urlscan.io logo urlscan.io
SecurityTrails logo

shellshock.io Open in urlscan Pro
2400:cb00:2048:1::6818:20c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shellshock.io/#1cifuz
Effective URL: http://shellshock.io/
Submission: On December 30 via manual from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 21 HTTP transactions. The main IP is 2400:cb00:2048:1::6818:20c, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is shellshock.io.
This is the only time shellshock.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
10 2400:cb00:204... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
21 8
2    2400:cb00:2048:1::6818:20c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
shellshock.io
1    2a00:1450:4001:81e::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
10    2400:cb00:2048:1::6818:30c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
shellshock.io
2    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    2a00:1450:4001:81a::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a00:1450:400c:c04::9b (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81a::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:400f:804::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
12 shellshock.io shellshock.io
2 www.facebook.com shellshock.io
2 fonts.gstatic.com www.google-analytics.com
2 www.google-analytics.com 1 redirects shellshock.io
2 connect.facebook.net shellshock.io
connect.facebook.net
1 www.google.de shellshock.io
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 fonts.googleapis.com shellshock.io
21 9

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
discord.gg
www.shellshock.io
Subject Issuer Validity Valid
*.googleapis.com
Google Internet Authority G2		 2017-11-29 -
2018-02-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2016-12-09 -
2018-01-25		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2017-11-29 -
2018-02-21		 3 months crt.sh
*.google.com
Google Internet Authority G2		 2017-11-29 -
2018-02-21		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2017-11-29 -
2018-02-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://shellshock.io/
Frame ID: (A2ECE04765DE14B4A1B3CA68D63DA3BA)
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

21
Requests

43 %
HTTPS

100 %
IPv6

9
Domains

9
Subdomains

8
IPs

2
Countries

0 kB
Transfer

3269 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1310163396&t=pageview&_s=1&dl=http%3A%2F%2Fshellshock.io%2F&ul=en-us&de=UTF-8&dt=Shell%20Shockers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=547281933&gjid=1137444124&cid=26037337.1514665700&tid=UA-105800112-1&_gid=1030589696.1514665700&_r=1&z=1109991348 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-105800112-1&cid=26037337.1514665700&jid=547281933&_gid=1030589696.1514665700&gjid=1137444124&_v=j66&z=1109991348 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-105800112-1&cid=26037337.1514665700&jid=547281933&_v=j66&z=1109991348 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-105800112-1&cid=26037337.1514665700&jid=547281933&_v=j66&z=1109991348&slf_rd=1&random=4175811065

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
shellshock.io/ 		22 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
http://shellshock.io/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:20c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
484e85704d2cdd3af2d9acdf3b40659e8fb1d958bceb282659ff5f0ab3c2dc0a

