webcache.googleusercontent.com Open in urlscan Pro
2a00:1450:4001:80e::2001  Public Scan

Submitted URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-t...
Effective URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-t...
Submission: On May 29 via api from IE — Scanned from DE

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 51 HTTP transactions. The main IP is 2a00:1450:4001:80e::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is webcache.googleusercontent.com. The Cisco Umbrella rank of the primary domain is 56822.
TLS certificate: Issued by GTS CA 1C3 on May 4th 2022. Valid for: 3 months.
This is the only time webcache.googleusercontent.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

Apex Domain
Subdomains
Transfer
14 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 308
284 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
203 KB
11 pushmono.com
pushmono.com
63 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
5 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11060
554 B
1 ampproject.net
d-31926467182050088487.ampproject.net
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8526
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 768
650 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
348 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
69 KB
1 googleusercontent.com
webcache.googleusercontent.com — Cisco Umbrella Rank: 56822
27 KB
0 mafia-download.com Failed
mafia-download.com Failed
51 13
Domain Requested by
14 cdn.ampproject.org webcache.googleusercontent.com
cdn.ampproject.org
pagead2.googlesyndication.com
11 pushmono.com webcache.googleusercontent.com
pushmono.com
8 pagead2.googlesyndication.com webcache.googleusercontent.com
pagead2.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
cdn.ampproject.org
1 www.google.com tpc.googlesyndication.com
1 my.rtmark.net webcache.googleusercontent.com
1 d-31926467182050088487.ampproject.net cdn.ampproject.org
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com webcache.googleusercontent.com
1 webcache.googleusercontent.com
0 mafia-download.com Failed webcache.googleusercontent.com
51 15

This site contains links to these domains. Also see Links.

Domain
mafia-download.com
support.google.com
easilydownload.com
www.4shared.com
Subject Issuer Validity Valid
*.googleusercontent.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
pushmono.com
R3
2022-04-14 -
2022-07-13
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.google.de
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA
2021-11-20 -
2022-11-26
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
www.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh

This page contains 7 frames:

Primary Page: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Frame ID: DB501AEFFF0A1FCA785A7E57C0C20709
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html
Frame ID: 9FA01BDB90492F87DF127EE9F504E4E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8792971168827506&output=html&adk=1812271804&adf=3025194257&lmt=1653821500&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwebcache.googleusercontent.com%2Fsearch%3Fq%3Dcache%3AslvR0QRSpbQJ%3Ahttps%3A%2F%2Fmafia-download.com%2Ffile%2FGMIsdAXTea%2Fsaltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%2520%26cd%3D1%26hl%3Diw%26ct%3Dclnk%26gl%3Dil&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653821500542&bpp=2&bdt=221&idt=119&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2891249287590&frm=20&pv=2&ga_vid=1828784455.1653821501&ga_sid=1653821501&ga_hid=1296997776&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44761044%2C31067487&oid=2&pvsid=1653545361207864&pem=332&tmod=369545573&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=134
Frame ID: 616B53235A9572EC7E020F744852C459
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8792971168827506&output=html&h=280&slotname=4777130136&adk=3582580039&adf=126661732&pi=t.ma~as.4777130136&w=652&fwrn=4&fwrnh=100&lmt=1653821500&rafmt=1&psa=0&format=652x280&url=https%3A%2F%2Fwebcache.googleusercontent.com%2Fsearch%3Fq%3Dcache%3AslvR0QRSpbQJ%3Ahttps%3A%2F%2Fmafia-download.com%2Ffile%2FGMIsdAXTea%2Fsaltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%2520%26cd%3D1%26hl%3Diw%26ct%3Dclnk%26gl%3Dil&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653821500546&bpp=2&bdt=225&idt=139&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2891249287590&frm=20&pv=1&ga_vid=1828784455.1653821501&ga_sid=1653821501&ga_hid=1296997776&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=474&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44761044%2C31067487&oid=2&pvsid=1653545361207864&pem=332&tmod=369545573&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ytle4bxB0e&p=https%3A//webcache.googleusercontent.com&dtd=146
Frame ID: FB3A0FAC5AC433BD93BC521D752939F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8792971168827506&output=html&h=163&slotname=4864544447&adk=3664531145&adf=1604659160&pi=t.ma~as.4864544447&w=652&fwrn=4&lmt=1653821500&rafmt=11&psa=0&format=652x163&url=https%3A%2F%2Fwebcache.googleusercontent.com%2Fsearch%3Fq%3Dcache%3AslvR0QRSpbQJ%3Ahttps%3A%2F%2Fmafia-download.com%2Ffile%2FGMIsdAXTea%2Fsaltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%2520%26cd%3D1%26hl%3Diw%26ct%3Dclnk%26gl%3Dil&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653821500548&bpp=1&bdt=228&idt=148&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C652x280&nras=1&correlator=2891249287590&frm=20&pv=1&ga_vid=1828784455.1653821501&ga_sid=1653821501&ga_hid=1296997776&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=474&ady=1009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44761044%2C31067487&oid=2&pvsid=1653545361207864&pem=332&tmod=369545573&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VmioS1scTr&p=https%3A//webcache.googleusercontent.com&dtd=152
Frame ID: 4AFE0D23A47EF343BCA25A6086A29400
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 00345EACE89A89300AE07C60B69EA466
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 68B09461CC611C9A668CA7FC09B9611A
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

