed, 13 Nov 2019 11:25:00 GMT
server: cloudflare
etag: "5ea2e-29b-597389d811b00"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ery%2B3aAVxTtcRRqT%2BVNWGyFZGbADkXdKs9wMSvV1tHCsSo6CBeD0Cbbq4AgcPGp%2Bo9%2FAztDUIR8v%2FhsT1VkYQnknZf6xKbdYemGdeR3isJzGCv6amDFF5MgYJBcTgbIt4jvDc%2BhUSaweZmHjfyF7hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 74a769383c38b915-AMS
expires: Wed, 05 Oct 2022 13:56:30 GMT

GET
H2 200 / Show response
shellshock.io/ Frame BA6D 336 KB
77 KB 99ms
34ms Document
text/html 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/shell-shockers.embed
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6349302d4b18a5a5cdf6e857fba4340754ef1b13998062bee7d721fe28ad8a71

Request headers

Referer: https://shell-shockers.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 4814
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 74a769391cfbb89a-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 07:29:20 GMT
last-modified: Wed, 14 Sep 2022 06:09:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nmTj2SZJ0oxvqp5yC%2F1hYLtWgXktG2Ofm2XCMLodivp6ZBkgDPxVcLxVz0UzZJ7J15mlxCpKWDKEubEitoNYxxwVx%2FUtiDzcUdR7sEGhLboPgqPLBhzphue1ECTiDT%2FWkuNapuIz8%2F8Z2Y%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 155ms
89ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4658181883112071&plah=shell-shockers.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bef1731ba5c3f866d0d952102d1910deb5af0f875724067509a38e8c51cff4de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124748
x-xss-protection: 0
server: cafe
etag: 4261951765449594729
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 07:29:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/ Frame FB93 10 KB
5 KB 189ms
60ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shell-shockers.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 4914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 06:07:26 GMT
etag: 8616628553774171045
expires: Wed, 28 Sep 2022 06:07:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame BA6D 7 KB
672 B 114ms
45ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sigmar+One|Nunito:100,200,600,700,900

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22158aec120e51bc130646b58e69f125595ccbeea8b2059513f11abde1ef67b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 06:15:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 07:29:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 07:29:20 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ Frame BA6D 58 KB
11 KB 94ms
36ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://shellshock.io/
Origin: https://shellshock.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2875583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10391
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-e637"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTLz13S9jsmKUG2cIVsDrybR%2FswE7l4CRSUGYIcpsJUuMN28AbWH78MHEDILhPxZPb6UQ2UCWo%2BVhoya%2FAGUVb6RxzKi56e6zOghx7n11Xft3YOeUXXCWQOSBVIZdsXMTUN4cB95faeg6MK6ClpaQy7N"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74a76939ca45b97e-AMS
expires: Mon, 04 Sep 2023 07:29:20 GMT

GET
H2 200 transitions.css
shellshock.io/styles/ Frame BA6D 4 KB
1 KB 35ms
33ms Stylesheet
text/css 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/styles/transitions.css?1651709060
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b8ad27f1376c0ca1de3808d2569b6cb82eb407180e2dfe00af025437cfb83c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4814
etag: W/"62731484-1174"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vO%2F%2BDtKWtVU0wZEydM5RoiLHLwlN5LpXySUqlQd203LoSz0rBbx65KZcJSSM0zXnHMkLOlH%2Bls2iBbDOb0mKXmQ8iVL%2B1lbeu9rFIeywPuGVKxVp2BGAzCdSKz1rYjJq8ysApqGT%2BPQdjSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769396da1b89a-AMS

GET
H2 200 forms.css
shellshock.io/styles/ Frame BA6D 12 KB
4 KB 35ms
33ms Stylesheet
text/css 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/styles/forms.css?1661800545
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6e4345c83cf2dc46888a377b5f8dd24930aafa2274a0b32b16bb1b1d07511b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Aug 2022 19:15:45 GMT
server: cloudflare
age: 4814
etag: W/"630d1061-2edf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=od%2F2jpV4U20ECBQ3hXrA6BjQLVLolD1TciufXJvFw1JN8r7CKHFB8q9fGzvN3cED8YBtmrAPQ5LK%2BnyQ29qUVH01tcMxX8QvHf2ZsYO3R9YQtwFoIsdze%2BFN%2B7HmmH6Ez72uaMjH7ERFjNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769396da3b89a-AMS

GET
H2 200 style.css
shellshock.io/styles/ Frame BA6D 83 KB
22 KB 44ms
42ms Stylesheet
text/css 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/styles/style.css?1661986596
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03d7fde9f9900bbd475de47e0e2cc3bd1380f580b17e7ced3a10aaa30bc06df1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 22:56:36 GMT
server: cloudflare
age: 4814
etag: W/"630fe724-14bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVOVV5BThQ9UFHA96%2FdTTnsBm99mqxbmZlEjCwpRqDf6BSk2a1FHzac7OBh9uHgLh5xiASls1qeEKnpffJ0GjdZu8MTceR%2Bq1ryXcQGFABIm6%2FfHBTRsfosYx5%2FBn7W3nWnGXh17oH3L44c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769396da6b89a-AMS

GET
H2 200 game.css
shellshock.io/styles/ Frame BA6D 25 KB
7 KB 36ms
34ms Stylesheet
text/css 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/styles/game.css?1661901300
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc9a98ea104763fd38f67082f53935039097515518e2412c6e027ee1e4f57cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 30 Aug 2022 23:15:00 GMT
server: cloudflare
age: 4814
etag: W/"630e99f4-64de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2DV25kMbOLdg%2BfIKQyiHjSFucqTb3yLs5GCzjm%2F3lC%2FcEBqZlMggJCOcJfeo3C65%2F3RBxOn6ilKHLWdMAdo8%2BG58rJN%2BSXIXZHfDqvMzp0vnF0gDlSH%2BNUpJ13F3vCZmz%2BfEEnWl5%2FfoRI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769396da8b89a-AMS

GET
H2 200 crazygames-sdk-v1.js Show response
sdk.crazygames.com/ Frame BA6D 40 KB
8 KB 305ms
97ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.crazygames.com/crazygames-sdk-v1.js

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

117e39373dff82b1eb656ab77eabf2f27975969f8925060aad772af698ab2dd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
etag: "b608de71dc803858472b1d81ed1b3ed0a5091b815a3fafc4f347146bc228f9b8-br"
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7993
x-served-by: cache-ewr18166-EWR
last-modified: Mon, 15 Aug 2022 14:20:30 GMT
x-timer: S1663140561.107806,VS0,VE0
date: Wed, 14 Sep 2022 07:29:21 GMT
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/ Frame BA6D 477 KB
135 KB 137ms
56ms Script
application/javascript 2606:4700:3108::ac42:28be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d631dca2e511b8d901fcf4d50d510069e6c37897b09541c7ee89def2583634be

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2399505
x-host: adinplay-1
last-modified: Fri, 08 Jul 2022 08:23:45 GMT
server: cloudflare
etag: W/"62c7e991-7729b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0BX3%2FdM52s%2FNuDTItPQr3YKayVlx46QWG6fvNrCmFRa4XR2mvIKmiAGBT2q%2Bx88tZqkzOA4hLwIzunYHkGl59CggdSAEV6q%2BTU33%2BD7GltxjCSj9WJtegUoXTsyiBp3K42XJ6YXWbc38TOS2dA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
cf-ray: 74a7693a9b80b885-AMS

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.21.1/ Frame BA6D 20 KB
7 KB 114ms
39ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.21.1/firebase-app.js

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b9df018a8675ae9a77a534130118ec4d56dcf31f83af2433af4075b62f27721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 02:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6666
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 21:06:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 02:54:57 GMT

GET
H2 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/7.21.1/ Frame BA6D 170 KB
54 KB 117ms
42ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.21.1/firebase-auth.js

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8cd9229e312c3f67567739a57f5a89cbb538c53a71f3fafe78808838b0cfc81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 14:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55441
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 21:06:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Wed, 13 Sep 2023 14:43:38 GMT

GET
H2 200 firebase-ui-auth.js Show response
www.gstatic.com/firebasejs/ui/4.6.1/ Frame BA6D 239 KB
73 KB 157ms
82ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/ui/4.6.1/firebase-ui-auth.js

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265ff35f4c2f249012008c2aa0c01dc90f5bf323b03366400efc37604cbe0c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 06:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74185
x-xss-protection: 0
last-modified: Mon, 27 Jul 2020 21:45:04 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Sep 2023 06:35:25 GMT

GET
H2 200 firebase-ui-auth.css
www.gstatic.com/firebasejs/ui/4.6.1/ Frame BA6D 41 KB
8 KB 109ms
35ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/ui/4.6.1/firebase-ui-auth.css

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4f3b516186e63c83ee7f9070a33085c68a865976c03e5041d2f3f60c943d677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 06:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7825
x-xss-protection: 0
last-modified: Mon, 27 Jul 2020 21:45:04 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 06:15:57 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ Frame BA6D 9 KB
3 KB 101ms
35ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a7693a8a9ab927-AMS
date: Wed, 14 Sep 2022 07:29:21 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1131
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 17 Sep 2022 07:29:21 GMT

GET
H2 200 vue.min.2.6.10.js Show response
shellshock.io/js/vue/ Frame BA6D 91 KB
39 KB 37ms
36ms Script
application/javascript 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/js/vue/vue.min.2.6.10.js
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4814
etag: W/"62731484-16deb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2J%2B0qh%2FbGHubuUr5dt%2FBehV3w3FvK7dbRseYAMb8dwTf%2Fwiwa3l%2BBpK%2Fd7%2FgexMdD4wRdKcy8KhwKEjTNuX%2BABFy5N1DzKjZrTCe8zOWdKKxv1lgAg6Ai1YBt9ip%2FfqyAPyZYK5y3qtOl1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769396daab89a-AMS

GET
H2 200 black-friday-banner.jpg
shellshock.io/img/ Frame BA6D 53 KB
53 KB 34ms
33ms Image
image/jpeg 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/black-friday-banner.jpg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 224581ff43afbd9949ba9fc161fc565053ef15f3e1aacde253bba928231ab5ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:20 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:21 GMT
server: cloudflare
age: 4814
etag: "62731485-d250"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xD%2BS7MwEn96dslL8knHlMx4OQKQhN%2Ft%2F7S56LkKE%2BoKSNpDKXH852cWSBbQMTqQyeJnY6kVa8GQ0zTTToDs%2Bz45sx0ywIwTvdCzfdlhTpMs5B3cmfjetSiV8hw6uQOsyffKpmDnZxtiSGBY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a7693a1ef5b89a-AMS
content-length: 53840
cf-bgj: h2pri

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame BA6D 14 KB
5 KB 132ms
68ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://shellshock.io/
Origin: https://shellshock.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 74a7693a8e07b90e-AMS

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
648 B 133ms
40ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=shell-shockers.co&callback=_gfp_s_&client=ca-pub-4658181883112071

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4658181883112071&plah=shell-shockers.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

01f0fba52012db4f593d80d16cd881e5638f7f6dbc15c5eb5af00a20f6c7d080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 170ms
74ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=shell-shockers.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 07:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 931ms
42ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shell-shockers.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 07:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fshell-shockers.co%2F&tn=DIV&cls=tophere&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: shell-shockers.co
URL: https://shell-shockers.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA9A 256 KB
64 KB 676ms
608ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&adk=1812271804&adf=3025194257&lmt=1663140561&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshell-shockers.co%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560758&bpp=2&bdt=560&idt=242&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5820490533469&frm=20&pv=2&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=258

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a1ee0ef6530db67022f30f4d4941c06c4dfe2e2186627652d57ea3a99759859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shell-shockers.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 65503
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:29:21 GMT
expires: Wed, 14 Sep 2022 07:29:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F13A 81 KB
29 KB 725ms
667ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=3387905186&adf=3610118697&pi=t.ma~as.2589404083&w=1200&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560760&bpp=2&bdt=562&idt=262&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=87&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LMs5zLgH5g&p=https%3A//shell-shockers.co&dtd=267

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cb3ee708a82e5b549d7b08490f8eece635d74a868a6cef442e1427abea07ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shell-shockers.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30073
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:29:21 GMT
expires: Wed, 14 Sep 2022 07:29:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C5FD 107 KB
40 KB 847ms
799ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=2578728252&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560762&bpp=1&bdt=565&idt=270&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UImC1EFgnH&p=https%3A//shell-shockers.co&dtd=272

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b12a8018316288225dc39eae5e332d35a949282249c33fb2eceb7399b047c515

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10208165358550059533/Bram_160x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10208165358550059533/Bram_160x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMnu7rLhk_oCFQ7kGwodHTUILw&gqi=0YIhY8n4BtLY1gb4zoWwBA&layout=/sadbundle/%24csp%253Der3%24/10208165358550059533/Bram_160x600.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shell-shockers.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 40689
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10208165358550059533/Bram_160x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10208165358550059533/Bram_160x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMnu7rLhk_oCFQ7kGwodHTUILw&gqi=0YIhY8n4BtLY1gb4zoWwBA&layout=/sadbundle/%24csp%253Der3%24/10208165358550059533/Bram_160x600.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:29:21 GMT
expires: Wed, 14 Sep 2022 07:29:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A3BE 81 KB
29 KB 883ms
839ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=779800344&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560763&bpp=1&bdt=565&idt=276&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1435&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mDnzpqWhIC&p=https%3A//shell-shockers.co&dtd=278

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f9cfc5a589797311ede81b569ce870c6462cdf825f14710d240dcc519a66ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shell-shockers.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30129
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:29:21 GMT
expires: Wed, 14 Sep 2022 07:29:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4792 73 KB
23 KB 900ms
860ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d03c23f88681646e7be7714d6e8a731f63298466e2a4a6784cee08e2ab2b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shell-shockers.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23129
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:29:21 GMT
expires: Wed, 14 Sep 2022 07:29:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame BA6D 184 KB
68 KB 808ms
67ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K5MSJHJ

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

818ee4d56a17164119212f17930b59ed2d3639171ebd4a4595fab5797a48b7f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68737
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Sep 2022 07:29:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BA6D 6 KB
667 B 43ms
43ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/ui/4.6.1/firebase-ui-auth.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 06:48:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 07:29:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 07:29:21 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame BA6D 2 KB
1 KB 887ms
175ms XHR
application/json 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220914

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ca11de003a3a6cf3fb71bf8ed1b1b84e7452134c2dca9197727462aeac76475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shellshock.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 16101
x-jsd-version: 1.0.1462
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 849
etag: W/"661-7PIfh4k+0RflEATm5VwiiS1I54A"
x-served-by: cache-fra19142-FRA, cache-maa10248-MAA
x-jsd-version-type: version
date: Wed, 14 Sep 2022 07:29:22 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame BA6D 166 KB
43 KB 747ms
36ms Script
application/javascript 13.35.253.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-90.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 14 Sep 2022 07:07:30 GMT
content-encoding: gzip
last-modified: Thu, 01 Sep 2022 20:50:54 GMT
server: AmazonS3
age: 1312
etag: W/"d9d3c87337955401df6a2e4474e61700"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA6-C1
x-amz-cf-id: Rg4DorQ0cL_RA5o8MyHr-lskKPifUik8yDAsXiRPelxriOeYzjrTGQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BA6D 85 KB
29 KB 793ms
82ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

b2a1888bfaee890a17bf6433cdc4dc908995d363c64d993f1816e84e5075c68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29129
x-xss-protection: 0
server: sffe
etag: "1333 / 841 of 1000 / last-modified: 1663109561"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Sep 2022 07:29:21 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BA6D 377 KB
126 KB 746ms
35ms Script
text/javascript 2a00:1450:400e:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8827dc6e85e78d6e711fe152b384c9631edfe8a9a9237a74a885790114c47ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128594
x-xss-protection: 0
expires: Wed, 14 Sep 2022 07:29:21 GMT

GET
H2 200 adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ Frame BA6D 16 B
358 B 38ms
38ms Script
application/javascript 2606:4700:3108::ac42:28be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SSK/shellshock.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2399850
x-host: adinplay-1
content-length: 16
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
server: cloudflare
etag: "5ac4f9a5-10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCrBUC5FMEgrVjlz3K%2B%2FjY9JLD8eEyrAj1%2BNGKP0es1xPXtcBrdjcQYiu%2BIsym%2Bz3MLtVyxRbsp0ZPVqoQxEuUAPyW78lpjjQKK3r6ryur9kmUGTUAnoMZld10QTNen8%2Fl2%2Fh3PkRfvfKK%2FZn4M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74a7693b9ceab885-AMS

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame BA6D 100 KB
26 KB 75ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1a86cfa0a3424cb341030e736bd10936e02a5eef335f68ed157879905aa08d7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26756
x-xss-protection: 0
pragma: public
x-fb-debug: di+e1/NemLQqx2v+i5B5BXaArIpMxZSHyENfvpMIZdRGKJxjd9nt1t2O9O6g+SBP4rnFaJalolMKWFU+RGVm8A==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 07:29:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 shellshock.js Show response
shellshock.io/src/ Frame BA6D 2 MB
675 KB 38ms
38ms XHR
application/javascript 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/src/shellshock.js?1661986677
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8793f883c3b983f49f1be0cb088c5375847570f265dc89493b796cb346c43612

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 22:57:57 GMT
server: cloudflare
age: 4780
etag: W/"630fe775-27f9aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14PjF%2Fy11MupPp%2Bse1nWYkHdSRgXE%2FcWTZTEte6l2VRsQmpWY625hOkiLT8y8BmAHCfIz230jLRxBEZNxoTLYLpYj0RsyWCt7ICUvYagiOTqXpb2wEWx8mg930nptQsIMyibD9etc5KAEq0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a7693bca5cb89a-AMS

GET
H3 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ Frame BA6D 35 KB
35 KB 176ms
59ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sigmar+One|Nunito:100,200,600,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shellshock.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 21:06:30 GMT
x-content-type-options: nosniff
age: 123771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 21:06:30 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ Frame BA6D 283 KB
68 KB 343ms
41ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a7693db922b927-AMS
date: Wed, 14 Sep 2022 07:29:21 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1131
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 17 Sep 2022 07:29:21 GMT

GET
H2 200 BlueWizard-Logo-min.png
shellshock.io/img/ Frame BA6D 47 KB
47 KB 45ms
45ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/BlueWizard-Logo-min.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f80755760a7307e17dfdcc0e9dba7d81e92a5a72dc864dc9a512199c2c4050d5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:21 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:21 GMT
server: cloudflare
age: 4833
etag: "62731485-ba98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKdOdBktzHLTrhLdcbmJMlftp0XovmIh5etDGXpVKQQUjeQXha%2BxOuK%2F3BJ6mE2PTWSozb6yClh5m4s4zHvLKzKDW8cxIuwKTy3w57An%2BY1UEfb1yFnKuoOXKZeSr8LRi9MrZCsesuIHJgg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a7693bea9cb89a-AMS
content-length: 47768

GET
H2 200 logo.svg
shellshock.io/img/ Frame BA6D 14 KB
6 KB 46ms
45ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/logo.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 186dc3174ad9f21803148ff17b7bb6b3d775da8bbad831d9dd56c7d7cc32e5f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4834
etag: W/"62731484-3928"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91Q7CsP58CNVUVSjN87%2FPsON080JM34IFIopILMBJZZPILudcrX8BWZjNynC%2B%2BthoTp17MllnwQTJmmycqWU7zgCudFpQ6SKAJ61aDMQGgx6JbQTbYnXBK4cWc22pDHYrgDJX%2BGqNRb3KQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a7693bea9fb89a-AMS

GET
H2 200 vip-club-popup-background.png
shellshock.io/img/vip-club/ Frame BA6D 163 KB
164 KB 46ms
45ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/vip-club/vip-club-popup-background.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/styles/style.css?1661986596
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd60a19c003cfd7697cf549e7defd622a78765daf0e10f5aec2c6e3f61a364d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/styles/style.css?1661986596
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:21 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:30 GMT
server: cloudflare
age: 4833
etag: "6273148e-28d07"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4na6gvLsE3FAaX6UwmA%2FcXB1MwX3DvVGbLNiS%2FyKWAwGUFUai2qKg63XJGhuooqo7h8mPwj3TEUGqLiD9k10DuwSjOP%2FUD%2Bsd8U1eJQP5sk7W8tUi8TOrAH%2FCOFBo11qtUFerib0vyIVNkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a7693beaa0b89a-AMS
content-length: 167175