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
shellshock.io
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sat, 30 Dec 2017 20:28:19 GMT
Content-Encoding
gzip
Server
cloudflare-nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Set-Cookie
__cfduid=d99c1eb319d8e47970db6ec871985c0511514665699; expires=Sun, 30-Dec-18 20:28:19 GMT; path=/; domain=.shellshock.io; HttpOnly
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
3d57beae15f8644b-FRA
css
fonts.googleapis.com/ 		4 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:400,600,700,900
Requested by
Host: shellshock.io
URL: http://shellshock.io/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81e::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
a53a0395a995bd12180fb79ef1adf9601c009b21f8c2392d48bf67520ffad3a4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=Nunito:400,600,700,900
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
referer
http://shellshock.io/
:scheme
https
:method
GET
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 30 Dec 2017 20:28:19 GMT
content-encoding
gzip
last-modified
Sat, 30 Dec 2017 20:28:19 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Sat, 30 Dec 2017 20:28:19 GMT
servers.js
shellshock.io/!host_specific/ 		458 B
0 		Script
General
Check archive.org
Download Go to
Full URL
http://shellshock.io/!host_specific/servers.js?1512683658
Requested by
Host: shellshock.io
URL: http://shellshock.io/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:20c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
eeaa6aff43db5b0151a093493b34aae54b6342f4c3185ccde27e0083a187135c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shellshock.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://shellshock.io/
Cookie
__cfduid=d99c1eb319d8e47970db6ec871985c0511514665699
Connection
keep-alive
Cache-Control
no-cache
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sat, 30 Dec 2017 20:28:19 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 07 Dec 2017 21:54:18 GMT
Server
cloudflare-nginx
ETag
"1ca-55fc71c230b2e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
3d57beb0b6f7644b-FRA
Content-Length
214
Expires
Sun, 31 Dec 2017 00:28:19 GMT
babylon.custom.js
shellshock.io/src/ 		3 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://shellshock.io/src/babylon.custom.js?1512431772
Requested by
Host: shellshock.io
URL: http://shellshock.io/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:30c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
064fb3ccc06142ecf71f7ba8f9d2ef63f42c950ddace9c496473b86e99266fe7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shellshock.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://shellshock.io/
Cookie
__cfduid=d99c1eb319d8e47970db6ec871985c0511514665699
Connection
keep-alive
Cache-Control
no-cache
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sat, 30 Dec 2017 20:28:19 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 04 Dec 2017 23:56:12 GMT
Server
cloudflare-nginx
ETag
"2b3131-55f8c768eceee-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
3d57beb0b40a2666-FRA
Expires
Sun, 31 Dec 2017 00:28:19 GMT
shellshock.min.js
shellshock.io/src/ 		172 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://shellshock.io/src/shellshock.min.js?1512671884
Requested by
Host: shellshock.io
URL: http://shellshock.io/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:30c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
eac55324ac76992b32f9a39106ec4f1355831ebba1fbca8bab29c7cb82b72812

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shellshock.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://shellshock.io/
Cookie
__cfduid=d99c1eb319d8e47970db6ec871985c0511514665699
Connection
keep-alive
Cache-Control
no-cache
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sat, 30 Dec 2017 20:28:19 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 07 Dec 2017 18:38:04 GMT
Server
cloudflare-nginx
ETag
"2aed5-55fc45e533dba-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
3d57beb0b7a96343-FRA
Content-Length
37930
Expires
Sun, 31 Dec 2017 00:28:19 GMT
fbLogo.png
shellshock.io/img/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shellshock.io/img/fbLogo.png
Requested by
Host: shellshock.io
URL: http://shellshock.io/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:30c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
74970f8ed20b35850f09f0a59bb8b09802fc7feb05464044fd3db55359579b53

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shellshock.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://shellshock.io/
Cookie
__cfduid=d99c1eb319d8e47970db6ec871985c0511514665699
Connection
keep-alive
Cache-Control
no-cache
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sat, 30 Dec 2017 20:28:19 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 03 Nov 2017 18:51:45 GMT
Server
cloudflare-nginx
ETag
"10a0-55d1898b24072"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
3d57beb0e7ba6343-FRA
Content-Length
4256
Expires
Sun, 31 Dec 2017 00:28:19 GMT
twitterLogo.png
shellshock.io/img/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shellshock.io/img/twitterLogo.png
Requested by
Host: shellshock.io
URL: http://shellshock.io/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:30c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
528df08733a01629f48c9db11b3059d7df5243400544932e0cd2221d08d9ed93

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shellshock.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://shellshock.io/
Cookie
__cfduid=d99c1eb319d8e47970db6ec871985c0511514665699
Connection
keep-alive
Cache-Control
no-cache
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sat, 30 Dec 2017 20:28:20 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 03 Nov 2017 18:51:46 GMT
Server
cloudflare-nginx
ETag
"f90-55d1898b4923e"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
3d57beb107ce6343-FRA
Content-Length
3984
Expires
Sun, 31 Dec 2017 00:28:20 GMT
discordLogo.png
shellshock.io/img/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shellshock.io/img/discordLogo.png
Requested by
Host: shellshock.io
URL: http://shellshock.io/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:30c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
2b98a0ecce4b8aa9201f444ace2468803778251ec18a08376b5462589c640a8f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shellshock.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://shellshock.io/
Cookie
__cfduid=d99c1eb319d8e47970db6ec871985c0511514665699
Connection
keep-alive
Cache-Control
no-cache
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sat, 30 Dec 2017 20:28:20 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 03 Nov 2017 18:51:45 GMT
Server
cloudflare-nginx
ETag
"f6b-55d1898b24072"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
3d57beb134242666-FRA
Content-Length
3947
Expires
Sun, 31 Dec 2017 00:28:20 GMT
logo.png
shellshock.io/img/ 		129 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shellshock.io/img/logo.png
Requested by
Host: shellshock.io
URL: http://shellshock.io/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:30c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
17fe1a610a29b9d9c21f3a7642d3be2c7aef3c86ccb0dcc8f4ca1e262922fd24