SALTINBANK - Pure PRIVESC Techniques CTF _CRON JOB, LD_PRELOAD, C, SO_ BYPASS CONTAINER ! ( 360 X 640 ).mp4 download | Mafia-download.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

51
Requests

98 %
HTTPS

79 %
IPv6

13
Domains

15
Subdomains

15
IPs

3
Countries

656 kB
Transfer

2065 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request search
webcache.googleusercontent.com/
109 KB
27 KB
Document
General
Full URL
https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
6b5e9a31f45432949caf9d1d0daba90db878a092de52ead21d87fa1d88fde7e5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-Viewport-Width Sec-CH-Viewport-Height Sec-CH-DPR Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in
unload
cache-control
private, max-age=0
content-encoding
br
content-length
26255
content-type
text/html; charset=UTF-8
date
Sun, 29 May 2022 10:51:40 GMT
expires
-1
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
gws
x-frame-options
SAMEORIGIN
x-xss-protection
0
v0.js
cdn.ampproject.org/
276 KB
71 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: webcache.googleusercontent.com
URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d69a45fa7d8c1425f31392db641130d32246e320baec10aadeff470cd86a17f7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72515
x-xss-protection
0
server
sffe
date
Sun, 29 May 2022 10:51:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"5680f22524f13c90"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 29 May 2022 10:51:40 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/
31 KB
11 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: webcache.googleusercontent.com
URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6782e68f18ac73cc34b217bed34a8427ea3b95bde41336f561c86157d05de34
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
sffe
date
Sun, 29 May 2022 10:51:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"b3b207ae67371e14"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 29 May 2022 10:51:40 GMT
amp-accordion-0.1.js
cdn.ampproject.org/v0/
17 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-accordion-0.1.js
Requested by
Host: webcache.googleusercontent.com
URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44622ad81d00376a115d53533ed61fe1e479a6e7aa36b3072765cbba0b46ec16
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5853
x-xss-protection
0
server
sffe
date
Sun, 29 May 2022 10:51:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"1a20bba03760283b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 29 May 2022 10:51:40 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/
109 KB
31 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: webcache.googleusercontent.com
URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
555ab5344578d8199dc2a6ae12cd9254144d887a9dbe904602b1c810aa9e82b3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31942
x-xss-protection
0
server
sffe
date
Sun, 29 May 2022 10:51:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"d78ebfac2115dec2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 29 May 2022 10:51:42 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/
81 KB
23 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: webcache.googleusercontent.com
URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f99b855a657f18ad1d306ad2571dba92c2ee5862faf4756e44eea8c06328563e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23017
x-xss-protection
0
server
sffe
date
Sun, 29 May 2022 10:51:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"e5d9412e7499249e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 29 May 2022 10:51:42 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/
24 KB
7 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: webcache.googleusercontent.com
URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90c950139e6ebc28bddf52939001120b42f4a06925ce9d2b556eff089b6d6b3a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7576
x-xss-protection
0
server
sffe
date
Sun, 29 May 2022 10:51:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"29ae9f9a66616d35"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 29 May 2022 10:51:40 GMT
ntfc.php
pushmono.com/
28 KB
11 KB
Script
General
Full URL
https://pushmono.com/ntfc.php?p=2938639
Requested by
Host: webcache.googleusercontent.com
URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0ab28d87daf672d752627367bae34cee308b97b5bb725e29b6823ebc80fecadd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 May 2022 10:51:40 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 13:49:57 GMT
server
nginx
etag
W/"628e3405-6e33"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
160 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8792971168827506
Requested by
Host: webcache.googleusercontent.com
URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b381f02c205cfd19fb20d60d82183cfc20e3859752539a08d351d5fc9136350
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webcache.googleusercontent.com/
Origin
https://webcache.googleusercontent.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 10:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56185
x-xss-protection
0
server
cafe
etag
5235754732512739192
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 29 May 2022 10:51:40 GMT
js
www.googletagmanager.com/gtag/
191 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RBNEBCK9MT
Requested by
Host: webcache.googleusercontent.com
URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