GET
H2 200 vip-club-give-stuff-popup-background.jpg
shellshock.io/img/vip-club/ Frame BA6D 62 KB
62 KB 46ms
46ms Image
image/jpeg 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/vip-club/vip-club-give-stuff-popup-background.jpg
Requested by: Host: shellshock.io
URL: https://shellshock.io/styles/style.css?1661986596
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ff2f16b4b5d0a7d8dc536209e04d61870f4216ab2c67fe26e31421911b79e22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/styles/style.css?1661986596
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:21 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:30 GMT
server: cloudflare
age: 4833
etag: "6273148e-f66c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gapzkkrIND5%2FpFLENw7VylFAq%2FMjCZMrard09sSoxYvjrvYRFAM%2FrmpP8DOJrQW5AKjZX0ruFK%2F1g9i47Gklr0dX4DL%2BuVDe4Ztdyo5H%2FlTkL65408WZFo3OF1GKxeHspcSMG4BeFeR6Rg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a7693beaa1b89a-AMS
content-length: 63084
cf-bgj: h2pri

GET
H2 200 kotc-bg-popup.png
shellshock.io/img/kotc/ Frame BA6D 107 KB
108 KB 45ms
45ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/kotc/kotc-bg-popup.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/styles/style.css?1661986596
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e8ca48ea3cb0c70aed0346f6c9510abf37d1b0db0c2b0c1911da2fd3201def9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/styles/style.css?1661986596
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:21 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:23 GMT
server: cloudflare
age: 4833
etag: "62731487-1ade5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Di6AppBIs5VDN1YCsXbLnZvROZPSwJBK6m41X8C9f64OlJRjgPU9MocbzhCyycW1noc3SygYkDX4f843gsh3rXkmbvg5%2FCQRYYm%2FPGbzRbBSuLSEcYyIR8WYqmshvY6Mj8LPZSelhuZwItQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a7693beaa2b89a-AMS
content-length: 110053

GET
H3 200 css
fonts.googleapis.com/ Frame F13A 6 KB
672 B 43ms
43ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=3387905186&adf=3610118697&pi=t.ma~as.2589404083&w=1200&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560760&bpp=2&bdt=562&idt=262&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=87&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LMs5zLgH5g&p=https%3A//shell-shockers.co&dtd=267

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 06:23:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 07:29:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 07:29:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame F13A 2 KB
983 B 162ms
72ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:21:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame F13A 23 KB
9 KB 130ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 8244505166375133744
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:21:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame F13A 3 KB
1 KB 142ms
72ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:18:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame F13A 17 KB
8 KB 126ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7572
x-xss-protection: 0
server: cafe
etag: 3190241002381566568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:16:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F13A 142 KB
44 KB 139ms
49ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 07:29:22 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame F13A 33 KB
13 KB 204ms
83ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 06:07:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 06:07:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F13A 0
0 78ms
78ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3XJq0YIhY7PKB4eH9fgPys2ryAixyvrya4myvPGyEL_hHhABII-q_SVgkYSghYwYoAGSuvi4AsgBCakCW6uSSQm_sD6oAwHIA8sEqgTZAU_QnVO1KsCNfKHY6JIQ9astVCDZJoGz5tJ6x1yjJ277b-TyPwUZ_7DJNVfCN_F_Ny-0sV83vpLgKaSKi2OCXg4Rfjt019p9U7TiOVtlCv8xZ71CGk4L2PJrlLWUIswHAkcxD4eCYhtRaorqeQujvM6cmz96Uko6OAUMtrOhrX3hUfy-BU4teVZLDFbZcIlCOUC1LSyOaM5ujbNiV8nWjbnOEkYQVO4jSDdFLrbMcLlMpndLhlQbcj-MhpsPgxZs8pXyipwVz2ZUfntKXqSW_Mwd3vRUXsoiaH7ABNChyMWfBKAGLoAH1sWHxwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCz8FTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwOIFAHQFQGAFwGyFxwKGggAEhRwdWItNDY1ODE4MTg4MzExMjA3MRgA&sigh=YoJLpMqZ6r8&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=3387905186&adf=3610118697&pi=t.ma~as.2589404083&w=1200&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560760&bpp=2&bdt=562&idt=262&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=87&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LMs5zLgH5g&p=https%3A//shell-shockers.co&dtd=267
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 14 Sep 2022 07:29:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Sep 2022 07:29:21 GMT

GET
H2 200 Bram_160x600.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10208165358550059533/ Frame 2A3C 161 KB
113 KB 126ms
73ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10208165358550059533/Bram_160x600.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=2578728252&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560762&bpp=1&bdt=565&idt=270&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UImC1EFgnH&p=https%3A//shell-shockers.co&dtd=272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7baeec556b0c87ed71afedc61eea105be22745724cec853d42a4b4875f4f4513

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 171407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 114310
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 07:52:35 GMT
expires: Tue, 12 Sep 2023 07:52:35 GMT
last-modified: Wed, 31 Aug 2022 13:44:40 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C5FD 0
0 78ms
77ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzSCi0YIhY4nCCI7Ib53qoPgCoLCcr2yBy4_b2hDsmNGdxSEQASCPqv0lYJGEoIWMGKABjKSc0gPIAQmpAlurkkkJv7A-qAMByANIqgTYAU_QkCeTbExo20lBvkk68k_uPlVOgPTPcFHsrOMM_8OLwSD3P2Qr7wNAm4KH_l8BcNa7uOwy0K46MS88DmKbZCd1_4eXVB2NyNPBOsyXMQTi1FlzXZyWFo-3rLxGnDTSv60vvymY22j1j2PkIQl_ZsQqNugxq4xo_tH6v0d3moKT2gNQUy-iEUIrgGFA_5f1sXo1LdI2-U4lUxeTZ3PT_oIekfBV53Qp03t7QxN6D9C5GGGNW370qdChwVCEIeovjRVoxZpIrJ-FJIta-gGP6JwedWrC_lRW6sAEsYW8ppYEkgUECAQYAZIFBAgFGASgBi6AB9zb4y2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCP3hDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi00NjU4MTgxODgzMTEyMDcxGAA&sigh=w0JmmcYPyGI&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=2578728252&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560762&bpp=1&bdt=565&idt=270&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UImC1EFgnH&p=https%3A//shell-shockers.co&dtd=272
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 14 Sep 2022 07:29:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Sep 2022 07:29:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame C5FD 23 KB
9 KB 98ms
47ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 8244505166375133744
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:21:04 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5015934928793042551/ Frame F13A 12 KB
12 KB 174ms
132ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5015934928793042551/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21b624ffad50dd48f3ad137fd29a28a98bdfcedab0a99a67b3075451c0614119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 06:07:26 GMT
x-content-type-options: nosniff
age: 436916
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11777
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 05:43:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Sep 2023 06:07:26 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3406746520427074868/ Frame F13A 6 KB
6 KB 177ms
135ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3406746520427074868/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44a98b28a8ebbcd3ada4c6b83d5dd76094e0992b9c654075a4d03e59396e4c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 15:31:01 GMT
x-content-type-options: nosniff
age: 575901
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5824
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 07:48:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Sep 2023 15:31:01 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 149 KB
53 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0ba2b213268069818d82f81df4bc20d2619e7057146bcf18f9a9d2c0f0f229a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54572
x-xss-protection: 0
server: cafe
etag: 8730722770596860709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 07:29:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A3BE 6 KB
672 B 44ms
43ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=779800344&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560763&bpp=1&bdt=565&idt=276&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1435&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mDnzpqWhIC&p=https%3A//shell-shockers.co&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 07:11:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 07:29:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 07:29:22 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame A3BE 2 KB
936 B 134ms
132ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=779800344&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560763&bpp=1&bdt=565&idt=276&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1435&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mDnzpqWhIC&p=https%3A//shell-shockers.co&dtd=278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:21:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame A3BE 23 KB
9 KB 126ms
125ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=779800344&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560763&bpp=1&bdt=565&idt=276&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1435&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mDnzpqWhIC&p=https%3A//shell-shockers.co&dtd=278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 8244505166375133744
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:21:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame A3BE 3 KB
1 KB 154ms
34ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=779800344&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560763&bpp=1&bdt=565&idt=276&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1435&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mDnzpqWhIC&p=https%3A//shell-shockers.co&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 06:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 06:48:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame A3BE 17 KB
7 KB 128ms
127ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=779800344&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560763&bpp=1&bdt=565&idt=276&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1435&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mDnzpqWhIC&p=https%3A//shell-shockers.co&dtd=278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7572
x-xss-protection: 0
server: cafe
etag: 3190241002381566568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:16:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A3BE 142 KB
44 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=779800344&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560763&bpp=1&bdt=565&idt=276&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1435&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mDnzpqWhIC&p=https%3A//shell-shockers.co&dtd=278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 07:29:22 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame A3BE 33 KB
13 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=779800344&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560763&bpp=1&bdt=565&idt=276&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1435&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mDnzpqWhIC&p=https%3A//shell-shockers.co&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 06:07:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 06:07:33 GMT

GET
H3 200 0cf29303bb18303a156bc2ce1c098e89.js Show response
www.gstatic.com/mysidia/ Frame 4792 10 KB
4 KB 107ms
70ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0cf29303bb18303a156bc2ce1c098e89.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a89baeeddf42182b6b6847f1ad6f45d2c81457c4970ed9baec3be9e44d84fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4398
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 15:06:41 GMT

GET
H3 200 02632b5986d153635495a6e5331c83d6.js Show response
www.gstatic.com/mysidia/ Frame 4792 10 KB
4 KB 113ms
77ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/02632b5986d153635495a6e5331c83d6.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c76f9b25bafc531d4218b90bd300b95cc09216ef4e28b181b190d347e4dd1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4445
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 15:06:41 GMT

GET
H3 200 2e4af17640cb32bc996b7903b1b5a7cb.js Show response
www.gstatic.com/mysidia/ Frame 4792 19 KB
8 KB 97ms
61ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2e4af17640cb32bc996b7903b1b5a7cb.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

357abec0133efb2d00e08db6666c4e89b04f8fdc96b3eea43bde026e2fa78075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 00:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7793
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Dec 2022 00:28:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4792 8 KB
893 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 06:41:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 07:29:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 07:29:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 4792 2 KB
902 B 66ms
66ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:21:17 GMT

GET
H3 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame 4792 6 KB
2 KB 95ms
60ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 00:50:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 16:51:24 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame 4792 23 KB
9 KB 125ms
124ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 8244505166375133744
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:21:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 4792 3 KB
1 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 06:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 06:48:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 4792 17 KB
7 KB 127ms
126ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7572
x-xss-protection: 0
server: cafe
etag: 3190241002381566568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:16:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4792 142 KB
44 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 07:29:22 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 4792 33 KB
13 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 06:07:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 06:07:33 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame BA6D 49 KB
20 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: shell-shockers.co
URL: https://shell-shockers.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1642
date: Wed, 14 Sep 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 14 Sep 2022 09:02:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame BA6D 213 KB
74 KB 193ms
70ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-79NWRZXYCB

Requested by

Host: shell-shockers.co
URL: https://shell-shockers.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

200dc342a32aa221914e14da19eceefa1f28f793075d2d3787a25e1b7bc52e61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75631
x-xss-protection: 0
expires: Wed, 14 Sep 2022 07:29:22 GMT

GET
H2 200 en.json Show response
shellshock.io/language/ Frame BA6D 49 KB
20 KB 34ms
34ms Fetch
application/json 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/language/en.json?0.42.18
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78e804add8676a2cb061eb299cc9f9135f8f28c076f0594e1a80d4d8516a8df9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 22:56:36 GMT
server: cloudflare
age: 3702
etag: W/"630fe724-c516"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKF%2FEu6tqoWIoNZoROK%2FRt1KNJvCPmY8yEpuyXKmhyg5TKo3uqHBC8mxEqeLP38MgVS8d4XCWCsLPA8d3WROgrrk6CT5eLMirzpu2LWD38BpFCdHvxaryomwgvin6K7075HjCn73d9SWvg8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76941fe93b89a-AMS

GET
H3 200 771186996377132 Show response
connect.facebook.net/signals/config/ Frame BA6D 293 KB
84 KB 35ms
35ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/771186996377132?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8d1376f23a0dcd2062c169cb3a966923e585a91e9d4342cd25097f6031803cdf

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86265
x-xss-protection: 0
pragma: public
x-fb-debug: 5cH3Fcpz/sIG0grCoTfSy/SY6k4x5sAXGgrUf5vAxq/WuYO0tFDxYU2ghNc5LalelMcV9m3QZjepBrP1VX8kMA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 07:29:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A3BE 0
0 76ms
75ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBVdV0YIhY6T0B5mIlgSij5O4CZi_6ZRrstvg5_MPv-EeEAEgj6r9JWCRhKCFjBigAaiSmIcDyAEJqQJbq5JJCb-wPqgDAcgDywSqBOEBT9Aj4NGs6pPTH4xNs5H8grfYQJdn_8oANzqlOHEvYe9b0HseAerC_5saSoXdaIwe-HyEn41qjwJ7IOLzK_w-VTuV_mYqmMGP9KmhFF2K-CTCuZjCBh0WWtVkwTFIH93uAPtbcW03OWmd0JMnUWR5KaLVX7yhUgTbF9Qr1Qzn7CMk7nbwCCj0VHc6XZ8kmDCSGpbiKuvdJovQs8ue0CaHSkf3tm1_DoDKXHgyeNCue87Lr9bsgyW06rgo_YmZqNUIywzZeqr5L__Bg9yuuUcMqfPxG1KtprYioMVHm4P5ImvUwATUp-yBlQSSBQQIBBgBkgUECAUYBKAGLoAHwO3neKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMPmC9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi00NjU4MTgxODgzMTEyMDcxGAA&sigh=QF7MdhbLS34&uach_m=[UACH]&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=779800344&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560763&bpp=1&bdt=565&idt=276&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1435&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mDnzpqWhIC&p=https%3A//shell-shockers.co&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=779800344&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560763&bpp=1&bdt=565&idt=276&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1435&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mDnzpqWhIC&p=https%3A//shell-shockers.co&dtd=278
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 14 Sep 2022 07:29:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 web Show response
onesignal.com/api/v1/sync/dae68bc6-167c-4012-8644-90fe9db39950/ Frame BA6D 7 KB
2 KB 55ms
46ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/dae68bc6-167c-4012-8644-90fe9db39950/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f94608fec56dbf53146ac068d984bfdce6c8c29d5f4a59907907d0b82de4a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 470
cf-polished: origSize=6864
status: 200 OK
x-envoy-upstream-service-time: 34
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b268ef18-01a9-4f16-9fbd-24d9d6eb8dbc
x-runtime: 0.032512
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80213f394420ba9d3adc4baf80570d6e"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 74a769424999b927-AMS
access-control-allow-headers: SDK-Version
expires: Wed, 14 Sep 2022 08:29:22 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame BA6D 0
307 B 40ms
38ms XHR
text/plain 13.35.253.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fshellshock.io&pubid=53b902f9-cf9c-4605-aec3-2c8ce65042b8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-90.fra6.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 02:40:01 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
server: Server
age: 17360
x-cache: Hit from cloudfront
access-control-allow-origin: https://shellshock.io
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: A_x6swqiMWT-t4g1FlufTA7-BNVuiaLDfynOWEW1myaN0F9ugoMc-w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame BA6D 6 KB
3 KB 105ms
34ms XHR
application/javascript 13.35.253.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-90.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 14106
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 19:06:24 GMT
server: AmazonS3
date: Wed, 14 Sep 2022 05:14:43 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: tx0XROT5dqIGezxZY9j-tKG43bo9n1ryCqKFSvKXEbeMaTBm9McfFQ==

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/11097340403102972459/ Frame A3BE 36 KB
36 KB 91ms
37ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11097340403102972459/2076313506083323656

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=779800344&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560763&bpp=1&bdt=565&idt=276&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1435&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mDnzpqWhIC&p=https%3A//shell-shockers.co&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a233bcae0f4976d138c50c9f260a4999c6496eb4548c782784633fdbc8ecab3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 11:43:22 GMT
x-content-type-options: nosniff
age: 71160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36791
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 14:10:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Sep 2023 11:43:22 GMT

GET
H3 200 2728354180183721846
tpc.googlesyndication.com/simgad/12619686534100969949/ Frame A3BE 2 KB
2 KB 114ms
60ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12619686534100969949/2728354180183721846?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=779800344&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560763&bpp=1&bdt=565&idt=276&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1435&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mDnzpqWhIC&p=https%3A//shell-shockers.co&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40938aab5e60580b6bb7feb1ce269cc1befbf6c5c27308c8400ba6daa569a8aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:14:11 GMT
x-content-type-options: nosniff
age: 108911
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2516
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 00:53:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Sep 2023 01:14:11 GMT

GET
DATA 200
OK truncated
/ Frame A3BE 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pubads_impl_2022090801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BA6D 382 KB
130 KB 182ms
61ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

dba21b69260b204a0ea685b1388df50b9c490e8db990610b08499aef93a72f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133090
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:35:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Sep 2023 07:12:39 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2A3C 9 KB
3 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10208165358550059533/Bram_160x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 04:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 15 Sep 2022 04:52:23 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2A3C 26 KB
10 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10208165358550059533/Bram_160x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 04:52:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 15 Sep 2022 04:52:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C14A 143 B
163 B 35ms
34ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=2578728252&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560762&bpp=1&bdt=565&idt=270&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UImC1EFgnH&p=https%3A//shell-shockers.co&dtd=272
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 07:11:26 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame C5FD 3 KB
1 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 06:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 06:48:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5FD 142 KB
44 KB 121ms
48ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 07:29:22 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 113ms
45ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=shell-shockers.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 07:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 185ms
66ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shell-shockers.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 07:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/ Frame D85D 10 KB
4 KB 34ms
33ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shell-shockers.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 05:53:05 GMT
etag: 8616628553774171045
expires: Wed, 28 Sep 2022 05:53:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/ Frame FCA5 10 KB
4 KB 33ms
32ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shell-shockers.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 05:53:05 GMT
etag: 8616628553774171045
expires: Wed, 28 Sep 2022 05:53:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F13A 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b34f09ab8b0185a87f37efae7226f77abfd8870021f64422bd5219183a61a749

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hotjar-1519513.js Show response
static.hotjar.com/c/ Frame BA6D 4 KB
2 KB 122ms
41ms Script
application/javascript 65.9.66.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1519513.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5MSJHJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-123.fra56.r.cloudfront.net

Software

Resource Hash

292df53a6dd9f0672c3ab1f4d20bd29fcf590183976c363b33f594f98f522872

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=604800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 56
x-cache: Hit from cloudfront
date: Wed, 14 Sep 2022 07:29:21 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/b155dca2a53cf00fe773c81469d83148
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 5U1-Q4v68tQrUcuN3lmS8B5LqPPPsZHLoHaqFOKwI-Su0TkplT9ELw==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame BA6D 41 KB
16 KB 203ms
97ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5MSJHJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 07:29:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame BA6D 213 KB
74 KB 74ms
73ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-79NWRZXYCB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5MSJHJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd6d444176a48eb87ab5e4a10ac6a94e1c49e1ef95edd29c5286607bc2d1be47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75602
x-xss-protection: 0
expires: Wed, 14 Sep 2022 07:29:22 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4792 0
20 B 68ms
66ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgodCAEqGWJhbm5lci1sYXJnZS1sb2dvLXZhbmlsbGEKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNECshAAAAAADgYkAwBAoNECshAAAAAADgYkAwAQoNEAMhAAAAzcx4l0AwBBIaQ09uNjdiTGhrX29DRll5YWhRb2RyU3dINkEiFnRleHQvdmFuaWxsYV9oaWdobGlnaHQoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2e4af17640cb32bc996b7903b1b5a7cb.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4034990647646280414/ Frame 4792 6 KB
6 KB 36ms
35ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4034990647646280414/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87aaf6a219dd9f07753cc7f81628ee7017631478344a20d0ac1d3df05601a629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 09:54:32 GMT
x-content-type-options: nosniff
age: 423290
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5905
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 09:08:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Sep 2023 09:54:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4792 0
0 79ms
76ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChnGH0YIhY6nOB4y1lgSt2ZzADom3sK9s5uG4iqcQz7e-z4gKEAEgj6r9JWCRhKCFjBigAYbmyPIoyAEBqQLqE4Y6R0-zPqgDAaoEzAFP0Hn0g47BWB1P-v6IzVAYHk_ztB94dkawj7-bOhdjxyUdmt4blL0cM-I8QZ68YEyYK9PWaTYOLh9ejAujLbbagHWxsnp0Q-lL9vdNNz07cmXq2f1Wtt-SeQqAethxBoSAGdp2Rhuaz07Km9q4HoPCG509wwlM22pezlpTTH9Tfe8tzz1Z4lWF7Lc3GzgGi-HBtV0rm3b3J-o3evy6Y-9hBXO0qZUCUxd6MarOw-uoNs1DYfAABcxuenhytCryXco75bgJSuL4cSedO83ABPi9iPOPBIAHhp6Z0gOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCAiA3SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTA4gUAtAVAYAXAbIXHAoaCAASFHB1Yi00NjU4MTgxODgzMTEyMDcxGAA&sigh=Q4aK70IHgeQ&uach_m=[UACH]&cid=CAQSGwCsnQUxactBHNF9mgjB_s9n5BtPuObqbbmm7hgBIA4&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 14 Sep 2022 07:29:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E20D 143 B
163 B 35ms
33ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 07:11:26 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame BA6D 4 B
24 B 69ms
69ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2085741407&t=pageview&_s=1&dl=https%3A%2F%2Fshellshock.io%2F&dr=https%3A%2F%2Fshell-shockers.co%2F&ul=en-us&de=UTF-8&dt=Shell%20Shockers%20%7C%20geometry.monster&sd=24-bit&sr=1600x1200&vp=1000x650&je=0&_u=IEBAAEABAAAAAC~&jid=495513622&gjid=2075010868&cid=895818811.1663140563&tid=UA-105800112-1&_gid=1725351769.1663140563&_r=1&_slc=1&z=1259638381