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shellshock.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://shellshock.io/
Cookie
__cfduid=d99c1eb319d8e47970db6ec871985c0511514665699
Connection
keep-alive
Cache-Control
no-cache
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sat, 30 Dec 2017 20:28:20 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 03 Nov 2017 18:51:46 GMT
Server
cloudflare-nginx
ETag
"205d9-55d1898b4635d"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
3d57beb144292666-FRA
Content-Length
132569
Expires
Sun, 31 Dec 2017 00:28:20 GMT
settings.png
shellshock.io/img/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shellshock.io/img/settings.png
Requested by
Host: shellshock.io
URL: http://shellshock.io/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:30c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
cb8eb942036ba2d7a1c231ce9c9ecb3d59d5bd09d933701e4526a03a14c87481

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shellshock.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://shellshock.io/
Cookie
__cfduid=d99c1eb319d8e47970db6ec871985c0511514665699
Connection
keep-alive
Cache-Control
no-cache
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sat, 30 Dec 2017 20:28:20 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 03 Nov 2017 18:51:46 GMT
Server
cloudflare-nginx
ETag
"cda-55d1898b472fe"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
3d57beb154342666-FRA
Content-Length
3290
Expires
Sun, 31 Dec 2017 00:28:20 GMT
home.png
shellshock.io/img/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shellshock.io/img/home.png
Requested by
Host: shellshock.io
URL: http://shellshock.io/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:30c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
b4491951ca432a412ab62779be7e2a13c31deaf8bc5103d0fabb23f87350eeb3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shellshock.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://shellshock.io/
Cookie
__cfduid=d99c1eb319d8e47970db6ec871985c0511514665699
Connection
keep-alive
Cache-Control
no-cache
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sat, 30 Dec 2017 20:28:20 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 03 Nov 2017 18:51:45 GMT
Server
cloudflare-nginx
ETag
"ba9-55d1898b25012"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
3d57beb164372666-FRA
Content-Length
2985
Expires
Sun, 31 Dec 2017 00:28:20 GMT
friends.png
shellshock.io/img/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shellshock.io/img/friends.png
Requested by
Host: shellshock.io
URL: http://shellshock.io/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:30c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
509d9d2a720462176d1ddca40d06162a0eae3e420bcbb8b6c58a3127b47530e7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shellshock.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://shellshock.io/
Cookie
__cfduid=d99c1eb319d8e47970db6ec871985c0511514665699
Connection
keep-alive
Cache-Control
no-cache
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sat, 30 Dec 2017 20:28:20 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 15 Nov 2017 02:07:09 GMT
Server
cloudflare-nginx
ETag
"cea-55dfbf606e6dd"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
3d57beb174392666-FRA
Content-Length
3306
Expires
Sun, 31 Dec 2017 00:28:20 GMT
fullScreen.png
shellshock.io/img/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shellshock.io/img/fullScreen.png
Requested by
Host: shellshock.io
URL: http://shellshock.io/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:30c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
9d7de310fa0eef502ac271ebc81f08136bc6380b67fceeb8dd75b0f1a917929a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shellshock.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://shellshock.io/
Cookie
__cfduid=d99c1eb319d8e47970db6ec871985c0511514665699
Connection
keep-alive
Cache-Control
no-cache
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sat, 30 Dec 2017 20:28:20 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 03 Nov 2017 18:51:45 GMT
Server
cloudflare-nginx
ETag
"b2c-55d1898b25012"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
3d57beb184402666-FRA
Content-Length
2860
Expires
Sun, 31 Dec 2017 00:28:20 GMT
fbevents.js
connect.facebook.net/en_US/ 		37 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: shellshock.io
URL: http://shellshock.io/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5f9215efa15f2a41a2a8e8c6ff56f57dc48779e5377e308abdbd77e5f0ab1267
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/en_US/fbevents.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
http://shellshock.io/
:scheme
https
:method
GET
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
content-length
12075
x-xss-protection
0
pragma
public
x-fb-debug
w/DjPgz1irzuLNullPFA7PN+aFrZPXk4Rizzi42KeDgKIjtL3CVOcIavzoca5+78nvb9lEm7P+kmL1+A+7syFA==
x-frame-options
DENY
date
Sat, 30 Dec 2017 20:28:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
771186996377132
connect.facebook.net/signals/config/ 		54 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/771186996377132?v=2.8.6&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
75eccb97ad7102b9a3ebeb8fbc0972368749b2d395ce304d3572cdc3e3647adc
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/signals/config/771186996377132?v=2.8.6&r=stable
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
http://shellshock.io/
:scheme
https
:method
GET
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
odh6jlNg6+UNbLI/o056PitjyzflFJBa0Xshxr/O1GY31aVP9KzTah0TZScQbZcIrJxcrpVA25yLf0yQugPpbA==
x-frame-options
DENY
date
Sat, 30 Dec 2017 20:28:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		35 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: shellshock.io
URL: http://shellshock.io/src/shellshock.min.js?1512671884
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/analytics.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://shellshock.io/
:scheme
https
:method
GET
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2017 20:19:12 GMT
server
Golfe2
age
1985
date
Sat, 30 Dec 2017 19:55:15 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14597
expires
Sat, 30 Dec 2017 21:55:15 GMT
TttUCfJ272GBgSKaOaD7KpBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/nunito/v9/ 		13 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v9/TttUCfJ272GBgSKaOaD7KpBw1xU1rKptJj_0jans920.woff2
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a3e5ca8a9e5e64939b0c7fc7bd2e49b96783d57fadfeb792a9847d1dd8bbefc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/nunito/v9/TttUCfJ272GBgSKaOaD7KpBw1xU1rKptJj_0jans920.woff2
pragma
no-cache
origin
http://shellshock.io
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Nunito:400,600,700,900
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Nunito:400,600,700,900
Origin
http://shellshock.io