451331c6c8cf257d8466074218238e1ae46e522d533d3eabb24c2fbb1d9db52b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 10:51:40 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70049
x-xss-protection
0
expires
Sun, 29 May 2022 10:51:40 GMT
zone
pushmono.com/
697 B
994 B
Fetch
General
Full URL
https://pushmono.com/zone?pub=0&zone_id=2938639&is_mobile=false&domain=webcache.googleusercontent.com&var=&ymid=&var_3=
Requested by
Host: pushmono.com
URL: https://pushmono.com/ntfc.php?p=2938639
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6ce875c03f54b8df0cada10252c969767a29261039550d8fb401dcf218d237c9
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-trace-id
235a2a7e58fcc5b1b3f1934bbf5d3488
date
Sun, 29 May 2022 10:51:40 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://webcache.googleusercontent.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
697
universal.min.js
pushmono.com/pfe/current/
147 KB
50 KB
Fetch
General
Full URL
https://pushmono.com/pfe/current/universal.min.js?v=3.1.380
Requested by
Host: pushmono.com
URL: https://pushmono.com/ntfc.php?p=2938639
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0eac6b5f41d0f2427f6aeda18b9665a82ded261f7bc0d009216b0231479faf5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 May 2022 10:51:40 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 13:49:57 GMT
server
nginx
etag
W/"628e3405-24bfc"
content-type
application/javascript
access-control-allow-origin
https://webcache.googleusercontent.com
cache-control
no-cache
access-control-allow-credentials
true
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/
314 KB
112 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8792971168827506&plah=webcache.googleusercontent.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8792971168827506
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b5df96ca8e9d69d855dc5938dc8cb7452d83541c53f153f587ddd22820d4aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 10:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114518
x-xss-protection
0
server
cafe
etag
13947364280341437766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 29 May 2022 10:51:40 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/ Frame 9FA0
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8792971168827506
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webcache.googleusercontent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
48316
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4402
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 28 May 2022 21:26:24 GMT
etag
1327746537699501093
expires
Sat, 11 Jun 2022 21:26:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012205120110001/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012205120110001/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69edcbb1e2908a1e8d08f6d137fceb3b1e417fa86f26fe82e28e7dcc0a5719ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webcache.googleusercontent.com/
Origin
https://webcache.googleusercontent.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
399894
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2976
x-xss-protection
0
server
sffe
date
Tue, 24 May 2022 19:46:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6ef7db199c915388"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 May 2023 19:46:46 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012205120110001/v0/
81 KB
23 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012205120110001/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f99b855a657f18ad1d306ad2571dba92c2ee5862faf4756e44eea8c06328563e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webcache.googleusercontent.com/
Origin
https://webcache.googleusercontent.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
399894
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23017
x-xss-protection
0
server
sffe
date
Tue, 24 May 2022 19:46:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e5d9412e7499249e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 May 2023 19:46:46 GMT
ama
pagead2.googlesyndication.com/getconfig/
64 B
106 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-8792971168827506&plah=mafia-download.com&ama_t=amp&url=http%3A%2F%2Fmafia-download.com%2Ffile%2FGMIsdAXTea%2Fsaltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html&__amp_source_origin=https%3A%2F%2Fwebcache.googleusercontent.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096049fba7550b97562184243c86332dea94eec11d7c3867d79b7217929b70db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://webcache.googleusercontent.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 29 May 2022 10:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
collect
www.google-analytics.com/g/
0
348 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-RBNEBCK9MT&gtm=2oe5p1&_p=1296997776&_z=ccd.tdB&cid=1828784455.1653821501&ul=en-us&sr=1600x1200&_s=1&sid=1653821500&sct=1&seg=0&dl=https%3A%2F%2Fwebcache.googleusercontent.com%2Fsearch%3Fq%3Dcache%3AslvR0QRSpbQJ%3Ahttps%3A%2F%2Fmafia-download.com%2Ffile%2FGMIsdAXTea%2Fsaltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%2520%26cd%3D1%26hl%3Diw%26ct%3Dclnk%26gl%3Dil&dt=SALTINBANK%20-%20Pure%20PRIVESC%20Techniques%20CTF%20_CRON%20JOB%2C%20LD_PRELOAD%2C%20C%2C%20SO_%20BYPASS%20CONTAINER%20!%20(%20360%20X%20640%20).mp4%20download%20%7C%20Mafia-download.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RBNEBCK9MT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 May 2022 10:51:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://webcache.googleusercontent.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