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shellshock.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shellshock.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F13A 15 KB
15 KB 62ms
62ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 157325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 11:47:17 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F13A 15 KB
16 KB 61ms
61ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 266381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 05:29:41 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F13A 15 KB
15 KB 73ms
72ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 516451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 08:01:51 GMT

GET
DATA 200
OK truncated
/ Frame A3BE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b87165160ab61e21e36be74fe46d417b49609caa295c677ae8448e183ec019c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4792 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5da0962ecc6de3e97968595111a2717893f7d7c8890656989d3d053e21bf8cf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A3BE 15 KB
15 KB 59ms
59ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 516451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 08:01:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A3BE 15 KB
16 KB 74ms
74ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 266381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 05:29:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A3BE 15 KB
15 KB 88ms
87ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 157325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 11:47:17 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4792 0
20 B 66ms
65ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgodCAEqGWJhbm5lci1sYXJnZS1sb2dvLXZhbmlsbGEKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNEAohAAAAgJmZJkAwBAoNEA0hAAAAAAAAAAAwBAoOEB4qCDEwMDB4MjgwMAQKDhAZKggxMDAweDI4MDAECg0QDiEAAAAAkJnJPzAECg0QBCEAAAAAALKXQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAABlQDAECg0QBSEAAIAzM7OXQDAECg0QECEAAAAAQOHWQDAECg0QESEAAAAAAFHRQDAECg0QEiEAAAAAAAAUQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAACamWmZQDAEEhpDT242N2JMaGtfb0NGWXlhaFFvZHJTd0g2QSIWdGV4dC92YW5pbGxhX2hpZ2hsaWdodCgV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2e4af17640cb32bc996b7903b1b5a7cb.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 crown.svg
shellshock.io/img/kotc/ Frame BA6D 874 B
652 B 33ms
33ms Other
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/img/kotc/crown.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/js/vue/vue.min.2.6.10.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bea97cade95d292d8d504b1581bdc255ecdc6aa0433361bcc3e95a1062f3d06

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4792
etag: W/"62731484-36a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nX5lFM7LQWv9kYSZ2aR2NsNWSuleXRNshOlh0%2BHKja23XzpxJEb%2FzX9rsuTpfKsv5f60U%2BryWbVjfwH4ukuSvG6dEQQSnyRJRk3rqCuHqOv4ZAjrhTYafgMOUz9TENKHG3nd8xC8R8Eramg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769463dc2b89a-AMS

GET
H2 200 chickLoop_sleep.svg
shellshock.io/img/chicken-nugget/ Frame BA6D 130 KB
19 KB 40ms
38ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/chicken-nugget/chickLoop_sleep.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a776afe2912e17ecbb37612670852711fbff04ac8d55b55e8c5da2b082f47b4f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4810
etag: W/"62731484-20979"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FHCjSUcX0FjJTcZ1I1D%2BcNmtztystyQDJdX0AtGBACewUzJR1Wr6YMx8bZHPBUUOHbbJHvT5pvSMEa9Uj2bOx3LsSOI61xflgL0CZvqHtl0y%2FaeFx%2FYpv%2B3OBdFcBUG15%2FZg2jWTxzPA1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76946ff08b89a-AMS

GET
H2 200 vip-club-emblem-sm.png
shellshock.io/img/vip-club/ Frame BA6D 13 KB
14 KB 36ms
33ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/vip-club/vip-club-emblem-sm.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3290f38fc4f2f9a4a8611c767ca2b2f2a83eac6fdd92c59c6af8217438e8f2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:31 GMT
server: cloudflare
age: 4781
etag: "6273148f-34aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxCa%2B8M4kNH5RneLaZQJXswtALfo6gZVAsazfFdsy4BPznU671a8NRwr9FYne4PZEBWKKSHEZhr%2F9gSYJ9gZXFNNISA3Mu87L8Gd%2B4vyWdQvtSO7QzVqRC1qmje5N15Jm%2B1u6ohs%2F8Y2IIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76946ff09b89a-AMS
content-length: 13482

GET
H2 200 ico_goldenEgg.png
shellshock.io/img/ Frame BA6D 2 KB
2 KB 41ms
38ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_goldenEgg.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bc493724fbc4c37c524b9bb01e40df75b7250e7e61e2424823305e301ed9d6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:22 GMT
server: cloudflare
age: 4811
etag: "62731486-638"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCS6kLwn3g%2BwiNzY4iwam%2FvBn10e8oEmdZy3yylLzdlUv2IBZyskoB1lwBGDA2mb3wSn9fKawa340urgfRIwIRJN3bg8X3ulKbADRVxKvuJe%2FHhNpW7dj%2FDByIP4Yinq%2FaW4udoBoYWUvhU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76946ff0ab89a-AMS
content-length: 1592

GET
H2 200 mudGulch.png
shellshock.io/maps/ Frame BA6D 122 KB
122 KB 37ms
34ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/maps/mudGulch.png?13l8wfir3eo
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5100f6c9e27dce147823eb5b2fb74384e5c1224dfa9b82c1c44698881c16cac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 22:57:46 GMT
server: cloudflare
age: 3172
etag: "630fe76a-1e769"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QohnTPZ4Hf5OC4JHu9l7iUgGlmgtzZ1sS9yTHoA13z5gQYbdloaGxePIv6oDrBTWDxDI0jTeCUiib13zAdbAdjNKlb66RZXVKKRL1Ol6zWD%2BhMXxPO2tvgqjsAEfTc2huXjHkXP5Bj4jGMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76946ff0bb89a-AMS
content-length: 124777

GET
H2 200 ico_eggColour_normal.png
shellshock.io/img/ Frame BA6D 432 B
754 B 39ms
36ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_eggColour_normal.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbc8de3484f9a597c771d71f9520b3d4b88b3d7d7f31b6714b00d408bc1c6bbb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:22 GMT
server: cloudflare
age: 4811
etag: "62731486-1b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obgzuQ4IO%2BqwspYomd5BxtkSo8RTwZs9KQg242pH0oQVa50zgflcmGKy%2BCDu1xulg4rHMSLDOfJx9oJUVObAOeLkni9rMYo0NGyUhUBoHeyG1SWkamNe2rxQESgz7UCgyXPkqsZHd5ZVx%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76946ff0cb89a-AMS
content-length: 432

GET
H2 200 shell-mobile-cta-min.png
shellshock.io/img/mobile/ Frame BA6D 77 KB
78 KB 41ms
39ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/mobile/shell-mobile-cta-min.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecf9b6e0006d7282179f13b0a54bc89e94f8868e0fa53d1d6fe46df1f038025e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:24 GMT
server: cloudflare
age: 4811
etag: "62731488-134d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QoAx21jk9QNBXU%2Fy1UKS7Gq1XV8px2MeePrf7ihzLmJaIzweC2QoFhXErpnhj%2Blg0TUIPwIH16ODRsfasF3gQ9cVRbrWoz8MCbrSrAur1i2k%2BjtH%2Febl4XWVxg2eh6XdHNfHLB%2F4BJH%2FMOE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76946ff0eb89a-AMS
content-length: 79056

GET
H2 200 ico_weapon_EggK47.svg
shellshock.io/img/weapon-icons/ Frame BA6D 1 KB
968 B 40ms
38ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/weapon-icons/ico_weapon_EggK47.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b006b75c0008f4002fc0d5e8fd096f6be916bac2f3ac03f1358825a41026ff4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4781
etag: W/"62731484-43f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FEHcrw5x4QOV%2BqJwRmecsZl2B0v%2FuY09xwg%2FAvLg0U2ZrysvS9YWSqMZ6egJEpgMdC4FuBd1mKMKYQ7%2B5CCAn9hI%2FypwBTIWLwMZsMxIYg0IXICy7%2FIiFLCcGp0VNcc1lOghP0yF1CrNpo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76946ff11b89a-AMS

GET
H2 200 ico_weapon_Scrambler.svg
shellshock.io/img/weapon-icons/ Frame BA6D 943 B
936 B 38ms
36ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/weapon-icons/ico_weapon_Scrambler.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f56c2a045c9dd87d7eecee5f27acb2e90ddb639389866776edb8ed97098961

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4781
etag: W/"62731484-3af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ardFbYGzu25WuCZJjMPW%2FeG6p5LuInjw4Or4DL%2BqFUxLd5chM7EB4MYZRi3IxWVKSrKbTfpgD59ikuhm8kdrCJmDaFXfDrioKXkiAzRzMB76GsUSd7XNnFjUxvY%2FzuANH53ezDbDFPOLFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76946ff12b89a-AMS

GET
H2 200 ico_weapon_FreeRanger.svg
shellshock.io/img/weapon-icons/ Frame BA6D 1 KB
1005 B 35ms
33ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/weapon-icons/ico_weapon_FreeRanger.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65aa0b4c724e1c5e6d6022f2f8598a005d24bb62264ee04dc766c03666dd0783

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4781
etag: W/"62731484-46a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rw3lKNlTolgzvSEG2hRhBlLkU9Tn71mEsKmf5K%2BIMEzp9Nzu2JIAig4k7BxhAll6GIFqRPN3tBD68rZj2nR2sL3FwhfYe99usbJQz%2FlsKSl9eMtC2nnKq%2FvT%2BZg2apQsAyFew6yWCbjHkFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76946ff13b89a-AMS

GET
H2 200 ico_weapon_RPEGG.svg
shellshock.io/img/weapon-icons/ Frame BA6D 1 KB
1 KB 40ms
38ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/weapon-icons/ico_weapon_RPEGG.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45371d9100463ad99a76cc844ec902ae3337afaa1cc0521d11e48f0a7dda2b27

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4781
etag: W/"62731484-4d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtxQ%2FG9vnLK50XrONxZDBeboiUX3XHGm5Tu4MDHQOWO2Q%2Bz6Z8Yp6%2FZnhaUfqCDm%2BjXItJAJTrNRqV97P0wpGkQ5vd8UsKhTX6TgR84nQBe1hCVwnY6jmBvYC8zlGsu8yFEeUz31XYGKu5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76946ff14b89a-AMS

GET
H2 200 ico_weapon_Whipper.svg
shellshock.io/img/weapon-icons/ Frame BA6D 1 KB
1005 B 65ms
63ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/weapon-icons/ico_weapon_Whipper.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aba4a30563ad76a60953fe925d2971c07dddef9d155897eb02aee927af6dc20a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4781
etag: W/"62731484-4ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tKq27iOC1CXbTBaiT9Tsow%2FaL03mf%2BfAGurmX%2BUUh4Xz2zUa8DqAxsIjqx%2F0Jt6LWa3FSDsuNOjg3tp6bXaA2dTWCD2wlwibBbfcTA0yluzrKqXGL%2FOZMODOkw8esaWnRslezy4ra9un1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769472f60b89a-AMS

GET
H2 200 ico_weapon_Crackshot.svg
shellshock.io/img/weapon-icons/ Frame BA6D 1 KB
1013 B 61ms
60ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/weapon-icons/ico_weapon_Crackshot.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6bc6400fc77bf7c35e9cba871123f41f8a3790405c82558ee6cd7eaf555b639

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4781
etag: W/"62731484-49b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39z4xKHq8xjNQFZFljI0VmBHIR7NNsqL1lkLH5nerVdd4z6YU1INd5aT9RbYTNJ6GUEmz3VYczzCvCmHleh55W5fQcbH7hnwSLl7JrJMlBOdQLrK3K4V4EKynfxVGkuq9bEec3cTYohW2Gc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769472f62b89a-AMS

GET
H2 200 ico_weapon_TriHard.svg
shellshock.io/img/weapon-icons/ Frame BA6D 863 B
829 B 62ms
60ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/weapon-icons/ico_weapon_TriHard.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03e6992844a83a2b3312f07180ae94bfff7ca1f97166e4b158c550c28ebef835

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4781
etag: W/"62731484-35f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Vnvg1hjzsje7Bs0TbVN8wGezJgsdmSiU0zcOwLIfUmW8A1IunJUeXScOckq0nkBjR14twBtW9zFh4vwku3SUI9ESBkh6aL%2BNsSrsx80iM1iQkXYG28OrrMaikAgTVL5TPYu7FljoijrzCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769472f64b89a-AMS

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ Frame BA6D 78 KB
79 KB 99ms
63ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Origin: https://shellshock.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4024067
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80148
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-13914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpocvuKvqPFLIFsJd4b3tHzz%2F5IEeOGuPbVO8ac7jXSDOUpuGawGCO8KdzPyLxlrQ9SuV2n52THizqIXbi8ce7N24EHgYyEk%2BhTDwEQDRNzBSe8hk%2BwbndfaMZRtakLqBQu8aR7Jw2cd6tV2GQNT0SGm"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74a769474a3db718-AMS
expires: Mon, 04 Sep 2023 07:29:23 GMT

GET
H3 200 co3DmWZ8kjZuErj9Ta3do6Tppg.woff2
fonts.gstatic.com/s/sigmarone/v16/ Frame BA6D 42 KB
42 KB 60ms
59ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sigmarone/v16/co3DmWZ8kjZuErj9Ta3do6Tppg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sigmar+One|Nunito:100,200,600,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39e7f97482ae0d4ab6990d049c22c207d33578cbb81a52bc6aad349f8bbd6d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shellshock.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 00:36:32 GMT
x-content-type-options: nosniff
age: 543171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43360
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 00:36:32 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ Frame BA6D 76 KB
76 KB 72ms
36ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Origin: https://shellshock.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3585253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77400
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-12e58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lu6V57U2EskJjXZ2o3yE67jOREf0FrOBqIdj9%2Bich%2BBkyGBgzKF1ouRoQkUIuEEZ9gtv%2BjuRcnHyQPE2KvKfojDIydxersoosNt8Q3W8%2BRPTF9RL2IYpXzaCmnr29kp33fUrgSqZ6jdR2rn%2Bk8ZCN4uH"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74a769474a3eb718-AMS
expires: Mon, 04 Sep 2023 07:29:23 GMT

GET
H2 200 sounds.json Show response
shellshock.io/sound/ Frame BA6D 13 KB
3 KB 57ms
49ms Fetch
application/json 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/sound/sounds.json?0.42.18
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d4b004f7fb693779b5f6f23d659a25d527a4a36e2a096d906cf05710d9976a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 25 Aug 2022 22:27:28 GMT
server: cloudflare
age: 4792
etag: W/"6307f750-321b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxaJmweIWghHdezmhBvhIFS54Ipigt8EFvlTY8zZQ%2BemlS773%2B2fRIqo%2FAtrBg%2F7Ext%2FsSSRht%2BziWz68g3PQeTbHeR2sHDFrpPbfZQJ4F7AWHt52SN4ofspd8ROdJGY30A1PkhObwRolNU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76947e8b7b89a-AMS

GET
H2 200 blue-wizard-logo-tiny-min.png
shellshock.io/img/ Frame BA6D 4 KB
4 KB 52ms
42ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/blue-wizard-logo-tiny-min.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5e2562f7fde7fdc20e3ac0df2a98e349b8d30a25b912f736f6c33ac917f5fbe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:22 GMT
server: cloudflare
age: 4807
etag: "62731486-1031"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtOyE3RGu%2B%2FZY6fC0FCtPeSqqK%2B2CCwzOFgi5StpjVVHRdy8UQua3WlokCftfDrTmFQM181IP73KRZlCvo2VUBnrBHN0JVCeT%2BSjeBK2OiwJNOUxOnjmA3Fji6Mvyk0GUDAYWEE9pXuPogc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76947e8bcb89a-AMS
content-length: 4145

GET
H2 200 eggPose05.png
shellshock.io/img/ Frame BA6D 62 KB
63 KB 53ms
43ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/eggPose05.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6383353070129c103b1a78f595ea41b2bbdb5b0c130e04d0076e29bb30ac8c92

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:21 GMT
server: cloudflare
age: 4793
etag: "62731485-f9ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsfFRkumDl3%2F0QnJup0IyoABOJysJT4fZVYC755CzOUt0PzF2j62m3a4w0Z2I3H6VolyROqhW%2FNDvkLfryY%2FwxEWIDFh6yuslTAx8yEJlKON0rO0VCpwjeqGvtmomqivulSvRUGrJ%2BfCcpw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76947e8beb89a-AMS
content-length: 63983

GET
H2 200 eggPose01.png
shellshock.io/img/ Frame BA6D 75 KB
75 KB 59ms
50ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/eggPose01.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51cba45ddd3f0fd36ffac9228945b397967fc9f39bffd93ed71e13459dcc4158

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:21 GMT
server: cloudflare
age: 4793
etag: "62731485-12c28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxIL7PmGfJVuIb%2FH7pAeImdLR%2BRGaTC9McRAo%2FWI6EL%2FT1%2B44jcIklB01Krg1FtAxwaeN7RPIGYiFgAaOqi6fxHv8CT4QIITskuPVOLuxxI9LRHwQgaBOOL7rcz6MuH%2FjJ3QRoAIC4PnT20%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76947e8c0b89a-AMS
content-length: 76840

GET
H2 200 ico_weaponPrimary.svg
shellshock.io/img/inventory-icons/ Frame BA6D 1 KB
969 B 60ms
51ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/inventory-icons/ico_weaponPrimary.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13be644b583fe1c021650b4b272a4e076ec2f2707ebe56113839a641d3b42300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4793
etag: W/"62731484-496"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fY%2FcBlYaF7txZTEmC2igp0XNXlVh1Q96RznoaOGLqmOI2KjK5EX7b2jCD9yQuEhH3DrvZ3uJ55%2BvSz7Lmw5t%2Bykz2Y66%2F9R%2BL3u7wIfMZ2u3%2F5LaNunEFHVWzbo6bMZ8aeL0yUIjLCplnMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76947e8c3b89a-AMS

GET
H2 200 ico_weaponSecondary.svg
shellshock.io/img/inventory-icons/ Frame BA6D 1 KB
1013 B 52ms
42ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/inventory-icons/ico_weaponSecondary.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 676aa4f86e6ebddf660cfeaa012333175e2686905bf18de6139d8f9e12ef9ad4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4793
etag: W/"62731484-5bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BRqz1H7lQMvIQ0qQbAEEuPiNr2H4L4UUw5CYXbMsxO7Xtd3hny5NiqY7tKOTasfeEuKKrTyHkOZAPHOeknvqMjT7pWwtSYGhVsxhbFDTMZZnuyVaDE5IvuCE3Mu9rEHWzTusKuLXDnbE1E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76947e8c4b89a-AMS

GET
H2 200 ico_grenade.svg
shellshock.io/img/inventory-icons/ Frame BA6D 620 B
666 B 49ms
39ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/inventory-icons/ico_grenade.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f7afac9fcb63409517c8ae63dc7429f524d38995d043ae6d4cbd172e1cd8b12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4835
etag: W/"62731484-26c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGWq7qp%2BW5bgQxwqEqW6tOwh4vPRBf06%2Fk5ZCjW41w5AOoMAVC99lukEIU4Tr%2F%2FuqwJEDQTKz7c%2FWJ5TVypmtDlfZSVdvQZkUwolFtrPcR9HH46uz67mNGr1GwXH7VfrXSIjyCqFTAFsAnM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76947e8c5b89a-AMS