Response headers

date
Mon, 11 Dec 2017 20:03:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 23:06:09 GMT
server
sffe
age
1643098
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
13744
x-xss-protection
1; mode=block
expires
Tue, 11 Dec 2018 20:03:22 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1310163396&t=pageview&_s=1&dl=http%3A%2F%2Fshellshock.io%2F&ul=en-us&de=UTF-8&dt=Shell%20Shockers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-105800112-1&cid=26037337.1514665700&jid=547281933&_gid=1030589696.1514665700&gjid=1137444124&_v=j66&z=1109991348
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-105800112-1&cid=26037337.1514665700&jid=547281933&_v=j66&z=1109991348
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-105800112-1&cid=26037337.1514665700&jid=547281933&_v=j66&z=1109991348&slf_rd=1&random=4175811065
42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-105800112-1&cid=26037337.1514665700&jid=547281933&_v=j66&z=1109991348&slf_rd=1&random=4175811065
Requested by
Host: shellshock.io
URL: http://shellshock.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400f:804::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-105800112-1&cid=26037337.1514665700&jid=547281933&_v=j66&z=1109991348&slf_rd=1&random=4175811065
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google.de
referer
http://shellshock.io/
:scheme
https
:method
GET
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2017 20:28:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2017 20:28:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-105800112-1&cid=26037337.1514665700&jid=547281933&_v=j66&z=1109991348&slf_rd=1&random=4175811065
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=771186996377132&ev=PageView&dl=http%3A%2F%2Fshellshock.io%2F%231cifuz&rl=&if=false&ts=1514665700238&sw=1600&sh=1200&v=2.8.6&r=stable&ec=0&o=28&it=1514665700012
Requested by
Host: shellshock.io
URL: http://shellshock.io/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=771186996377132&ev=PageView&dl=http%3A%2F%2Fshellshock.io%2F%231cifuz&rl=&if=false&ts=1514665700238&sw=1600&sh=1200&v=2.8.6&r=stable&ec=0&o=28&it=1514665700012
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
http://shellshock.io/
:scheme
https
:method
GET
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 30 Dec 2017 20:28:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
fr=0YARPEC7QFpL1AgqR..BaR_bk...1.0.BaR_bk.; expires=Friday, 30-Mar-2018 20:28:20 GMT; path=/; domain=.facebook.com; HttpOnly; secure
content-length
44
expires
Sat, 30 Dec 2017 20:28:20 GMT
Cj2facSP9LFhbctU5GJ2WJBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/nunito/v9/ 		14 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v9/Cj2facSP9LFhbctU5GJ2WJBw1xU1rKptJj_0jans920.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5a589afc3ad3da4af92019f2420a27e0acb10b61223fa7d67620016fd2f07b38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/nunito/v9/Cj2facSP9LFhbctU5GJ2WJBw1xU1rKptJj_0jans920.woff2
pragma
no-cache
origin
http://shellshock.io
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Nunito:400,600,700,900
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Nunito:400,600,700,900
Origin
http://shellshock.io