GET
H2 200 ico_hat.svg
shellshock.io/img/inventory-icons/ Frame BA6D 364 B
584 B 54ms
45ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/inventory-icons/ico_hat.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b593305a425c1536c88c16d2271443d42e95972f95d848cc98afef9f18301d27

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4836
etag: W/"62731484-16c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7t5XQldz1fykRWjRTm4cMRXXBnw0EaZilMPnEWBtbC4fcdXHuMBkgVezVpSKAuNyuSep%2BkQFjRHZ%2FkHsPNQyjrynuF7KjwteVoyBJ0MHwSIy1lPSrMegbiK0YcKgP8A8TKQYZJLA3qZplF4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76947e8c6b89a-AMS

GET
H2 200 ico_stamp.svg
shellshock.io/img/inventory-icons/ Frame BA6D 572 B
743 B 50ms
41ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/inventory-icons/ico_stamp.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a119ae002eba961d35c7d12546c37e8fd359d78ef7c36c1ac2bad7834f74f6df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4836
etag: W/"62731484-23c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2914yJ6OJUWV%2Fq5wM60Gd46EEQSbfvWIGVqt3Lx4rJgWb%2FfKgXTgdL6en9slfoD%2BYx%2FqztPxZ2wZdJVO9kmg97bK7NQT51yvTkaeiv55b%2F%2Fjk0%2FaNN0q93j%2FVDRO3RkQk%2BNSxdzqMn4Bsqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76947e8c7b89a-AMS

GET
H2 200 ico_specialItem.svg
shellshock.io/img/inventory-icons/ Frame BA6D 427 B
569 B 50ms
41ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/inventory-icons/ico_specialItem.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be7398aed4075b695ea2458faa126f56d46d9f4cd217abfb3dfbea890cbfdabc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4835
etag: W/"62731484-1ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxipAclq%2Bk7Q7WIz9QcKRtM53RhoOkoc9CZOmcwc90GI9hWxATK5A1Aia1hWmluz9BzaUAuQKo3sSKeB4KO3PvUIKy%2BBh334%2BzMr08iv6fJ3x1okNOe8%2BdrbFEoyjr%2FOwxVeAYUBms%2FO5Ts%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76947e8cab89a-AMS

GET
H2 200 ico_chickenBadge.png
shellshock.io/img/ Frame BA6D 6 KB
7 KB 58ms
49ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_chickenBadge.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b87b04c9eb97bb2d5fe49b24c9584f7e22c24422a11f00668a37a166efc91d2f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:21 GMT
server: cloudflare
age: 4835
etag: "62731485-1942"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=miP0b7SzJU%2B%2FJ1GHU0z8pEBBUAwUTNJ0P0J%2FxuHy%2Bl%2BCLvfopcoJyXlwiNS7%2FW6f4zgMYrpXo%2BTLj6s9BHBTYy5tuLI2KLneNZ4SQkMossgVvGBo27ocqE3yjU6q2kLM6pPEpX9E1tTPRx0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76947e8cbb89a-AMS
content-length: 6466

GET
H2 200 ico_grenadeEmpty.png
shellshock.io/img/ Frame BA6D 5 KB
5 KB 49ms
40ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_grenadeEmpty.png?v=1
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 833512d7323dfa598388f61ca00aa0a907c744c80490337f17407313d49fd001

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:22 GMT
server: cloudflare
age: 4835
etag: "62731486-1340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2B6qrGfKn1t%2BbUovnPVENBqFJ0V55U%2FQ1jHuUFQ3e3p7%2BockHgsAOgKP%2BO329EVExsqESj%2FOsyQNtfU3wdUn%2BEMqEAmyjnjMTHDYHglObal7ZssxS4Jpws77wxYSInJSp0BBF1ccjYwMqOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76947e8cdb89a-AMS
content-length: 4928

GET
H2 200 hardBoiledEmpty.png
shellshock.io/img/ Frame BA6D 4 KB
5 KB 56ms
48ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/hardBoiledEmpty.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4d021284a3c9a0aa722c49db61768a76df22a12772567e4debe0c2410a89fa9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:22 GMT
server: cloudflare
age: 4836
etag: "62731486-10f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5KueyWECsLmDiBPp0QZTn9M6EyZHnXvaTfww%2BtsJsqND96Xchwu6HxUkFiF4B8NoHB7XoP0gz%2Btbf9r8yjtZkGW8OX2FKVOcPuQhM%2Fp0fF6S%2FlnkY7LO6GwQVvDXwZt5jZjdg%2FZui8gMg0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76947e8d0b89a-AMS
content-length: 4344

GET
H2 200 hardBoiledFilled.png
shellshock.io/img/ Frame BA6D 4 KB
4 KB 52ms
44ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/hardBoiledFilled.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a7a4d3334819d42546afef980db7d5fb63231ebe93969fad0f2d76ee9bc9951

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:22 GMT
server: cloudflare
age: 4835
etag: "62731486-100f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VE3dVt8G75ptuxllU98gVP0CvY3aGt9zxGpDLnZxNdzkUq%2BWFtL4IAICZnON7LJ8i%2FlvmtBUTiPOEL9pKjTgdK1yikMyutQa03nA9Y%2B41OIr8xYkezMgUIzavGB%2BuebCNFVyScJQo4PUWhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76947e8d1b89a-AMS
content-length: 4111

GET
H2 200 ico_eggBreaker.png
shellshock.io/img/ Frame BA6D 32 KB
32 KB 56ms
48ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_eggBreaker.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7748c982c0a1b855637f9751d39be5e51194d6c635ffd17666929adbe2c6fa20

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:21 GMT
server: cloudflare
age: 4835
etag: "62731485-7e04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEmczeAlvarVogMR0YcGwgMbitlg4V%2BkFovuI0B0gUs8WUCR468GxlpOzT2MnFX%2FhDxriglfXuIJFxzdnYiWlmpfVmQnMlep%2FtjuV6OUK7m3R6Y%2BTWAtjLQK23BQa6HwPo%2FAv6d4pKEqxPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76947e8d2b89a-AMS
content-length: 32260

GET
H2 200 spatulaIcon.png
shellshock.io/img/ Frame BA6D 19 KB
19 KB 52ms
44ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/spatulaIcon.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f47ecaa3aa4df505f824ac81a03f970675d8e39b38134187c5d1b5402af9cd4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:28 GMT
server: cloudflare
age: 4835
etag: "6273148c-4bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guRG4nQuGLY1hvtLD2rqyzAxogsfP35xmUatcK0JOIoktULbIRCCJWqN%2BIhChqTj47RWB29V7uRNt%2BxMsnmRTM%2BFElKU4U%2Fm%2BI56JvR78D2pHv%2FfghZbhhIjeV%2F%2BPnxk%2BaolcJ6uK1ds16g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76947e8d5b89a-AMS
content-length: 19392

GET
H2 200 egg_pack_small.png
shellshock.io/img/ Frame BA6D 31 KB
32 KB 53ms
45ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/egg_pack_small.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c07d109d2618b2a12c1d5e2bace1a9d974b32bbd852a5f09fdf5f146a713ded4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:21 GMT
server: cloudflare
age: 4836
etag: "62731485-7d44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRjOgbgY%2BkL5P1RZPZtus%2B2HBwqpM9wIoUSatAc918LqYQLM1h4%2BNiNGAekscetpA7PFHqM0FuPA4eYfDogs8EuZkB9dm6PJjf62AoP1CzXqFVMdMkQUqCzxkhRPcO2XksbTX5BsScdJWzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76947e8d6b89a-AMS
content-length: 32068

GET
H2 200 ico_keyboard.svg
shellshock.io/img/ Frame BA6D 1 KB
611 B 54ms
46ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_keyboard.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d9751aa51126a5018b63433052703ef3e228c5f713b34ef46cd3310c1f0d736

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4835
etag: W/"62731484-5a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ft5CVvzPs4kzQ2Y8mVhnqdidLxgz2BjzBBUKwcGBLL6DVBwfcQxZ9eXThJ7KF2ZVrup50tZh3vN7W5bBPfAOEQn0iJz8Aqi9O5nPiuU1ftglQ5NKCHV96%2FWfzOHKDS2m0DXIXlrjKj7JRBY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76947e8d7b89a-AMS

GET
H2 200 ico_mouse.svg
shellshock.io/img/ Frame BA6D 723 B
888 B 58ms
51ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_mouse.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c1ec3a17b70fd364702b74bc20cba6bc9f9ccdb89a87c75828f5bddf65f18d5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4836
etag: W/"62731484-2d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6mvZaU4vcgXBpP75cK2wmOJG2f6qYt%2B67Vuzr8pZm006e48dReHPrHaMUDuP67nGPvAiKqaTE45rGrlNefjs9oLGyuKDOyWH8VcMmvgQpl7Z4x%2FvS%2FZTWVt%2Bp1EHKvZtRVBpMv%2FG%2FdBLeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76947e8d8b89a-AMS

GET
H2 200 ico_gamepad.svg
shellshock.io/img/ Frame BA6D 2 KB
1 KB 53ms
46ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_gamepad.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d0ddf66aa6bd54b388f0283cc65ba224d660af6f92525e47bb74a35813ab43e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4835
etag: W/"62731484-80c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1x4C%2F0jNLATmTDrH21Ok7rfxZfr0wLw5nc5rbBMGr8%2BwAskKJxQaPOeAD448jWSB%2BSfp3IcyYaX2lhte8NJvd1zmZez5YqNuvbYDLD%2FfevHI%2FwJTEzOrSgHfCXVaD0YOwUD5HCG%2F8TwQnv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76947e8dab89a-AMS

GET
H2 200 ico_monitor.svg
shellshock.io/img/ Frame BA6D 598 B
759 B 79ms
72ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_monitor.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe964bd56c9b38868eb7572a38984a4e358d96bdab15a87b6be1bfe4f2a9d43

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4835
etag: W/"62731484-256"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jx1M0rlqJ8sXIUsLI23pmZrwTf7Qjm47Qt9XSGWx%2Bf2rhSVqByBObo8Gca84wgS92xiUefSxAdRszEqWbfKUXUCNolDrbvRhnNoCBD2JenhvPMI%2FMES849Y%2B0qoCgv6dmzkZWr7Cm76JRmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769480915b89a-AMS

GET
H2 200 ico_speaker.svg
shellshock.io/img/ Frame BA6D 1 KB
1 KB 65ms
59ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_speaker.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b4fd36123c14417d71cbc5521b24e45cb4cd06069695f807a8e56f49c1f1379

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4835
etag: W/"62731484-57b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZLyLENVaNBvd9jr6%2FaA%2FUL8aQCu3JQFdx5HIGEXTl4wzThi3tqy8PTaMS28xoq2PHmuqfSFldVHytpNsefxvzR6nogruypZ44uuZLWlq513kP0avZl5MPpotDm683EZz%2FWdrgMe%2BlbK%2FOE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769480916b89a-AMS

GET
H2 200 ico_privacy.svg
shellshock.io/img/ Frame BA6D 1 KB
1013 B 79ms
72ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_privacy.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25cb52e9f970e689a29564b8727a93e10c31a723f707221a08e2bc343b450bc1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4835
etag: W/"62731484-4fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBqVB%2FygZapSEWz%2FF05pWIOpHpBJt3udZKI4NBcPXkEHK9K3QVp76n03Y1X%2B8w%2FrnkcUXp%2BaCCorhmIB0uoWwtozeT81GdOFH%2Bh%2FrW9X1li10FVSH8Y2urbX2aTPLKIhSR6eq6vSrgTmJyk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769480919b89a-AMS

GET
H2 200 very-important-poultry.png
shellshock.io/img/vip-club/ Frame BA6D 4 KB
5 KB 68ms
61ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/vip-club/very-important-poultry.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 794e2e3d154a35b23045dc4a054775cff072da54289cc5d8f9ab9048c04bf939

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:31 GMT
server: cloudflare
age: 4835
etag: "6273148f-10ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=se1pcyuKVaWK%2BBD2%2Fzezb8LkS%2Fqi7NliI6ubosaHDFsuqd%2BP8EhqyPaSz3Oj7l7BFWkshkHNzugd0aWs163yXSfx4cpVXW1RM1yXxhPYEaePRhoj7gIl17OcLaBS4rINH4r3o8CGNSPtzfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76948091ab89a-AMS
content-length: 4302

GET
H2 200 vip-club-popup-emblem.png
shellshock.io/img/vip-club/ Frame BA6D 12 KB
12 KB 80ms
73ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/vip-club/vip-club-popup-emblem.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b2e2c077d8eed77b8721414493cf1d515d2ab6167f29021fb7daf88f78471e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:31 GMT
server: cloudflare
age: 4835
etag: "6273148f-2e60"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPTxInLnlTOonvkb3ym9B1oBMhh1AE58GSnKwI6NCOloGyIoKc7LmLDkusA%2BSiZBiigGs%2BUMEhzL6qF%2BiDhGbkSl0Uwy%2FMIhfxfEyCGkk%2FQKk2Hl68qdIVwCOXU%2F%2BqNPBiw25Nvf9fFqPao%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76948091bb89a-AMS
content-length: 11872

GET
H2 200 rickroll.gif
shellshock.io/img/ Frame BA6D 2 MB
2 MB 78ms
72ms Image
image/gif 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/rickroll.gif
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1ab144efb12def335355d06e7da59e797903ff70478f61102b4f7c41ca49f9b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:26 GMT
server: cloudflare
age: 4861
etag: "6273148a-22b59d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8bN5FFHRAYUJmms78nVAV1x9axQkwXXyCX%2BdtHSLTpUINxb6IWaW7fRSm759eleDNSu4eUnrsGklBZ6rQRsTseHYgPKlOd3qs3B9zwaSfSYQSStQ6n%2BPpX6FDaVkC%2Fw3tFUKVAgicnWupQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76948091cb89a-AMS
content-length: 2274717

GET
H2 200 eggOrg_timeTravel_splash800x600-min.png
shellshock.io/img/egg-org/ Frame BA6D 215 KB
215 KB 68ms
62ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/egg-org/eggOrg_timeTravel_splash800x600-min.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a9064f74f737966bf0fb51493c888362ecd57089e100798b6c6f3f6ac5e3873

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:21 GMT
server: cloudflare
age: 4835
etag: "62731485-35bb5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tf6TAPWx4IsTkR4o3PKAH1uy5mID0%2BIfJdN80uNxru0ovFKPuffF3M0XdblwAtWsWLVQb%2Bf1EUEflEKqefRwpB6KqsHOJsVr7lJ7ER9tNfFPfWstF6fV9xDXf323YA1nWf6AsnxdmVMBsp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76948091fb89a-AMS
content-length: 220085

GET
H2 200 Egg00.svg
shellshock.io/img/incentivized-mini-game/svg/ Frame BA6D 2 KB
1 KB 80ms
74ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/incentivized-mini-game/svg/Egg00.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2d8a41675755d939804e3e363decdb7277191065873eee7ffaae995d9bd0e96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4835
etag: W/"62731484-7d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIbOTGacKk4E0hxVC3CXHjD%2FZZrksP8rKAS5HxTAYOzqWmb97h5hYX96h8NhSB6iu6uwuXaN5CW1fWCOb%2BB7%2BnPR93V%2BNaN2OMvedOMkpKP3L1%2FHKpeJOqRKwwlmM6eNNze84qDTyUUkA%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769480920b89a-AMS

GET
H2 200 favicon192.png
shellshock.io/ Frame BA6D 15 KB
15 KB 77ms
71ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/favicon192.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6be857b91742850113f3609e1c7b445f52b2eefad82f51a45eee5f29e159381

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:21 GMT
server: cloudflare
age: 4835
etag: "62731485-3bf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1ijuBtHgetCEe%2F%2FqHu2NjnAEAtifeqnky%2FM7kD5ZOqYo8%2Bpn0c8fsgoNTA6X3AtwwejYeLko4waKohiE2qUgB7LtHE02Kpl9DnJBJqVtTdNx2s7hEDtGxnalRtFfp4l1GjA8hB45zLLx1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769480921b89a-AMS
content-length: 15352

GET
H2 200 shellshockers-unite-lg.png
shellshock.io/img/ Frame BA6D 564 KB
565 KB 78ms
73ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/shellshockers-unite-lg.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c21c94b172942d124a1633b6410fc7c946878918276cf0d9dcb313e964ec477

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:26 GMT
server: cloudflare
age: 4861
etag: "6273148a-8d045"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eni1Yr06u9idnnbv0qRyBPDiEEFHjILiFf6JQLD611i8VxpPFbbkDmLzzanDM0snUrWndfwRRP8fAvphvwtWp5thfqM%2BR3ylu9q9hHeNabZt2cWOR5fI0z41ZXjaP3x%2FsflZ3erP4K1JAws%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769480922b89a-AMS
content-length: 577605

GET
H2 200 shell-mobile-popup-bg-qr.png
shellshock.io/img/mobile/ Frame BA6D 209 KB
210 KB 74ms
68ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/mobile/shell-mobile-popup-bg-qr.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2da8f037b239fcfe6532afc5b1715fd2bbd8258133c16913e7534e95033a75ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:23 GMT
server: cloudflare
age: 4835
etag: "62731487-3458f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7bT8YeIo5srHfLVpPxT0xvcJUr%2FZU7etLQx3IJHu2icCoqbk8c1uRpqSwjBkB7W3GC%2BMRFyVO%2FjkaHHjzHOWLuaeIuzsuO5AvSCT2pe7duh4bhqbDI%2B4HYu7GqZ5LcaEY%2B%2FtPKZSpqW9rI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769480924b89a-AMS
content-length: 214415

GET
H2 200 kotc-wordmark.svg
shellshock.io/img/kotc/ Frame BA6D 42 KB
15 KB 78ms
74ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/kotc/kotc-wordmark.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e20387329d37cd605e35c3513e9025cc8a029c24321b1f2946837bb101c2654

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4835
etag: W/"62731484-a802"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilnxJYOqws36oW8Fd6RlkQ0jvO2M%2Bbc5g3yQ7z0NGJxDZXyy3ZDGxJSLsBmSwozGPyvfaU4vGVBr%2F27828nJz0H%2BTsU15Ykq50O7TfulyX3TgwTVj2%2B69HZQQTzxizYD215MUSXAyZtrgjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769480925b89a-AMS

GET
H2 200 kotc-arrow.svg
shellshock.io/img/kotc/ Frame BA6D 2 KB
1 KB 79ms
75ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/kotc/kotc-arrow.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72a928b4ea4c4e420dfd86e2c1c03608f6ecd18e5ce7c495d3d44e5228db3b19

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4835
etag: W/"62731484-89b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67TrcrYL50rxqN1VJGnMrFRHg3ZtetunpNjeQhLzk7Ns2FpKRtVGEjA8UyUqwX9uTfs5lSrZoKCPoK1%2Bj2Og5Iu4726bwdK9mWrTOBbW5vZA2ciAi8w%2FNapOdsUMsz3DJ3Z4WNc4nij6JoA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769480927b89a-AMS

GET
H2 200 kotc-rooster.svg
shellshock.io/img/kotc/ Frame BA6D 36 KB
16 KB 78ms
74ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/kotc/kotc-rooster.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0da93c421ca12d7c35660be31634b957c0985b922d6922ab8c85ce9382e0a885

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4835
etag: W/"62731484-9183"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOBV4eTJx3wvwh%2FrocRKCddPKzcFEm%2F%2BrsZpoIhHg1tbvHHSmg9vdV3n%2Bh2suy39Fp4Ew4Tr38cpsWoBAkkjTYKzOSFSmYVotFaF%2BxS%2FpNuFuPzAKlP9Xm5QoAkyI8fis32vNf6Vz2bTpp8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769480929b89a-AMS

GET
H2 200 kotc-crown.svg
shellshock.io/img/kotc/ Frame BA6D 759 B
746 B 76ms
73ms Image
image/svg+xml 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/kotc/kotc-crown.svg
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0746d96fa606597d2e7152e2df6f261b4792fa59239a78bb15782779b66ebe9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
age: 4836
etag: W/"62731484-2f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FkXyc1oIBU8MSrIVmNQOcG9B6JGpN2%2BYaKhiLA0pR8KIiKtN1p1qe%2FUfZu3NSn1SeishxZheSNvaOQQfgaN2F2QR6ev88yuOfANzRHCZlGRMdscUd1JbSlOLKj37dNm2VcVySOFdjq0NVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76948092ab89a-AMS