Response headers

date
Mon, 11 Dec 2017 19:53:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 23:05:52 GMT
server
sffe
age
1643666
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
13964
x-xss-protection
1; mode=block
expires
Tue, 11 Dec 2018 19:53:54 GMT
/
www.facebook.com/tr/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=771186996377132&ev=Microdata&dl=http%3A%2F%2Fshellshock.io%2F%231cifuz&rl=&if=false&ts=1514665701740&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22Shell%20Shockers%22%2C%22meta%3Adescription%22%3A%22Eggs%20%26%20Soldiers%20is%20a%20dish.%20It%27s%20also%20a%20game.%20Play%20in%20your%20browser%20for%20FREE%20-%20no%20download%20required!%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.6&o=28
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=771186996377132&ev=Microdata&dl=http%3A%2F%2Fshellshock.io%2F%231cifuz&rl=&if=false&ts=1514665701740&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22Shell%20Shockers%22%2C%22meta%3Adescription%22%3A%22Eggs%20%26%20Soldiers%20is%20a%20dish.%20It%27s%20also%20a%20game.%20Play%20in%20your%20browser%20for%20FREE%20-%20no%20download%20required!%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.6&o=28
pragma
no-cache
cookie
fr=0YARPEC7QFpL1AgqR..BaR_bk...1.0.BaR_bk.
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
http://shellshock.io/
:scheme
https
:method
GET
Referer
http://shellshock.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 30 Dec 2017 20:28:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
content-length
44
expires
Sat, 30 Dec 2017 20:28:21 GMT