GET
H2 200 scavenger-800x600.png
shellshock.io/img/ Frame BA6D 203 KB
204 KB 76ms
73ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/scavenger-800x600.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c2205593272633bfa6b25210a30b78e85a535f08ae47133968b9b53d4dd0af6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 25 Aug 2022 22:27:28 GMT
server: cloudflare
age: 4835
etag: "6307f750-32c30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caKykiA8FvMed%2BRC5deqEV%2F11y8eHOewsvrI%2FmRwYh4pCd1SbEEQLSZVr%2BK4PMeRIcb8v%2FnBiUMJJi5o%2FoG%2F3WSQ93nIgCUmB4d0DQPSWyud0P2iUEJcCtCf675m6aC3X%2B4qmJXKWWmfdT0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76948092bb89a-AMS
content-length: 207920

GET
H2 200 ico_nav_shop.png
shellshock.io/img/ Frame BA6D 687 B
986 B 38ms
37ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_nav_shop.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2afdcb7f2c62411bbe83d5dbafecf12ab1d9d0898f9b09080fbb2b1afcde4996

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:22 GMT
server: cloudflare
age: 4810
etag: "62731486-2af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxlz7e184FotZ25yxoHzi7%2BxMQ5hUdw8fJ2ljvrdEqko6su8H4gTHU8%2BxjOK41vd7MIZ1Hmo0BscUZsUaB2A7aiqJ4wu7sE%2FuOYHybqyUZXPqPuEaU22xh2%2FtZTo1wkySEdS6vmCefmTkok%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76948bad1b89a-AMS
content-length: 687

GET
H2 200 ico_nav_settings.png
shellshock.io/img/ Frame BA6D 897 B
1 KB 35ms
34ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_nav_settings.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f552c5f6fcd910d7280d3a6e7261e2ff52092fbc416f7ca33610e2f9664b653

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:22 GMT
server: cloudflare
age: 4811
etag: "62731486-381"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSxu1DJNKNydxfO2jrpjtar77mrjbnfLSIp2scyDO5sth0Oes97QfCCLpCcApUZwWRRkTauA9HN0KhaR0hQs3w1AUuBFTWoqFnu2m46ZyYqS%2BqVto6AbUCgG8pZUyhQLfm4pX%2FFko2BihbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76948bad3b89a-AMS
content-length: 897

GET
H2 200 ico_nav_fullscreen.png
shellshock.io/img/ Frame BA6D 357 B
674 B 36ms
35ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/ico_nav_fullscreen.png
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0d6472a76c94c4fdcbc5d92ed303749e48123f4873b4a6cee51c60204716803

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 00:04:22 GMT
server: cloudflare
age: 4811
etag: "62731486-165"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIu7eJeUprzR9buYxyVuximBLRojLrxTjdMWsvKTNM61H8Ur%2FWJGi%2B%2F%2Be9ZatNXiNn012sPqYk88w4Ys3Iz14%2BfJ7N6e2raZXC4K%2FIjSTILP6Nd%2B2L3M%2B0aNm7mXG%2Bhi63kafGivXyvqWM4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76948bad6b89a-AMS
content-length: 357

GET
H2 200 stamps.png
shellshock.io/img/ Frame BA6D 3 MB
3 MB 44ms
44ms Image
image/png 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shellshock.io/img/stamps.png?v=0.42.18
Requested by: Host: shellshock.io
URL: https://shellshock.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60fe7e4aac4eb940fd301c6d3e406e1d20393303a2325796e955df5668fc483a

Request headers

Referer: https://shellshock.io/
Origin: https://shellshock.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Mon, 29 Aug 2022 19:15:44 GMT
server: cloudflare
age: 3717
etag: "630d1060-37e5c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FbmKWh%2F14afOHblXZLHZKhz73Yz0u4HajeeKPeEuXDMLb77dWqaI9aRjZQ4dlqZB%2FigGInpWlpCkv4bTLoY783RRUeC%2BP3MF2rOk%2B1nQD1c3FWLZAbDGOzAUv9hLaepgcbgM4DJoy4Kmew%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a76948badab89a-AMS
content-length: 3663296

GET
H3 200 446896919250308 Show response
connect.facebook.net/signals/config/ Frame BA6D 293 KB
84 KB 35ms
35ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/446896919250308?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b2fb7dfc486ca9dc61d1b6bba5a3838bf49c0cb476aa8ebd3f91ed6764975e2d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86315
x-xss-protection: 0
pragma: public
x-fb-debug: rDxd+e0Bldq/SpEAd1BvkX+rAUmCAzapfbETYssg2BFP30mTTwPF+OxK+RDc6yDeCpSrJUDXsuLYAndn+4BSMg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 07:29:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame BA6D 44 B
297 B 106ms
35ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=771186996377132&ev=PageView&dl=https%3A%2F%2Fshellshock.io%2F&rl=https%3A%2F%2Fshell-shockers.co%2F&if=true&ts=1663140563408&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&it=1663140562233&coo=false&rqm=GET

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 14 Sep 2022 07:29:23 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame BA6D 4 B
440 B 118ms
47ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-105800112-1&cid=895818811.1663140563&jid=495513622&gjid=2075010868&_gid=1725351769.1663140563&_u=IEBAAEAAAAAAAC~&z=1430211686

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shellshock.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 14 Sep 2022 07:29:23 GMT
content-type: text/plain
access-control-allow-origin: https://shellshock.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame D85D 4 KB
636 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 06:17:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 07:29:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 07:29:23 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D85D 205 B
229 B 61ms
61ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 03:26:17 GMT
x-content-type-options: nosniff
age: 14586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Sep 2023 03:26:17 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D85D 604 B
628 B 62ms
61ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 04:20:03 GMT
x-content-type-options: nosniff
age: 11360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Sep 2023 04:20:03 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/ Frame D85D 19 KB
8 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2444b20b28c18d89accf5ab8a6dfa4698fa053aaf043abcce252588c2ce45528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8199
x-xss-protection: 0
server: cafe
etag: 4999025364649203088
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:22:01 GMT

GET
H3 200 0cf29303bb18303a156bc2ce1c098e89.js Show response
www.gstatic.com/mysidia/ Frame FCA5 10 KB
4 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0cf29303bb18303a156bc2ce1c098e89.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a89baeeddf42182b6b6847f1ad6f45d2c81457c4970ed9baec3be9e44d84fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4398
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 15:06:41 GMT

GET
H3 200 02632b5986d153635495a6e5331c83d6.js Show response
www.gstatic.com/mysidia/ Frame FCA5 10 KB
4 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/02632b5986d153635495a6e5331c83d6.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c76f9b25bafc531d4218b90bd300b95cc09216ef4e28b181b190d347e4dd1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4445
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 15:06:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FCA5 8 KB
893 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 06:15:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 07:29:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 07:29:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame FCA5 2 KB
902 B 35ms
34ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:21:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame FCA5 23 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 8244505166375133744
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:24:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame FCA5 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 06:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 06:48:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame FCA5 17 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7572
x-xss-protection: 0
server: cafe
etag: 3190241002381566568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:24:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FCA5 142 KB
44 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 07:29:23 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame FCA5 33 KB
13 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 06:07:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 06:07:33 GMT

GET
DATA 200
OK truncated
/ Frame 2A3C 83 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e856f0a3b4b2fcaed2bfd758bc753c8867846db5c8f667ff55ce1bb273b3c0e9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 2A3C 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d57ce7a1a3c7ea61cf89aad0eecc60e7b9ab674591fcb828c91972f0682b58f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2A3C 18 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1e6765f526b661dacbc56128b424a3e92602299dc151c714aa72d3a913cac02

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
region1.analytics.google.com/g/ Frame BA6D 0
345 B 102ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-79NWRZXYCB&gtm=2oe9c0&_p=2085741407&_gaz=1&cid=895818811.1663140563&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663140563&sct=1&seg=0&dl=https%3A%2F%2Fshellshock.io%2F&dr=https%3A%2F%2Fshell-shockers.co%2F&dt=Shell%20Shockers%20%7C%20geometry.monster&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-79NWRZXYCB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shellshock.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ Frame BA6D 0
17 B 104ms
36ms Ping
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-79NWRZXYCB&cid=895818811.1663140563&gtm=2oe9c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-79NWRZXYCB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shellshock.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ Frame BA6D 42 B
501 B 170ms
66ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-79NWRZXYCB&cid=895818811.1663140563&gtm=2oe9c0&aip=1&z=363581515

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4792 28 KB
28 KB 61ms
61ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 600279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 08:44:44 GMT

GET
H2 200 modules.448392d04fd1e15c100a.js Show response
script.hotjar.com/ Frame BA6D 251 KB
65 KB 121ms
42ms Script
application/javascript 99.86.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.448392d04fd1e15c100a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1519513.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-6.fra6.r.cloudfront.net

Software

Resource Hash

f71d619eeb07bc673c2492806d833f46a861d4ca81e84acb4553898fd4e3f0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 10:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 592276
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
content-length: 65486
access-control-allow-origin: *
last-modified: Wed, 07 Sep 2022 10:57:54 GMT
etag: "dda0289b22368ab84a40f8dab68ddb9e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: n0yeuarspwE8Z9AwxqP72UGdDJPuuyE1eAptrJ-aUK0w6EcMsr1ooA==

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/662950613/ Frame BA6D 2 KB
1 KB 131ms
57ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/662950613/?random=1663140563678&cv=9&fst=1663140563678&num=1&value=0&label=u82gCJTLqdcBENWlj7wC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fshellshock.io%2F&ref=https%3A%2F%2Fshell-shockers.co%2F&tiba=Shell%20Shockers%20%7C%20geometry.monster&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a6762c54113b3fcd3c25e711460d4904e9a20a0c6a302895f75fb958753654f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1214
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CA0 36 KB
16 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

147a52855d66c4aefebc40e069b591c7517fd42fec5d53a3ad423af94cd5dac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 05:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16022
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 05:38:16 GMT

GET
H3 200 FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js Show response
pagead2.googlesyndication.com/bg/ Frame F138 36 KB
16 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=600&slotname=5233886905&adk=3253435140&adf=779800344&pi=t.ma~as.5233886905&w=160&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560763&bpp=1&bdt=565&idt=276&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1435&ady=475&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mDnzpqWhIC&p=https%3A//shell-shockers.co&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

147a52855d66c4aefebc40e069b591c7517fd42fec5d53a3ad423af94cd5dac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 05:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16022
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 05:38:16 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ Frame BA6D 42 B
272 B 151ms
59ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-105800112-1&cid=895818811.1663140563&jid=495513622&_u=IEBAAEAAAAAAAC~&z=1698380439

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ Frame BA6D 42 B
107 B 102ms
66ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-105800112-1&cid=895818811.1663140563&jid=495513622&_u=IEBAAEAAAAAAAC~&z=1698380439

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C14A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
53ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:29:23 GMT
expires: Wed, 14 Sep 2022 07:29:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:29:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame C5FD 17 KB
7 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7572
x-xss-protection: 0
server: cafe
etag: 3190241002381566568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:24:46 GMT

GET
H2 200 sounds.webm Show response
shellshock.io/sound/ Frame BA6D 2 MB
2 MB 45ms
45ms XHR
video/webm 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/sound/sounds.webm?0.42.18
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cd384d5fc77aa0e9b309573f7c5bcb7b557eaa398a19ab6440abc6085a45abd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
cf-cache-status: HIT
last-modified: Thu, 25 Aug 2022 22:27:28 GMT
server: cloudflare
age: 4860
etag: "6307f750-21f6a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqVDFhPT1VX9LHai5mYv%2FIG9ADno9OWRDrkNTpnZ5vtvrk3H5pIqg7RiroPyPNgWYA9X%2FJgxUWje58l9HipEvwagy6hTxVeIVy60l1fGSMYh6Buj49VW0YK%2FDFRrntIa01eZnzkCNI7icW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/webm
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a7694b8877b89a-AMS
content-length: 2225830

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E20D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
54ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4658181883112071&output=html&h=280&slotname=2589404083&adk=1816309423&adf=2596807228&pi=t.ma~as.2589404083&w=1000&fwrn=4&fwrnh=100&lmt=1663140561&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fshell-shockers.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663140560764&bpp=2&bdt=566&idt=280&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C160x600%2C160x600&nras=1&correlator=5820490533469&frm=20&pv=1&ga_vid=648878179.1663140561&ga_sid=1663140561&ga_hid=806162299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C21065724&oid=2&pvsid=1068973143116937&tmod=246078357&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=C28l4YR4Np&p=https%3A//shell-shockers.co&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:29:23 GMT
expires: Wed, 14 Sep 2022 07:29:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:29:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 95CE 2 KB
1 KB 121ms
33ms Document
text/html 18.66.147.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1519513.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-62.fra60.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://shellshock.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 598336
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-cf-id: nZdGKv3ru87VCth0bfFAAZygDQKcZwpm55md-5OKWNZcj81GLVQwEA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3 200 css
fonts.googleapis.com/ Frame 7EF5 8 KB
893 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 06:14:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 07:29:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 07:29:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 7EF5 2 KB
902 B 34ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:21:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame 7EF5 23 KB
9 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 8244505166375133744
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:24:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 7EF5 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 06:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 06:48:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 7EF5 17 KB
7 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7572
x-xss-protection: 0
server: cafe
etag: 3190241002381566568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 07:24:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7EF5 142 KB
44 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 07:29:23 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 7EF5 33 KB
13 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 06:07:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 06:07:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FCA5 0
0 83ms
79ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_Dda0YIhY5beB4CI9fgP0uOU6Af7vsiUbMKSocyfD6Dpu8H0ChABII-q_SVgkYSghYwYoAHbtY_GKMgBAagDAcgDwwSqBM8BT9AeSRv3CEGgcNo0ylk69GQ3fINn2VKRHIRbLnTXDh5CdtJLkNiJT1iq6gH3VYUScEBRUykUcTp-6CVnHU0JaJl4Fw9x4uB_lwhgHtAJ6uE9iiAEcmgVY2g2VVgHf71xL71T67vR8bbMUGIJZqhhEJ1yhvd_HhNxSohAKUjjVtvodPe5GFdZ34ecOZTz43hrVD_Z5Sathg4U1TUUDw_WVcVYpHAuj1obSsyUvmDDEuou2YN66SCQCUJRkTp0tza7wloaz3hjMYs3t4vfFUCswATg3976jwSSBQQIBBgBkgUECAUYBKAGZoAH2-3fpQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDxvR7SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUDdAVAYAXAbIXHAoaCAASFHB1Yi00NjU4MTgxODgzMTEyMDcxGAA&sigh=v480h-0rpbY&uach_m=[UACH]&cid=CAQSGwCsnQUx33QLKPbkYlKjL7M3sZHIpfQuGb_1DhgBIA4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 14 Sep 2022 07:29:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1CDC 143 B
163 B 39ms
32ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1078
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 07:11:26 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FCA5 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34b26411b24e4add9f34c56b65d0c95ee76341b61b2174738da5e26c858f0bc6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 /
www.facebook.com/tr/ Frame BA6D 44 B
91 B 72ms
35ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=446896919250308&ev=PageView&dl=https%3A%2F%2Fshellshock.io%2F&rl=https%3A%2F%2Fshell-shockers.co%2F&if=true&ts=1663140564368&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%222582973591989166%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22912958489079654%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&it=1663140562233&coo=false&rqm=GET

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 14 Sep 2022 07:29:24 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame BA6D 44 B
88 B 72ms
35ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=771186996377132&ev=Microdata&dl=https%3A%2F%2Fshellshock.io%2F&rl=https%3A%2F%2Fshell-shockers.co%2F&if=true&ts=1663140564369&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Shell%20Shockers%20%7C%20geometry.monster%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.shellshock.io%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%3Awidth%22%3A%221000%22%2C%22og%3Aimage%3Aheight%22%3A%22500%22%2C%22og%3Aimage%22%3A%5B%22https%3A%2F%2Fwww.shellshock.io%2Fimg%2FpreviewImage_shellShockers.jpg%22%2C%22https%3A%2F%2Fwww.shellshock.io%2Fimg%2FpreviewImage_shellShockers.jpg%22%5D%2C%22og%3Atitle%22%3A%22Shell%20Shockers%20%7C%20by%20Blue%20Wizard%20Digital%22%2C%22og%3Adescription%22%3A%22The%20OFFICIAL%20home%20of%20Shell%20Shockers%2C%20the%20world%27s%20most%20advanced%20egg-based%20multiplayer%20shooter!%20It%27s%20like%20your%20favorite%20battlefield%20game%2C%20but...with%20eggs.%20URL%20Blocked%3F%20Try%20geometry.monster%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.79&r=stable&ec=1&o=30&it=1663140562233&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 14 Sep 2022 07:29:24 GMT

GET
H3 200 FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A3C 36 KB
16 KB 41ms
33ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

147a52855d66c4aefebc40e069b591c7517fd42fec5d53a3ad423af94cd5dac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 05:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16022
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 05:38:16 GMT

GET
H3

200

/
www.google.nl/pagead/1p-conversion/662950613/ Frame BA6D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/662950613/?random=214093516&cv=9&fst=1663140563678&num=1&value=0&label=u82gCJTLqdcBENWlj7wC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/662950613/?random=214093516&cv=9&fst=1663140563678&num=1&value=0&label=u82gCJTLqdcBENWlj7wC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.nl/pagead/1p-conversion/662950613/?random=214093516&cv=9&fst=1663140563678&num=1&value=0&label=u82gCJTLqdcBENWlj7wC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...

42 B
64 B

121ms
52ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-conversion/662950613/?random=214093516&cv=9&fst=1663140563678&num=1&value=0&label=u82gCJTLqdcBENWlj7wC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fshellshock.io%2F&ref=https%3A%2F%2Fshell-shockers.co%2F&tiba=Shell%20Shockers%20%7C%20geometry.monster&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=04IhY7rgL9qF9fgPqr-T-Ac&cid=CAQSKQCsnQUxQQUQ0PmH2YN8lsqwCjG-tmFmuC7K2XGwlgJYn1WV24FC6YS3&eitems=ChAI8PeFmQYQju_No6WFiPRTEh0AYyfw4YOU3rlHJ9XsbZ-zFjEuKRbAvTa621D5og&random=1194304528&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.nl/pagead/1p-conversion/662950613/?random=214093516&cv=9&fst=1663140563678&num=1&value=0&label=u82gCJTLqdcBENWlj7wC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fshellshock.io%2F&ref=https%3A%2F%2Fshell-shockers.co%2F&tiba=Shell%20Shockers%20%7C%20geometry.monster&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=04IhY7rgL9qF9fgPqr-T-Ac&cid=CAQSKQCsnQUxQQUQ0PmH2YN8lsqwCjG-tmFmuC7K2XGwlgJYn1WV24FC6YS3&eitems=ChAI8PeFmQYQju_No6WFiPRTEh0AYyfw4YOU3rlHJ9XsbZ-zFjEuKRbAvTa621D5og&random=1194304528&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C5FD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d0fd11ae868cbd325785519cb46310a8205a7236aa6c953ba40235e58703d6e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8C7A 143 B
163 B 33ms
32ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1078
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 07:11:26 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A3BE 42 B
64 B 218ms
94ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskMvx2VUKcqPZrGHyrpaikLXIZAlnHxqOAoCRcF8TMWq_FvbvuK-yGHfsVAwGfb1RJfufJrSuVzIbXHy1Na2DtR9kTMm1Hs_y3o7rxvnAalRpRDLMrNzLYsetdy6f5R9UBX0kaxw&sai=AMfl-YTEVTgg5gOsHPjUHOfbu0OvNFya1mJRCogTCSp7aNMnBgDGFKLCJkdUB6QXlYxG3HHj7-YGQVc_Pvxc&sig=Cg0ArKJSzPT8fqxMzWs2EAE&id=lidar2&mcvt=1051&p=0,0,600,160&mtos=1051,1051,1051,1051,1051&tos=1051,0,0,0,0&v=20220912&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3253435140&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663140561042&rpt=2430&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F13A 42 B
64 B 219ms
96ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-iu86d9kXChRZmvqwB-ziT_EQgQsXhfBRBmiZANFWcvJ0_NDgZETlylwEjITo8T64V3cSv6Dyiuf4gGUw8iALwxzU0dKZv3lQ15xbtVIhN8eOYdRkYrYn2XZl9ENlLHx7_Gh85FENJzCgYfLSLusUFqU0KKM_TP38Wk7zwN5RAWBYKXXd9LnxMcyMBvBtG16IyiS0Xx824Vdg9Z_J9Z08hU1S2MfKJxb1z-jbBFnlB8N51gt5wmhB7ghYVBw2kChaznoWbXzXBN_bkHhFVR-eZH4Zkml_eSBVGqjZrOcPtbym_2AJ2YxBVuQOoRhtrdzg5Mo7QSyyFia-mDOYHoscEJz-tF3pwu-Be7KCyMiiTQ5X1-grqzR7vaCDZ8DXt-goxiplcE-FwkS_KgjVUhnRM_QH5VHQOC4FZhCmvPQj1JcvYi8FVHzE-fduBsUreKRSldtFZAJdx8YYri3nn8b3VfFMtpSUAAEFqYHaeqcDli-uIDBDxt_a9u6gKjG1jvzRgAHQQx8r560uJfnv3VkLYpX6KDveqS7sEQOo1m53BnRUuMfu-VHoesIWcOkmIySAlt4mMw5YcasOKqlOM0G7GXqVHspGYTIJ4f5CbZBCnKb0W_xUGPJ8oi3GLR5gPHjPr7pyLvpuZ2CxrE2uiD90tmg5NoDrNED_O-PNjyKIe3j8c1detUqq0sU78Yxq9oZOXYvDw1Nkk3jpAmo-IWBwWrH8TbUM5_PBgokXP6S8PjuZbsXX5EbWZJMT60BjGjmsnt9qSMUNSxfr0iEqHffFqUyC9pxJ-XniVnyNo-tiJAS8SQw4lQtSE6FmVCNuw86lgISDhpXIewqKj51VPgUfHmRvh57kJYY7U_VkVqZSrbNE-ERMh5iX7GmGDEGqn4Gtge3rrRPji2APWlMWBkqVnN0DIT0qmwQaYdtrGu-CvgW3OK1MURdeYjv1cAzKcYF5G2sj1ordvF-2-dXZLVk&sai=AMfl-YTAeXcCYsJVDscQd_6XLmGWo4kRL4wu0pwddjMu6ng-9k04IP5Wx7KYKwgbUAam0W9fDULxVRH6gEftmQmYYO3fwBf7eXUbsA&sig=Cg0ArKJSzK5mfWQbpITHEAE&id=lidar2&mcvt=1054&p=0,0,280,1200&mtos=1054,1054,1054,1054,1054&tos=1054,0,0,0,0&v=20220912&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3387905186&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663140561028&rpt=2412&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1CDC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
51ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:29:24 GMT
expires: Wed, 14 Sep 2022 07:29:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:29:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js Show response
pagead2.googlesyndication.com/bg/ Frame 44B1 36 KB
16 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

147a52855d66c4aefebc40e069b591c7517fd42fec5d53a3ad423af94cd5dac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 05:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16022
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 05:38:16 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4792 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgodCAEqGWJhbm5lci1sYXJnZS1sb2dvLXZhbmlsbGEKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNEBQhAAAAAKD260AwBAoNEBUhAAAAAAAALkAwBAoNEBYhAAAAAAAAGEAwBAoNEBghAAAAzczSqkAwBAoNEDIhAAAAADgz0z8wBAoNEDMhAAAAAJqZ8T8wBAoNEDQhAAAAAJqZ8T8wBAoNEDUhAAAAAJqZ8T8wBAoNEDYhAAAAAAAAREAwBAoNEDchAAAAAJqZ8T8wBAoNEDghAAAAcGYmREAwBAoNEDkhAAAAZ2YmjEAwBAoNEDohAAAAAABIjEAwBAoNEDshAAAAAABomUAwBAoNEDwhAAAAAABomUAwBAoNED0hAAAAmplpmUAwBAoNED4hAAAAAADSqkAwBAoNED8hAABAMzPSqkAwBAoNEEAhAAAAzczaqkAwBBIaQ09uNjdiTGhrX29DRll5YWhRb2RyU3dINkEiFnRleHQvdmFuaWxsYV9oaWdobGlnaHQoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2e4af17640cb32bc996b7903b1b5a7cb.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8C7A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
54ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:29:24 GMT
expires: Wed, 14 Sep 2022 07:29:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:29:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js Show response
pagead2.googlesyndication.com/bg/ Frame BF1E 36 KB
16 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js

Requested by

Host: shell-shockers.co
URL: https://shell-shockers.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

147a52855d66c4aefebc40e069b591c7517fd42fec5d53a3ad423af94cd5dac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 05:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16022
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 05:38:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C5FD 42 B
64 B 96ms
95ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfMWWVRzR-dlTfzi6LkhRojfZmuYaTAnLvdtu-7n8_KpUlIyb7p6XCJtL7RaNSBCaqAydjhdoaOJrkQA85hu7LBsVwqcOe1RDMijhbsnnbDbctUj2WdIPO9XGyuGvWgDTVhS_qng&sai=AMfl-YRC51YQPH3_B2oCsBi7wodyYLgzuYyLzN3bKPcYyhY-5ZBRbIwRTSSBqU6cdiAmW5Y2YqZiEhxeZYZb&sig=Cg0ArKJSzI_DWc2TofaAEAE&id=lidar2&mcvt=1076&p=0,0,600,160&mtos=1076,1076,1076,1076,1076&tos=1076,0,0,0,0&v=20220912&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3253435140&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663140561037&rpt=2551&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 egg.babylon.manifest Show response
shellshock.io/models/ Frame BA6D 89 B
472 B 136ms
133ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/egg.babylon.manifest?1663140564791
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90de363aefd8ac0ddd563d9ccee20d90f9688a55018983ade628f90d942d183

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:24 GMT
cf-cache-status: MISS
last-modified: Mon, 29 Aug 2022 19:15:45 GMT
server: cloudflare
etag: "630d1061-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GiTxx%2FEP%2Bgb1%2F0ws0kZ%2FvCetwIjJ%2BXu1V%2F2l6Z4ocuGclE%2BzVZTpMGR%2Bb5hmsFPFxG5GWfGb5VhA31VJSY8M1VpHUkP%2BfD7NNPo3DVzHquEICWzjgR3CsvdsDf4DMoOV1rnrrCmVddPJeFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769521d16b89a-AMS
content-length: 89

GET
H2 200 gun_eggk47.babylon.manifest Show response
shellshock.io/models/ Frame BA6D 89 B
407 B 446ms
443ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_eggk47.babylon.manifest?1663140564791
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c479fb067ff01f64c12e5e19b352db346f8659f03f79128b5a29f85b3068e6f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Aug 2022 22:11:44 GMT
server: cloudflare
etag: "62e9a120-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxRCpJfCLIsZXouQRsemre1%2BEUrJ%2FPlrUGotzcgFGNfltZl8HpWCRQPYU9XqpL2qbW4PFxlnSQbrnHP6fYQdXWvoduidsxF614eIia21QSvRInQX5GHwjFCDotbeaYhyzsbt4rLMHVAGBho%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769521d23b89a-AMS
content-length: 89

GET
H2 200 gun_csg1.babylon.manifest Show response
shellshock.io/models/ Frame BA6D 89 B
365 B 589ms
586ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_csg1.babylon.manifest?1663140564791
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0d6a78a4531ac47581f3e49ecee187155bd120a624552674fbd1472d615d14b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Aug 2022 22:11:44 GMT
server: cloudflare
etag: "62e9a120-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHN895pPD7jukegnJO3y7BlO41UK2tYMqxuBwoerwlZUM24TMJA5MvCeRPXfRVLie%2B6P4GQfv3I9WucEScgnIp0uPh1LC3Pnq5uoh6fDcI1lURlQWpLZP3RGfMFh80HB25%2BB9kGk16zb8bI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769521d24b89a-AMS
content-length: 89

GET
H2 200 gun_cluck9mm.babylon.manifest Show response
shellshock.io/models/ Frame BA6D 89 B
369 B 153ms
150ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_cluck9mm.babylon.manifest?1663140564791
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1840cc4013e6e510048ff065835a6a6effca6cf98880ff8a12211d25d44ede1f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:24 GMT
cf-cache-status: MISS
last-modified: Mon, 29 Aug 2022 19:15:45 GMT
server: cloudflare
etag: "630d1061-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bme3hfV9FpARj5C6%2BdIM8RoiUF0Z9qgeimdvoke0V%2FtT2lqCuRGLCzEWXOe%2FRTQgp95yQcw%2F9hgXoKf2yOyfb1y9iHUuuQKksAfJp8VnguI9EhkCg8WeESY8xJxLsd1Z%2FagTJ0D6YhxQYZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769521d26b89a-AMS
content-length: 89

GET
H2 200 gun_dozenGauge.babylon.manifest Show response
shellshock.io/models/ Frame BA6D 89 B
474 B 139ms
136ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_dozenGauge.babylon.manifest?1663140564792
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17e53fa0a5847025ead4e17e5ad7d3a8609b797eff520a5ce6c78f43175267a2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:24 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Aug 2022 22:11:44 GMT
server: cloudflare
etag: "62e9a120-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VA1Hzj7vKtipNX2ggTgCKqXexqHJfHOiCC9usOn8lQs%2FIr9%2B3KWorcd3phRYRZyfuNqyl%2BO4OWX6JSD4F9xtSU7JHsOqzoAnFrVdKLYWsYdFmMh4IiPmoX3Z5jyV3mn1XAneAHiN2f2UkX8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769521d27b89a-AMS
content-length: 89

GET
H2 200 gun_rpegg.babylon.manifest Show response
shellshock.io/models/ Frame BA6D 89 B
374 B 141ms
139ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_rpegg.babylon.manifest?1663140564792
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a26c10fe0fa7c56bf89669f54edfc963b58e33ba29e14933ce5070135061e87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:24 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Aug 2022 22:27:28 GMT
server: cloudflare
etag: "6307f750-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3j5BqNNHAViDou%2BajDQWbg9NnhpKRnFuOoF0Nqh7mv%2FmF6ZC%2BRsfvueNN5JaMSpwm5ZPl6TLBjcvaAUIYO8CYRrmsZ35OWtEjVSo2ckd9Um%2B5zkubzEPUU3fNgzXjSu972tZp2eZZLViPNA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769521d29b89a-AMS
content-length: 89

GET
H2 200 gun_smg.babylon.manifest Show response
shellshock.io/models/ Frame BA6D 89 B
370 B 143ms
141ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_smg.babylon.manifest?1663140564792
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06f8477fe92effe6ca4823aea15b1de9f2a4b2825ce586d90722b57faa52575c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:24 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Aug 2022 22:11:44 GMT
server: cloudflare
etag: "62e9a120-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbRecFEAVBqE6LM55azRhEYnCQrFUfhn3%2FD8tP399WBtdMPFJ%2BnLzKYT%2FuKRy8Phn7kuPx%2Bit4HmXSToD37YDq52CC1O%2FrRz3XIWaGWRu1tT3gquacIhjjjcJEchtsM1qhgtHxZcPdON9Q4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769521d2ab89a-AMS
content-length: 89

GET
H2 200 gun_m24.babylon.manifest Show response
shellshock.io/models/ Frame BA6D 89 B
378 B 140ms
138ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_m24.babylon.manifest?1663140564792
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19b71d7e6515f283419371fb5fedf5ba320fe9872e1cf252d6cc3f5c2250547a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:24 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Aug 2022 22:27:28 GMT
server: cloudflare
etag: "6307f750-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsXPhwoOZZM1q0Me49425LsYG6DPTa737qX75YpGlw2eWbRhfrf8kwQPhyB5Rqdz3vU%2FZodUGfot7ZYKPcUlb3H4qJlHDcTR3Ln2%2BXVe3RMs5tkVrfzpkHHs6bU8uolpQUmwkSSjQjBb10I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769521d2bb89a-AMS
content-length: 89

GET
H2 200 gun_aug.babylon.manifest Show response
shellshock.io/models/ Frame BA6D 89 B
372 B 139ms
137ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_aug.babylon.manifest?1663140564792
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f3cbce56f507ba8d1a3f37b53e6f7d628545234b7b5eab9a050600fb21a6628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:24 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Aug 2022 22:11:44 GMT
server: cloudflare
etag: "62e9a120-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEAjxj%2BNl8iF1hlQ1T0mnjDYliv5o2FmL%2BvPNJoahX074SJX8Lby0GFfPDeot%2B3SYGR4TMWDnE5lQF4JQKajPggeQKUrjgpo3estsSaGfnN%2BOVQ%2Bks%2BC5%2FhKI24a2FkdNPElAxAQuAxWxP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769521d2cb89a-AMS
content-length: 89

GET
H2 200 munitions.babylon.manifest Show response
shellshock.io/models/ Frame BA6D 89 B
369 B 141ms
139ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/munitions.babylon.manifest?1663140564793
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59125423d7890922ac1c6c36c665d9e7f77ff8fe213a4395a201d3ae5fd24058

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:24 GMT
cf-cache-status: MISS
last-modified: Mon, 29 Aug 2022 19:15:45 GMT
server: cloudflare
etag: "630d1061-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GPveXOeLPP1vvPhc7bqF6%2BkP5S74VVQSC%2FD5vfhIDSoAAL2SUeFv8gvRcuZ8JFKvf3NsvzEyj%2FAf0uVTpLQYeeFes%2BofuQnaK8QdeAjI3s2fzMtTihUNm87AFAiWrdcg%2F6CAeA5m1kTygU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769521d2db89a-AMS
content-length: 89

GET
H2 200 muzzleFlash.babylon.manifest Show response
shellshock.io/models/ Frame BA6D 80 B
446 B 168ms
167ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/muzzleFlash.babylon.manifest?1663140564793
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90792953bb57a85dfaaa6f6f736b3a111d03288d5928f77a546264258d02a0f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:24 GMT
cf-cache-status: MISS
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
etag: "62731484-50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaeSVRVYtnnijenPpYlipML2JTzYfaGsfqmkrlCp86Gbp2WJzURQTxGeJXMn3%2Bxx6%2FVU2NvEkHRaNQqN98j2njSdpaChtAYgUX5n%2FTEEkzsRpu2PntfH2cnD53lY51nxGIju%2B1x%2F%2FL%2Br3pA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769523d6cb89a-AMS
content-length: 80

GET
H2 200 items.babylon.manifest Show response
shellshock.io/models/ Frame BA6D 89 B
404 B 160ms
159ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/items.babylon.manifest?1663140564793
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd174f1c6dd7184fbd801146d2b8d082905bcd936b48a6b82a3089e341092179

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:24 GMT
cf-cache-status: MISS
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
etag: "62731484-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIKyS02v90r6rJNZfL79PRg6rZLihbWnlkvJOYh5OJ9BuZmUrJM1Ag8HY9T%2BSSKxyEeqrRGDjEJXkiR3Jujlen4u%2FJVXMETSGLKrhYaZyebjZQ3mN3w%2F9iPYLOaD65sOWPh1GwdAUk1UXeU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769523d70b89a-AMS
content-length: 89

GET
H2 200 reticle.babylon.manifest Show response
shellshock.io/models/ Frame BA6D 80 B
359 B 172ms
171ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/reticle.babylon.manifest?1663140564793
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90792953bb57a85dfaaa6f6f736b3a111d03288d5928f77a546264258d02a0f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:24 GMT
cf-cache-status: MISS
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
etag: "62731484-50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxbHJQRFARCQAuFZDjLpr3YHJObtBsaE9jxCSkzTfL0CUEwikmk0IuE2%2FfeaozWyBx9YnFtuzuONCMXKnuTqJ963QQUQXhz8KXlZT%2F607o49I9As3MYNdKfEwBQUOdKwFzwanX0wW1VO8Rc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a769523d73b89a-AMS
content-length: 80

GET
H3 200 /
www.facebook.com/tr/ Frame BA6D 44 B
88 B 34ms
33ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=446896919250308&ev=Microdata&dl=https%3A%2F%2Fshellshock.io%2F&rl=https%3A%2F%2Fshell-shockers.co%2F&if=true&ts=1663140564907&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Shell%20Shockers%20%7C%20geometry.monster%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.shellshock.io%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%3Awidth%22%3A%221000%22%2C%22og%3Aimage%3Aheight%22%3A%22500%22%2C%22og%3Aimage%22%3A%5B%22https%3A%2F%2Fwww.shellshock.io%2Fimg%2FpreviewImage_shellShockers.jpg%22%2C%22https%3A%2F%2Fwww.shellshock.io%2Fimg%2FpreviewImage_shellShockers.jpg%22%5D%2C%22og%3Atitle%22%3A%22Shell%20Shockers%20%7C%20by%20Blue%20Wizard%20Digital%22%2C%22og%3Adescription%22%3A%22The%20OFFICIAL%20home%20of%20Shell%20Shockers%2C%20the%20world%27s%20most%20advanced%20egg-based%20multiplayer%20shooter!%20It%27s%20like%20your%20favorite%20battlefield%20game%2C%20but...with%20eggs.%20URL%20Blocked%3F%20Try%20geometry.monster%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.79&r=stable&ec=1&o=30&it=1663140562233&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: shellshock.io
URL: https://shellshock.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 14 Sep 2022 07:29:24 GMT

GET
H2 200 egg.babylon
shellshock.io/models/ Frame BA6D 10 MB
2 MB 337ms
337ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/egg.babylon?1663140564933
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 29 Aug 2022 19:15:45 GMT
server: cloudflare
etag: W/"630d1061-a2cc05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2F4RSrJEXNVXUi5SJNh6VI3ppo6ekAZ433hsPXLnktcYlVGe23ICsR96eO0ZFa%2B8ZiywVpPecrHM6toGtFLm3fTDXel19yDByBiYZj2hGDAoNgr%2BTzUpzWJAMZa%2BskdRSxqIB984TnTtDcM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76952feccb89a-AMS

GET
H2 200 gun_m24.babylon
shellshock.io/models/ Frame BA6D 5 MB
957 KB 298ms
297ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_m24.babylon?1663140564939
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 25 Aug 2022 22:27:28 GMT
server: cloudflare
etag: W/"6307f750-57ae40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDSYFaaLZSoO0E%2FomH55iU5E8Rfqnh7pWVWososakJn2HnpgY1a6oHofG8%2FWkE1gmhAknulLWmlzMLQ9V0XMrmiZX%2FQepIYK9qaGIuyc3HVXRjLjWp9s6x3EadqCtGD3mUJC4RCxuqpol4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76952fedeb89a-AMS

GET
H2 200 gun_rpegg.babylon
shellshock.io/models/ Frame BA6D 5 MB
993 KB 237ms
236ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_rpegg.babylon?1663140564940
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 25 Aug 2022 22:27:28 GMT
server: cloudflare
etag: W/"6307f750-578975"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=493F11OXH2iBQdIqP2KpUsK24nS%2F9mbJ8oBQzKzPKwkyf06dFz7SRqQto8cWOka3Tu9bis8LWtK2tuxNWxu49IxRrZ%2FyfDDk1Rb0CARh%2FW4tIGBdfAiiJVFS1uob0jzzHihd6PqfT%2BQvcag%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76952fee3b89a-AMS

GET
H2 200 munitions.babylon Show response
shellshock.io/models/ Frame BA6D 2 MB
385 KB 337ms
336ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/munitions.babylon?1663140564941
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6691cdf3f6cf4f6fb9a396a205914c80f8b4d874dac1258ca77b88a8d9ba522e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 29 Aug 2022 19:15:45 GMT
server: cloudflare
etag: W/"630d1061-1b9c54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PqfH3Oz4in%2FXcsvQ%2BDlYGLppGtsxqYJCoozUuBjHevytVmCp%2FWUfdf7g8HAZoEnBtPzqDJmobHsXYlnI%2F8vyFNaofajsirwRp01uUVI8SZnKrygbluoSij9%2ByFbT7%2FvHDsVMIBmEzh9ZO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769530ee5b89a-AMS

GET
H2 200 gun_dozenGauge.babylon
shellshock.io/models/ Frame BA6D 7 MB
1 MB 337ms
336ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_dozenGauge.babylon?1663140564942
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Aug 2022 22:11:44 GMT
server: cloudflare
etag: W/"62e9a120-6c0c8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ch0JxqMqEvEQflGpEKNSfgZ%2BiWg7eiBE7b5NKSyjgd1wl59GonWVM2OdSFQ3o9OtQCfEmRMknSyPmSaKl1Z4wEa%2BG1bmT2WeeuasOCmNSIk7vW41W%2F%2Fi1wjN8m2nhfXmRs354yQeTl5OSGw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769530ee7b89a-AMS

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame 4D56
Redirect Chain

https://www.facebook.com/v3.3/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3501be0ed1df98%26domain%3Dshell-shockers....
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3501be0ed1df98%26domain%3Dshell-shockers.co%26i...
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3501be0ed1df98%26domain%3Dshell-shockers.co%26i...