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onafterprint object| onbeforeprint function| fbq function| _fbq string| version object| servers function| __decorate function| __extends object| BABYLON object| Earcut function| BulletActor function| loadResources function| setupLights function| beginAnimation function| startGame function| onCanvasClick function| onCanvasMouseDown function| onCanvasMouseUp function| onCanvasMouseMove function| onLoadingComplete function| setUpSocket function| shellFragBurst function| createMapCells function| buildMapMesh function| update function| hitPlayer function| serverSync function| addPlayer function| removePlayer function| reloadWeapon function| rebuildPlayerList function| updateBestStreakUi function| updateAmmoUi function| addChat function| captureKeys function| releaseKeys function| inputDown function| inputUp function| onKeyDown function| onKeyUp function| HitIndicator function| Reticle function| inviteFriends function| copyFriendCode function| Eggk47Actor function| DozenGaugeActor function| CSG1Actor function| Cluck9mmActor function| ItemActor function| AmmoActor function| ItemManager function| getKeyByValue function| selectServer function| resize function| onResourcesLoaded function| getRequest function| openJoinBox function| closeJoinBox function| login function| setVolume function| setMouseSensitivity function| setMouseInvert function| getStoredNumber function| getStoredString function| refactorConfigKeys function| setControl function| configKey function| startAlertBar function| openAlertDialog function| closeAlertDialog function| resetGameUI function| showMainMenuConfirm function| reloadPage function| showMainMenu function| hideMainMenu function| toggleFullscreen function| onFullscreenChange function| openSettingsMenu function| closeSettingsMenu function| showChangelog function| PlayerActor function| loadMapMeshes function| loadObjectMeshes function| loadSounds function| loadMaterials function| loadMeshes function| Bullet function| Gun function| Eggk47 function| DozenGauge function| CSG1 function| Cluck9mm function| MunitionsManager function| Player function| Pool object| Meshes object| Materials object| Sounds undefined| mapMesh undefined| bulletHoleManager undefined| respawnTime undefined| players undefined| keyIsDown undefined| map undefined| inputTally undefined| light undefined| camera undefined| uiCamera undefined| me undefined| lastTimeStamp undefined| lastDelta undefined| fps undefined| fpsSum undefined| fpsIdx undefined| reticle undefined| hitIndicator undefined| munitionsManager undefined| itemManager object| lastMouseMovement undefined| killDisplayTimeout undefined| SPS number| rotInc undefined| pingStartTime object| controlToBitmask string| fbAppId undefined| engine undefined| scene undefined| canvas undefined| shadowGen undefined| engineCaps undefined| ws undefined| selectedClass undefined| selectedServer undefined| meId undefined| username undefined| gameSession undefined| facebookId undefined| gameStartTime undefined| pingTotal undefined| pingSamples undefined| fpsTotal undefined| fpsSamples undefined| nextPingSample boolean| inGame undefined| uniqueId undefined| uniqueKey undefined| mapIdx undefined| privateGame boolean| playOffline object| mapTest object| settings object| inputToControlMap function| ga undefined| controlEl number| alertBarInterval object| Comm object| MAP object| GameMap object| minMaps object| CONTROL object| classes string| GoogleAnalyticsObject object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.shellshock.io/ Name: _gat
Value: 1
.shellshock.io/ Name: _gid
Value: GA1.2.1030589696.1514665700
.shellshock.io/ Name: _ga
Value: GA1.2.26037337.1514665700
.shellshock.io/ Name: __cfduid
Value: d99c1eb319d8e47970db6ec871985c0511514665699

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
shellshock.io
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
2400:cb00:2048:1::6818:20c
2400:cb00:2048:1::6818:30c
2a00:1450:4001:81a::2004
2a00:1450:4001:81a::200e
2a00:1450:4001:81e::200a
2a00:1450:4001:821::2003
2a00:1450:400c:c04::9b
2a00:1450:400f:804::2003
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
064fb3ccc06142ecf71f7ba8f9d2ef63f42c950ddace9c496473b86e99266fe7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17fe1a610a29b9d9c21f3a7642d3be2c7aef3c86ccb0dcc8f4ca1e262922fd24
2b98a0ecce4b8aa9201f444ace2468803778251ec18a08376b5462589c640a8f
484e85704d2cdd3af2d9acdf3b40659e8fb1d958bceb282659ff5f0ab3c2dc0a
509d9d2a720462176d1ddca40d06162a0eae3e420bcbb8b6c58a3127b47530e7
528df08733a01629f48c9db11b3059d7df5243400544932e0cd2221d08d9ed93
5a589afc3ad3da4af92019f2420a27e0acb10b61223fa7d67620016fd2f07b38
5f9215efa15f2a41a2a8e8c6ff56f57dc48779e5377e308abdbd77e5f0ab1267
74970f8ed20b35850f09f0a59bb8b09802fc7feb05464044fd3db55359579b53
75eccb97ad7102b9a3ebeb8fbc0972368749b2d395ce304d3572cdc3e3647adc
9d7de310fa0eef502ac271ebc81f08136bc6380b67fceeb8dd75b0f1a917929a
a3e5ca8a9e5e64939b0c7fc7bd2e49b96783d57fadfeb792a9847d1dd8bbefc6
a53a0395a995bd12180fb79ef1adf9601c009b21f8c2392d48bf67520ffad3a4
b4491951ca432a412ab62779be7e2a13c31deaf8bc5103d0fabb23f87350eeb3
cb8eb942036ba2d7a1c231ce9c9ecb3d59d5bd09d933701e4526a03a14c87481
eac55324ac76992b32f9a39106ec4f1355831ebba1fbca8bab29c7cb82b72812
eeaa6aff43db5b0151a093493b34aae54b6342f4c3185ccde27e0083a187135c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7