161 KB
36 KB

278ms
278ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3501be0ed1df98%26domain%3Dshell-shockers.co%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshell-shockers.co%252Ff39655b42063a68%26relation%3Dparent.parent&color_scheme=light&container_width=990&height=100&href=http%3A%2F%2Fshell-shockers.co%2F&locale=en_US&numposts=5&sdk=joey&version=v3.3&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=13cff4edc141d8e9be55593f6b0d3971

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dcef8cd84b5269525c352cafc1fa11a484680770452b7f8cc28c64071575b9a8

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shell-shockers.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Wed, 14 Sep 2022 07:29:25 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: WGghDHzALy6NYrFQlrnEvB7Bb0IzkuohbAjvPsaA1fBAc4qhXc+b51q5eF1BGso8VMpXPJTDu3e7NPsCeWZMhA==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 07:29:25 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3501be0ed1df98%26domain%3Dshell-shockers.co%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshell-shockers.co%252Ff39655b42063a68%26relation%3Dparent.parent&color_scheme=light&container_width=990&height=100&href=http%3A%2F%2Fshell-shockers.co%2F&locale=en_US&numposts=5&sdk=joey&version=v3.3&width
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-fb-debug: iLvU16geDrbjxCj58SCOevBf1eTT2VFYJACt4rwrT+c8+3Cqf2J6srV8Efg/ESv+NkvbTTxvwxbjYS1gmPBbKg==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 106ms
106ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220912&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4ff34d2094cf6c31aa8c8bf53d35639ac119b3ff401a686c0d70219028994a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11285
x-xss-protection: 0

POST
H2 200 rum Show response
shellshock.io/cdn-cgi/ Frame BA6D 0
263 B 56ms
56ms XHR
text/plain 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shellshock.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://shellshock.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type: application/json

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://shellshock.io
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 74a769532f37b89a-AMS
vary: Origin

GET
H2 200 gun_aug.babylon
shellshock.io/models/ Frame BA6D 6 MB
965 KB 448ms
448ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_aug.babylon?1663140564975
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Aug 2022 22:11:44 GMT
server: cloudflare
etag: W/"62e9a120-58bcdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5BjaHmadUYHcyZ3YLLg9uF4D3rNSxRKUOpsiwZ97yFto2vUIuyoIgzhHKb7O7m6rJrclflx1MEYhThn8S%2BN7EYE7RoSHmtTdcA846avCq3legy9oIs%2FBHeCKrbh9C7Dc%2BgpFKgbPY3ixiw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769535f8eb89a-AMS

GET
H2 200 gun_smg.babylon
shellshock.io/models/ Frame BA6D 6 MB
936 KB 350ms
350ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_smg.babylon?1663140564976
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Aug 2022 22:11:44 GMT
server: cloudflare
etag: W/"62e9a120-58f10d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UV0DlPX0ffC9Kh7YuRUNZRvULqyil5Ds%2F7BaBhmg%2BrJjklsZnzhDnQRmBv3kqX2hutXivMQ5NAROK4d15mXQXWjUOiRlD5Y97QC66i1JaWdXH%2BHUZaWIig8UyHpTVkhe0fZcDX7IpNSEEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769535f90b89a-AMS

GET
H2 200 gun_cluck9mm.babylon
shellshock.io/models/ Frame BA6D 5 MB
921 KB 351ms
351ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_cluck9mm.babylon?1663140564977
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 29 Aug 2022 19:15:45 GMT
server: cloudflare
etag: W/"630d1061-4f0dd9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFHZLVhjm3if9y4PHItmXcrAOP8duSaZJpa6flt9elEM2LYyz5XbupnYPbFxGt%2B6Zag3UN0hJcMqQwl%2Bud2NYC5%2BZGwnT3hzF9o8wKqrLkGqoJuE7Jhufz3a1SjXwT9G05VVBMTKs5JAQxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769535f91b89a-AMS

GET
H2 200 items.babylon Show response
shellshock.io/models/ Frame BA6D 36 KB
7 KB 244ms
244ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/items.babylon?1663140564978
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2f495d17d49dc491536a33fbb667060e573da39954a52eab110e43348e254e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
etag: W/"62731484-8f25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wR09m2HIbCvqmaUNHOXMUanvQYVuHDnBUP8jVl6USHADw7BvBlVqW8cuY7fGQNP4efoS0pya3MWkDpQmyz4sXzebJSt915evP9MU7C49Mf%2F1uHijZqOti1cFwfInX1JztJvMBXTPMQG%2FmZs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769535f92b89a-AMS

GET
H2 200 muzzleFlash.babylon Show response
shellshock.io/models/ Frame BA6D 3 KB
1 KB 157ms
157ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/muzzleFlash.babylon?1663140564978
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6982f7c46f20c0ffc1974c08d6804c4425f93002f4aae3f5efc069dbbcbc688

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
etag: W/"62731484-a0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qN%2FHw65jZgg%2BXkFA%2B31GcJSS5nnuIhRDdmpd79b43b%2Fwf%2BtjZ0xbpjPekmquQXEDVYM%2BYU%2BXhA6If9b%2FjGtQF1VGbwBCOvOwl4dqg4C69nQNJdKYESD%2F18E2gT%2BdcK7vAuTPL8K5kZgQEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769535f93b89a-AMS

GET
H2 200 reticle.babylon Show response
shellshock.io/models/ Frame BA6D 1 KB
893 B 153ms
153ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/reticle.babylon?1663140564979
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 657433b9a2988a392e27e63616b2ef926c89b3ebd9e876da41a61cfe66e0cf21

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 05 May 2022 00:04:20 GMT
server: cloudflare
etag: W/"62731484-451"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVEoTRiqtxncCUcUiQGVxUVANT%2FYlnzdItBfTh3%2B3fXRPgxquNE0LlpH2evJPKjTha3NHv25X0s55BMPjK3tw7FTaM9QenzJxWg0N%2BfKsfzTkbljB2drt834TK%2FHjdselssmnmZ7UtL%2FGu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769535f95b89a-AMS

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shell-shockers.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 07:29:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D510 13 KB
5 KB 34ms
34ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shell-shockers.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 177
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:26:28 GMT
expires: Thu, 14 Sep 2023 07:26:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EEAB 783 B
533 B 72ms
72ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

448bbb78ecdade329531b5a4c578ef1fbe6d9a4e41b2f1f6a94a5263626f1ee3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4rsnkpfqo6P9y7Xovm5Inw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shell-shockers.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-4rsnkpfqo6P9y7Xovm5Inw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:29:25 GMT
expires: Wed, 14 Sep 2022 07:29:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js Show response
pagead2.googlesyndication.com/bg/ Frame D510 36 KB
16 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

147a52855d66c4aefebc40e069b591c7517fd42fec5d53a3ad423af94cd5dac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 05:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16022
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 05:38:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EEAB 0
0 66ms
66ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220912&jk=1068973143116937&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 gun_eggk47.babylon
shellshock.io/models/ Frame BA6D 5 MB
968 KB 342ms
341ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_eggk47.babylon?1663140565274
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Aug 2022 22:11:44 GMT
server: cloudflare
etag: W/"62e9a120-552458"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKkJRFY9HufqvC%2FHQNicN2nzUSPE8u9eo%2BipSmfQsDUvN5GuvAEYTTrcuBpAPIpQVht0x6iESBs8FE6myOtkl1sR5CDUJ9Gt%2FLc8%2BljQrpSBdo5oPCokNpVWHmhs9s%2FdO7OpjNH6gG6sf60%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a769551abeb89a-AMS

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D510 0
11 B 34ms
33ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9_4lYQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 gun_csg1.babylon
shellshock.io/models/ Frame BA6D 5 MB
0 348ms
347ms XHR
application/octet-stream 2606:4700:20::681a:894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.io/models/gun_csg1.babylon?1663140565384
Requested by: Host: shell-shockers.co
URL: https://shell-shockers.co/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://shellshock.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Aug 2022 22:11:44 GMT
server: cloudflare
etag: W/"62e9a120-58119a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rObLmbG7lmFuA0oJqEIfHjPAd74r%2B1dk%2B7gvY3886TH91w0ieSkATiMTPuOtNEtLZLjwlxl2FKTSpg8hd8KcqjWjKi4D3%2FdisJmwqLwQjPyKSMpmn7ePcM%2BHyJyjn%2FcZjuTdpS%2BPL2s5JdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a76955cbfcb89a-AMS

GET
H2 200 Mk94vMMnE0_.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ Frame 4D56 721 B
589 B 37ms
34ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/Mk94vMMnE0_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3501be0ed1df98%26domain%3Dshell-shockers.co%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshell-shockers.co%252Ff39655b42063a68%26relation%3Dparent.parent&color_scheme=light&container_width=990&height=100&href=http%3A%2F%2Fshell-shockers.co%2F&locale=en_US&numposts=5&sdk=joey&version=v3.3&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8PXgZwd+47LIQZAIO7K6FA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 393
x-fb-rlafr: 0
x-fb-debug: OMAefxB27s2U8TIzhnomW4HIdXnrGRbtgb8CGd+RXUhzTwTV+KIl/3GMtw7bBlbxvMZlm+QG0XwwJ005ovxX8w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 13 Sep 2023 06:50:16 GMT

GET
H2 200 tVGzaR2GpMG.css
static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ Frame 4D56 123 KB
20 KB 36ms
34ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/tVGzaR2GpMG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5fcabac5b550905447fb96af13bf8fd6c4cfa96e8ea87919879fce9359642266

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nJB1LGW1HXoSr/HaLSyu5A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20057
x-fb-rlafr: 0
x-fb-debug: gLTnlELfgCkQuefAZIAqbL54Ggg8Z5TUSERgei2PclxUuG+2ysh7lPeFBH+XsI0tpy5DMoJO82Py/RZcy1pV8w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 09 Sep 2023 23:34:07 GMT

GET
H2 200 dKTSXCj827L.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 4D56 321 KB
87 KB 38ms
36ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/dKTSXCj827L.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44cffc94cb364b79acb8c8853493c086f98ba8d5908240daf76a77d7406362c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fRovl5JrOO+AlXnKICPfVw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88503
x-fb-rlafr: 0
x-fb-debug: GnrTDNy9OQWNcbYD9soki5XvJCDOVG1Dt4KKgKcGZa+5qFSORvgFFCko4UrAkJA2NEBwsVYzdiT7OTwxTLyCew==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 13 Sep 2023 03:49:50 GMT

GET
H2 200 o6x5fmQU5e4.js
static.xx.fbcdn.net/rsrc.php/v3i7M54/yc/l/en_US/ Frame 4D56 154 KB
43 KB 128ms
126ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yc/l/en_US/o6x5fmQU5e4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ScmR/9DXmBX6dHLNg0QezA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43729
x-fb-rlafr: 0
x-fb-debug: XibjESNzBERl4DciN7wHCcjuhCjSiXEJs+BuM6P1jWqCm67deSriPd5xR6111sq0WpCi1Fn1IbB2s0nRs4OBCA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 14 Sep 2023 00:58:14 GMT

GET
H2 200 DbncEHh8B7r.js
static.xx.fbcdn.net/rsrc.php/v3izgp4/yX/l/en_US/ Frame 4D56 1 MB
228 KB 129ms
127ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3izgp4/yX/l/en_US/DbncEHh8B7r.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: I/icOOGaPy00dXLBh235Sg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 233518
x-fb-rlafr: 0
x-fb-debug: /wNcbY2AdyAAzmlv9BmNDGA02KPdOlcu/UfPdvQbjcP7DwOIiql7MIVvnJv83vA3G84i1kpj3gxm2G7zF9bMRA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 14 Sep 2023 04:23:17 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 4D56 588 B
529 B 36ms
35ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dvWT6EJnf3PNCgYjKHSyww==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 338
x-fb-rlafr: 0
x-fb-debug: uVZYvpsZMBFiGls1rFgMCs8A2qHChBMCszGxfwyyg3JBWogVmp5OgP0ls/Goz4NF0CqSC0rcJOCr/HCeh0ZvAA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 13 Sep 2023 22:28:23 GMT

GET
H2 200 ikPhBcNObVw.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ Frame 4D56 26 KB
9 KB 36ms
35ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/ikPhBcNObVw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c765bcfa5f09b61d34ebc55fbec03d2090891305be93ea7ad5df633fc686c425

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: bNhu8aECte89F7Y1Jj+U+Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 8545
x-fb-rlafr: 0
x-fb-debug: tkGRvdoWliWY0J7p/71zKK6iIqUX12hnCN1v+KTh5cgHOd2C48bLfUu+y7Tq351riPIDAj9lZTEEaNHFlgczBw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 13 Sep 2023 07:17:54 GMT

GET
H2 200 u3mCxoYlf4p.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame 4D56 57 KB
15 KB 36ms
35ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/u3mCxoYlf4p.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9815577626df089250f66e931b328bfe6d2f9e6f3c8dd7a31cdda53dad9d9a7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qCcyHiqyTd2jll/TqQNaEA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 15532
x-fb-rlafr: 0
x-fb-debug: v8X2RZH7mNGStFl2Bi8s5+3zLnM0Ot0Maeo+hmVQLe6iFd8oAfJ1TbFpww/THCP59vcxcluXyoJE0+i+kCiTkQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 14 Sep 2023 00:59:16 GMT

GET
H2 200 CvIS3gEvdgh.js Show response
static.xx.fbcdn.net/rsrc.php/v3iPwL4/yA/l/en_US/ Frame 4D56 42 KB
13 KB 37ms
35ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iPwL4/yA/l/en_US/CvIS3gEvdgh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03403bbfc45fc4a7b8a5cd0f7c0c2d34c1475764b07581a4ea8242045d2f1108

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KDRT4c7myb0r0RpLb3IEuQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12670
x-fb-rlafr: 0
x-fb-debug: b/ycWDJpRZZXNAsqSBy7Umm8b1q1i1nZQAk3TSK8cIeZuhrtDqoBgeEWwkXijS92BBGWtVvJ0FBRbfBAFRGoxg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 13 Sep 2023 03:35:27 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FCA5 42 B
64 B 95ms
95ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqmczWMHSwCRHC92yihDHBI63gX62MlLxLVIsQwsi2N_s0fCNDdkA5efo6IPFKUejM0l1Xc_cKZR6fJ4dAPcH-aGHd0rX9sipXb3lskvh9idzTJYRjYGQNf2SGXMg_ZqVw3OWLlA&sai=AMfl-YRajQJp4WvVepK5NPHHKbanrmRWZgXsJh06Y1Kzim8aebTAQex5w3OnaeQ4zOiWYihkygxOye_7V4Nf&sig=Cg0ArKJSzID19cFMiQyoEAE&cid=CAQSGwCsnQUx33QLKPbkYlKjL7M3sZHIpfQuGb_1DhgBIA4&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220912&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663140562453&rpt=2119&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:29:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 S8OcxhB11Iu.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame 4D56 306 KB
0 36ms
36ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/S8OcxhB11Iu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/dKTSXCj827L.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xsSdTCUw1dF0oF6i6ilv7Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 46092
x-fb-rlafr: 0
x-fb-debug: UTL3VPqL46gcm7h4u3g/J6ci7FoxQbY28UPuSifgD2Ll3Ucn8pZH1jeYpTlhTzx+jh9Y+nZwjb9Iw64uMnZ6yQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 13 Sep 2023 02:44:19 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220912&jk=1068973143116937&bg=!6eql6q7NAAbG3AOo5tw7ACkAdvg8WlglxSFeoj0TCNWYvqVrK_tlCdiQ-B-w3DvqOSPjbOI1V1TXLQIAAAB4UgAAAANoAQcKAAMx_H6ZAvligI0gfv4tDYu4AELb6b0seCbyNaKLC2FPt_2BHBHgSqQ0LkJAfD80NeRuVDDcxgNiAvPWNQsKbVmXSRI3fjYwxmeCh7DnaIJmiQeizuk5W5cqULfJQ25ua-snjE8ep_hY_WZyw_M86y2w1nkHqYsz6H-XyRwyu98sge3hqsy-t5U9YlujUfVDUcLCy2iR-zHSvffS0dpW6JPool4fFIoV7gOX3SbgtYFr18bZ1qE3CsQOqGvcJE97Fc1lbcW9prlIhWeyNlRNVGAncVoz_6TkmTRVC31yLspQY_WoCypgdHaEKxQhsFfGSXrKrqCuppnqhUP-wkJFjohxWJG9yntBa1ALOm7-S71YiWVrUt8qhEBJNEUZQqteoC2Pj8dtsSxBDa1ArBE7kV3Q4QBf0wDSaGwr19fO37w7bXeIstv2GEoM7Z3f6RAzpU53nsEH_M2_OUfQ5N9gf9zh5nmuPfe0HbUwL_lsQ2wOMILrYjt30nSmv5DPsJEuJJVCz6aRGQFlVxevtmwXYacOTkeI1ARz_kzLQ0QzKeR-VKI34Uh4oAnsq9Swgt2bhWo7xqFvduZQM9rPbrFLb0uiwidBZoonHdbH9KLX_cqMQHx-DMHrFc_50N5FnO8B6GbRimRlNTVHdiaM-7BrG3MdE7vZ6gcmyLCI9pc8Jz33H_grK7kXacGSz0TRklEaWmAkDsEDLjXIMJlxIIgRsBqUj1K5ACRD8_-PrVd1Y6gKDdbPjEusFKlKTnKH6PHtc16eVu82nfsADh0wLd-Rjdjy39WQogEmMt-shIjLyi9HfwEbGC--ceywpuwIXnOC16vdA6xD_ROES20jqNGHWz9riAFGXX9LAp-xad5RpEtMut-PnmP5bWxnt61_YJmGw1hd0lzM1bo0pN5cpvqkutfchOJ6TeS56_lZas094qD5SGj8lqB6IzykzcYbfGDTuqIo2lvUpA6nWcWqQbp2OwrpbapvPa_L1gcG-NVqReMOgKqVuU0seByzg4ndO4ZROA

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shell-shockers.co/	1970-01-20 15:35:00	Name: _ga Value: GA1.2.648878179.1663140561
.shell-shockers.co/	1970-01-20 06:00:26	Name: _gid Value: GA1.2.722503066.1663140561
.shell-shockers.co/	1970-01-20 05:59:00	Name: _gat Value: 1
.shell-shockers.co/	1970-01-20 15:20:36	Name: __gads Value: ID=705dd4bae194bcfc-2281d0171fce00e3:T=1663140561:RT=1663140561:S=ALNI_MYehVkIHo0AmyfWFgZZuTX65lwHHQ
.doubleclick.net/	1970-01-20 15:20:36	Name: IDE Value: AHWqTUkJn7Rq_v_nAP_9p0G4n4f-ml2ZjkvTefGsfBaAqh6LsP6TzQgo0HjDUp1R2a8
.shellshock.io/	1970-01-20 06:00:26	Name: _gid Value: GA1.2.1725351769.1663140563
.shellshock.io/	1970-01-20 05:59:00	Name: _gat Value: 1
.shellshock.io/	1970-01-20 15:35:00	Name: _ga_79NWRZXYCB Value: GS1.1.1663140563.1.0.1663140563.60.0.0
.shellshock.io/	1970-01-20 15:35:00	Name: _ga Value: GA1.1.895818811.1663140563
.doubleclick.net/	1970-01-20 05:59:04	Name: DSID Value: NO_DATA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://shell-shockers.co/ Message: Mixed Content: The page at 'https://shell-shockers.co/' was loaded over HTTPS, but requested an insecure element 'http://shell-shockers.co/themes/shell%20shockers/rs/plugins/raty/images/star-on.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shell-shockers.co/ Message: Mixed Content: The page at 'https://shell-shockers.co/' was loaded over HTTPS, but requested an insecure element 'http://shell-shockers.co/themes/shell%20shockers/rs/plugins/raty/images/star-on.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shell-shockers.co/ Message: Mixed Content: The page at 'https://shell-shockers.co/' was loaded over HTTPS, but requested an insecure element 'http://shell-shockers.co/themes/shell%20shockers/rs/plugins/raty/images/star-on.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shell-shockers.co/ Message: Mixed Content: The page at 'https://shell-shockers.co/' was loaded over HTTPS, but requested an insecure element 'http://shell-shockers.co/themes/shell%20shockers/rs/plugins/raty/images/star-on.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shell-shockers.co/ Message: Mixed Content: The page at 'https://shell-shockers.co/' was loaded over HTTPS, but requested an insecure element 'http://shell-shockers.co/themes/shell%20shockers/rs/plugins/raty/images/star-half.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
api.adinplay.com
c.amazon-adsystem.com
cdn.jsdelivr.net
cdn.onesignal.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imasdk.googleapis.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.analytics.google.com
script.hotjar.com
sdk.crazygames.com
securepubads.g.doubleclick.net
shell-shockers.co
shellshock.io
static.cloudflareinsights.com
static.hotjar.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
pagead2.googlesyndication.com
13.35.253.90
142.250.184.226
142.250.186.130
142.250.186.34
151.101.65.195
18.66.147.62
2001:4860:4802:32::36
2606:4700:20::681a:894
2606:4700:3108::ac42:28be
2606:4700:440e::6812:2fe6
2606:4700::6811:180e
2606:4700::6812:e134
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9c
2a00:1450:400e:810::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::485
2a06:98c1:3120::3
65.9.66.123
99.86.4.6
01f0fba52012db4f593d80d16cd881e5638f7f6dbc15c5eb5af00a20f6c7d080
03403bbfc45fc4a7b8a5cd0f7c0c2d34c1475764b07581a4ea8242045d2f1108
03d7fde9f9900bbd475de47e0e2cc3bd1380f580b17e7ced3a10aaa30bc06df1
03e6992844a83a2b3312f07180ae94bfff7ca1f97166e4b158c550c28ebef835
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f8477fe92effe6ca4823aea15b1de9f2a4b2825ce586d90722b57faa52575c
0b4fd36123c14417d71cbc5521b24e45cb4cd06069695f807a8e56f49c1f1379
0da93c421ca12d7c35660be31634b957c0985b922d6922ab8c85ce9382e0a885
0dc9a98ea104763fd38f67082f53935039097515518e2412c6e027ee1e4f57cc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
117e39373dff82b1eb656ab77eabf2f27975969f8925060aad772af698ab2dd4
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
13be644b583fe1c021650b4b272a4e076ec2f2707ebe56113839a641d3b42300
147a52855d66c4aefebc40e069b591c7517fd42fec5d53a3ad423af94cd5dac1
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
17e53fa0a5847025ead4e17e5ad7d3a8609b797eff520a5ce6c78f43175267a2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1840cc4013e6e510048ff065835a6a6effca6cf98880ff8a12211d25d44ede1f
186dc3174ad9f21803148ff17b7bb6b3d775da8bbad831d9dd56c7d7cc32e5f8
19b71d7e6515f283419371fb5fedf5ba320fe9872e1cf252d6cc3f5c2250547a
1a9064f74f737966bf0fb51493c888362ecd57089e100798b6c6f3f6ac5e3873
1c2205593272633bfa6b25210a30b78e85a535f08ae47133968b9b53d4dd0af6
1cb3ee708a82e5b549d7b08490f8eece635d74a868a6cef442e1427abea07ee7
1cd384d5fc77aa0e9b309573f7c5bcb7b557eaa398a19ab6440abc6085a45abd
1e8ca48ea3cb0c70aed0346f6c9510abf37d1b0db0c2b0c1911da2fd3201def9
200dc342a32aa221914e14da19eceefa1f28f793075d2d3787a25e1b7bc52e61
20fb93e1ec8872c0c8bd1b9b440eda32c0b5bf51f186d19cd6315e83fd77c902
21b624ffad50dd48f3ad137fd29a28a98bdfcedab0a99a67b3075451c0614119
22158aec120e51bc130646b58e69f125595ccbeea8b2059513f11abde1ef67b0
224581ff43afbd9949ba9fc161fc565053ef15f3e1aacde253bba928231ab5ff
22ffa604e9e5dd4a92b9fffbc7c4d26d57cdf12474f46828045e389d4946b7dc
2444b20b28c18d89accf5ab8a6dfa4698fa053aaf043abcce252588c2ce45528
25cb52e9f970e689a29564b8727a93e10c31a723f707221a08e2bc343b450bc1
265ff35f4c2f249012008c2aa0c01dc90f5bf323b03366400efc37604cbe0c93
292df53a6dd9f0672c3ab1f4d20bd29fcf590183976c363b33f594f98f522872
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
2afdcb7f2c62411bbe83d5dbafecf12ab1d9d0898f9b09080fbb2b1afcde4996
2b2e2c077d8eed77b8721414493cf1d515d2ab6167f29021fb7daf88f78471e4
2bea97cade95d292d8d504b1581bdc255ecdc6aa0433361bcc3e95a1062f3d06
2d0ddf66aa6bd54b388f0283cc65ba224d660af6f92525e47bb74a35813ab43e
2da8f037b239fcfe6532afc5b1715fd2bbd8258133c16913e7534e95033a75ff
2e20387329d37cd605e35c3513e9025cc8a029c24321b1f2946837bb101c2654
2f3cbce56f507ba8d1a3f37b53e6f7d628545234b7b5eab9a050600fb21a6628
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
343522ba0dcda950ebb0299d62738b936771ddbf8f5266291382f1bcb15912ec
3461ecae540364af79fac19c7529bf48c24ce96dae654b3cc22d8651af736d92
34b26411b24e4add9f34c56b65d0c95ee76341b61b2174738da5e26c858f0bc6
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
357abec0133efb2d00e08db6666c4e89b04f8fdc96b3eea43bde026e2fa78075
3739b485ac39b157caa066b883e4d9d3f74c50beff0b86cd8a24ce407b179a23
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66
39e7f97482ae0d4ab6990d049c22c207d33578cbb81a52bc6aad349f8bbd6d46
3a7a4d3334819d42546afef980db7d5fb63231ebe93969fad0f2d76ee9bc9951
3a89baeeddf42182b6b6847f1ad6f45d2c81457c4970ed9baec3be9e44d84fc5
3b9df018a8675ae9a77a534130118ec4d56dcf31f83af2433af4075b62f27721
3c479fb067ff01f64c12e5e19b352db346f8659f03f79128b5a29f85b3068e6f
3e11b034cf6479785885a5d635a95a2b2be6184e2598c326ba629274fd36874d
40938aab5e60580b6bb7feb1ce269cc1befbf6c5c27308c8400ba6daa569a8aa
41b102ac428bec8c0b2dd9753928a04d02d69e1be7be6921f184a06429e12720
448bbb78ecdade329531b5a4c578ef1fbe6d9a4e41b2f1f6a94a5263626f1ee3
44a98b28a8ebbcd3ada4c6b83d5dd76094e0992b9c654075a4d03e59396e4c63
44cffc94cb364b79acb8c8853493c086f98ba8d5908240daf76a77d7406362c1
45371d9100463ad99a76cc844ec902ae3337afaa1cc0521d11e48f0a7dda2b27
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c21c94b172942d124a1633b6410fc7c946878918276cf0d9dcb313e964ec477
4ca11de003a3a6cf3fb71bf8ed1b1b84e7452134c2dca9197727462aeac76475
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d57ce7a1a3c7ea61cf89aad0eecc60e7b9ab674591fcb828c91972f0682b58f
4f3290f38fc4f2f9a4a8611c767ca2b2f2a83eac6fdd92c59c6af8217438e8f2
4f47ecaa3aa4df505f824ac81a03f970675d8e39b38134187c5d1b5402af9cd4
4ff2f16b4b5d0a7d8dc536209e04d61870f4216ab2c67fe26e31421911b79e22
51cba45ddd3f0fd36ffac9228945b397967fc9f39bffd93ed71e13459dcc4158
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59125423d7890922ac1c6c36c665d9e7f77ff8fe213a4395a201d3ae5fd24058
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d2c5e848e74a42621d27b6de0f3d1752df3614c0d44bf138be6d99eafcb1ace
5eb9c2bfabc8fdf4ee67b44dc0374099d8d338f9c8d70fd2e53bfffd6379218f
5fcabac5b550905447fb96af13bf8fd6c4cfa96e8ea87919879fce9359642266
60fe7e4aac4eb940fd301c6d3e406e1d20393303a2325796e955df5668fc483a
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6349302d4b18a5a5cdf6e857fba4340754ef1b13998062bee7d721fe28ad8a71
6383353070129c103b1a78f595ea41b2bbdb5b0c130e04d0076e29bb30ac8c92
657433b9a2988a392e27e63616b2ef926c89b3ebd9e876da41a61cfe66e0cf21
65aa0b4c724e1c5e6d6022f2f8598a005d24bb62264ee04dc766c03666dd0783
6691cdf3f6cf4f6fb9a396a205914c80f8b4d874dac1258ca77b88a8d9ba522e
673e48d51ded0aa9853d40c5f85b28bbc180e7105e26ca37e0420b575e0a8925
676aa4f86e6ebddf660cfeaa012333175e2686905bf18de6139d8f9e12ef9ad4
6874cdb7e79f067bf2ce4a0b2bd2295fbae3ebf7a6dc3d697fd30882aac924ef
6a1ee0ef6530db67022f30f4d4941c06c4dfe2e2186627652d57ea3a99759859
6a26c10fe0fa7c56bf89669f54edfc963b58e33ba29e14933ce5070135061e87
6c1ec3a17b70fd364702b74bc20cba6bc9f9ccdb89a87c75828f5bddf65f18d5
6d4b004f7fb693779b5f6f23d659a25d527a4a36e2a096d906cf05710d9976a8
6d9751aa51126a5018b63433052703ef3e228c5f713b34ef46cd3310c1f0d736
7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
72a928b4ea4c4e420dfd86e2c1c03608f6ecd18e5ce7c495d3d44e5228db3b19
76b2a103a4feac2ee3aa1bf11ce12032a38d8fa566fb95a39bcac61204811c5c
76d03c23f88681646e7be7714d6e8a731f63298466e2a4a6784cee08e2ab2b11
7748c982c0a1b855637f9751d39be5e51194d6c635ffd17666929adbe2c6fa20
779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb
78e804add8676a2cb061eb299cc9f9135f8f28c076f0594e1a80d4d8516a8df9
794e2e3d154a35b23045dc4a054775cff072da54289cc5d8f9ab9048c04bf939
7baeec556b0c87ed71afedc61eea105be22745724cec853d42a4b4875f4f4513
7c76f9b25bafc531d4218b90bd300b95cc09216ef4e28b181b190d347e4dd1f4
818cd7bb9d5911e0b88fb921eb9e911cb9cd7c75bac6080e5edef269d7b555ff
818ee4d56a17164119212f17930b59ed2d3639171ebd4a4595fab5797a48b7f0
833512d7323dfa598388f61ca00aa0a907c744c80490337f17407313d49fd001
83db7099a5e308e6ee45948d7166c6db8b93bd9b3413e6753ba57e0aec012d5c
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
8793f883c3b983f49f1be0cb088c5375847570f265dc89493b796cb346c43612
87aaf6a219dd9f07753cc7f81628ee7017631478344a20d0ac1d3df05601a629
8827dc6e85e78d6e711fe152b384c9631edfe8a9a9237a74a885790114c47ec4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d1376f23a0dcd2062c169cb3a966923e585a91e9d4342cd25097f6031803cdf
8f552c5f6fcd910d7280d3a6e7261e2ff52092fbc416f7ca33610e2f9664b653
90792953bb57a85dfaaa6f6f736b3a111d03288d5928f77a546264258d02a0f7
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94cf16891e349085ae4765317eff29ee9324f61111082f08c66a5950a0a9f9ba
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
9815577626df089250f66e931b328bfe6d2f9e6f3c8dd7a31cdda53dad9d9a7f
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
983030bf59b98e6664bb223d04ef1321af8425db721c2ec52e2b05957ee3099b
9b006b75c0008f4002fc0d5e8fd096f6be916bac2f3ac03f1358825a41026ff4
9b8ad27f1376c0ca1de3808d2569b6cb82eb407180e2dfe00af025437cfb83c1
9bc493724fbc4c37c524b9bb01e40df75b7250e7e61e2424823305e301ed9d6b
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
9d0fd11ae868cbd325785519cb46310a8205a7236aa6c953ba40235e58703d6e
9ddb09cc767ad74449d0dc0e532b99819623af425cdd88efe7f908f2ae0590b3
9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742
9f7afac9fcb63409517c8ae63dc7429f524d38995d043ae6d4cbd172e1cd8b12
9f9cfc5a589797311ede81b569ce870c6462cdf825f14710d240dcc519a66ec9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0ba2b213268069818d82f81df4bc20d2619e7057146bcf18f9a9d2c0f0f229a
a119ae002eba961d35c7d12546c37e8fd359d78ef7c36c1ac2bad7834f74f6df
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a86cfa0a3424cb341030e736bd10936e02a5eef335f68ed157879905aa08d7
a1c0acb8aaa4518c141bdb4cb8f53a0e4cc579ba71bb6e51794c855ff36df6a5
a233bcae0f4976d138c50c9f260a4999c6496eb4548c782784633fdbc8ecab3f
a2cb2c51de8a9f9c9d05e07864f3a3bbff11bc39bfb1503d296ab907048f8680
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6762c54113b3fcd3c25e711460d4904e9a20a0c6a302895f75fb958753654f8
a776afe2912e17ecbb37612670852711fbff04ac8d55b55e8c5da2b082f47b4f
a90de363aefd8ac0ddd563d9ccee20d90f9688a55018983ade628f90d942d183
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
aba4a30563ad76a60953fe925d2971c07dddef9d155897eb02aee927af6dc20a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0d6472a76c94c4fdcbc5d92ed303749e48123f4873b4a6cee51c60204716803
b0f65df8b2bfda1e34247e999246ece53609d49ead40a2d8722ef51c632bcb90
b12a8018316288225dc39eae5e332d35a949282249c33fb2eceb7399b047c515
b2a1888bfaee890a17bf6433cdc4dc908995d363c64d993f1816e84e5075c68c
b2fb7dfc486ca9dc61d1b6bba5a3838bf49c0cb476aa8ebd3f91ed6764975e2d
b34f09ab8b0185a87f37efae7226f77abfd8870021f64422bd5219183a61a749
b4b8b1b840883ed9af57c209757899f837c7aa8ebee945950d1c116224b130e4
b4d5ac80f2bcf5ed4ab04f558cdbedf28ba4aae752b0782ba96fa0601320897c
b5100f6c9e27dce147823eb5b2fb74384e5c1224dfa9b82c1c44698881c16cac
b593305a425c1536c88c16d2271443d42e95972f95d848cc98afef9f18301d27
b5da0962ecc6de3e97968595111a2717893f7d7c8890656989d3d053e21bf8cf
b5e2562f7fde7fdc20e3ac0df2a98e349b8d30a25b912f736f6c33ac917f5fbe
b6e4345c83cf2dc46888a377b5f8dd24930aafa2274a0b32b16bb1b1d07511b4
b87165160ab61e21e36be74fe46d417b49609caa295c677ae8448e183ec019c4
b87b04c9eb97bb2d5fe49b24c9584f7e22c24422a11f00668a37a166efc91d2f
b9c4dc0b77f932f99a061cd74e00449ba316c28847ba5d208d3b35bfe30d5b02
bbc8de3484f9a597c771d71f9520b3d4b88b3d7d7f31b6714b00d408bc1c6bbb
be7398aed4075b695ea2458faa126f56d46d9f4cd217abfb3dfbea890cbfdabc
bef1731ba5c3f866d0d952102d1910deb5af0f875724067509a38e8c51cff4de
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0
c07d109d2618b2a12c1d5e2bace1a9d974b32bbd852a5f09fdf5f146a713ded4
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3b7c703aa3175bfe52c84decde1589b371f1f00bef84886a31e424cf5925166
c4ff34d2094cf6c31aa8c8bf53d35639ac119b3ff401a686c0d70219028994a3
c6982f7c46f20c0ffc1974c08d6804c4425f93002f4aae3f5efc069dbbcbc688
c6be857b91742850113f3609e1c7b445f52b2eefad82f51a45eee5f29e159381
c765bcfa5f09b61d34ebc55fbec03d2090891305be93ea7ad5df633fc686c425
caeedeb963b3f25c5f5d03f64e3bb75fa975960808c5c145b6d11ccc6d83c81d
cafbc394ae4f8f5ad91ca7a5dbf659f42e2ebde573a14dfa5c88ddff000fea29
cbf0d2c700fab27c821b4836c4024b7f5b47d65fb8ea141bf1f8fa1e2c8f4c4c
cd174f1c6dd7184fbd801146d2b8d082905bcd936b48a6b82a3089e341092179
cd6d444176a48eb87ab5e4a10ac6a94e1c49e1ef95edd29c5286607bc2d1be47
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
d07c737a3828def4546e1305591460eb7c2c048b1a170f23322d8c602ee7847e
d0d6a78a4531ac47581f3e49ecee187155bd120a624552674fbd1472d615d14b
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d1e6765f526b661dacbc56128b424a3e92602299dc151c714aa72d3a913cac02
d2d8a41675755d939804e3e363decdb7277191065873eee7ffaae995d9bd0e96
d631dca2e511b8d901fcf4d50d510069e6c37897b09541c7ee89def2583634be
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6bc6400fc77bf7c35e9cba871123f41f8a3790405c82558ee6cd7eaf555b639
d78968b9a3ee4c6aa64297d07bb652a808b1e6446b3665e531d1f8221a494791
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d8a55a48641ac6c0f9b582079eed4f435c171344a3301b4fd7909e01bdce1ab7
db15fb9b3561d5c741d8aea9ef4f0957bd9bc51aa1caa6d7a5c316e083c1abd5
dba21b69260b204a0ea685b1388df50b9c490e8db990610b08499aef93a72f39
dcef8cd84b5269525c352cafc1fa11a484680770452b7f8cc28c64071575b9a8
dd60a19c003cfd7697cf549e7defd622a78765daf0e10f5aec2c6e3f61a364d9
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dfe964bd56c9b38868eb7572a38984a4e358d96bdab15a87b6be1bfe4f2a9d43
e0746d96fa606597d2e7152e2df6f261b4792fa59239a78bb15782779b66ebe9
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2f495d17d49dc491536a33fbb667060e573da39954a52eab110e43348e254e4
e3417a906ff14de09f6d7e5f5766e992d41796810fa2a24c7b818c25a840ba78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d021284a3c9a0aa722c49db61768a76df22a12772567e4debe0c2410a89fa9
e7f56c2a045c9dd87d7eecee5f27acb2e90ddb639389866776edb8ed97098961
e856f0a3b4b2fcaed2bfd758bc753c8867846db5c8f667ff55ce1bb273b3c0e9
e8cd9229e312c3f67567739a57f5a89cbb538c53a71f3fafe78808838b0cfc81
eca2486761672e30bd75cc6b58eeb3374c42daa18878dd1a2e8356855845173a
ecf9b6e0006d7282179f13b0a54bc89e94f8868e0fa53d1d6fe46df1f038025e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15a48f2664676e25915880d610477a92eda3d48e204436e923d9f4a29f54bf7
f1ab144efb12def335355d06e7da59e797903ff70478f61102b4f7c41ca49f9b
f287f6b3b241dbe0ab9f7659c05fb425f480efb6e1042836dd364eeacd9faa9a
f4899139a1d2a5c179f834cd1041a556123aeef87d21c0b9f5448a8bbcc82bc0
f4f3b516186e63c83ee7f9070a33085c68a865976c03e5041d2f3f60c943d677
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71d619eeb07bc673c2492806d833f46a861d4ca81e84acb4553898fd4e3f0d2
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f80755760a7307e17dfdcc0e9dba7d81e92a5a72dc864dc9a512199c2c4050d5
f8f94608fec56dbf53146ac068d984bfdce6c8c29d5f4a59907907d0b82de4a8
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd26bf0ea0990cfd808f7540f958eed324b86fc609bf56ec2b3a5612cdfde5f5
fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e

shell-shockers.co Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

311 Requests

99 %HTTPS

76 %IPv6

23 Domains

35 Subdomains

34 IPs

4 Countries

24889 kBTransfer

81897 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

311 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shell-shockers.co Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

311
Requests

99 %
HTTPS

76 %
IPv6

23
Domains

35
Subdomains

34
IPs

4
Countries

24889 kB
Transfer

81897 kB
Size

10
Cookies

311 HTTP transactions
9 data transactions