225 B
650 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=webcache.googleusercontent.com&callback=_gfp_s_&client=ca-pub-8792971168827506
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8792971168827506&plah=webcache.googleusercontent.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ccb78ca2c969f86cf6c1e49f36fe25338c73b0e2ce2aba732c50a7a6de45ba61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 10:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=webcache.googleusercontent.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8792971168827506&plah=webcache.googleusercontent.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 29 May 2022 10:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=webcache.googleusercontent.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8792971168827506&plah=webcache.googleusercontent.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 29 May 2022 10:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwebcache.googleusercontent.com%2Fsearch%3Fq%3Dcache%3AslvR0QRSpbQJ%3Ahttps%3A%2F%2Fmafia-download.com%2Ffile%2FGMIsdAXTea%2Fsaltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%2520%26cd%3D1%26hl%3Diw%26ct%3Dclnk%26gl%3Dil&tn=HEADER&cls=ampstart-headerbar%20fixed%20flex%20justify-start%20items-center%20top-0%20left-0%20right-0%20pl2%20pr4&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: webcache.googleusercontent.com
URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 May 2022 10:51:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 616B
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8792971168827506&output=html&adk=1812271804&adf=3025194257&lmt=1653821500&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwebcache.googleusercontent.com%2Fsearch%3Fq%3Dcache%3AslvR0QRSpbQJ%3Ahttps%3A%2F%2Fmafia-download.com%2Ffile%2FGMIsdAXTea%2Fsaltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%2520%26cd%3D1%26hl%3Diw%26ct%3Dclnk%26gl%3Dil&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653821500542&bpp=2&bdt=221&idt=119&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2891249287590&frm=20&pv=2&ga_vid=1828784455.1653821501&ga_sid=1653821501&ga_hid=1296997776&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44761044%2C31067487&oid=2&pvsid=1653545361207864&pem=332&tmod=369545573&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=134
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8792971168827506&plah=webcache.googleusercontent.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webcache.googleusercontent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 29 May 2022 10:51:40 GMT
expires
Sun, 29 May 2022 10:51:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012205120110001/v0/
39 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012205120110001/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a9fb9c8151af1869b5a789d3b69d622e24b1464b4fdbb56de420b1dc45d797f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webcache.googleusercontent.com/
Origin
https://webcache.googleusercontent.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
399889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10214
x-xss-protection
0
server
sffe
date
Tue, 24 May 2022 19:46:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"612e98e68a83b80d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 May 2023 19:46:51 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012205120110001/v0/
213 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012205120110001/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62b3ef717b1dd8f7bfd8d3dcbc26cdaa0f8dbf5cca22c4939f907c41aa80b6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webcache.googleusercontent.com/
Origin
https://webcache.googleusercontent.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
399878
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57764
x-xss-protection
0
server
sffe
date
Tue, 24 May 2022 19:47:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b7bde1280e265856"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 May 2023 19:47:02 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FB3A
436 B
236 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8792971168827506&output=html&h=280&slotname=4777130136&adk=3582580039&adf=126661732&pi=t.ma~as.4777130136&w=652&fwrn=4&fwrnh=100&lmt=1653821500&rafmt=1&psa=0&format=652x280&url=https%3A%2F%2Fwebcache.googleusercontent.com%2Fsearch%3Fq%3Dcache%3AslvR0QRSpbQJ%3Ahttps%3A%2F%2Fmafia-download.com%2Ffile%2FGMIsdAXTea%2Fsaltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%2520%26cd%3D1%26hl%3Diw%26ct%3Dclnk%26gl%3Dil&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653821500546&bpp=2&bdt=225&idt=139&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2891249287590&frm=20&pv=1&ga_vid=1828784455.1653821501&ga_sid=1653821501&ga_hid=1296997776&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=474&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44761044%2C31067487&oid=2&pvsid=1653545361207864&pem=332&tmod=369545573&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ytle4bxB0e&p=https%3A//webcache.googleusercontent.com&dtd=146
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8792971168827506&plah=webcache.googleusercontent.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
48a93117af0ebc11d2e3416569823ac502dbeac8bd056aa775146f635ec44d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webcache.googleusercontent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 29 May 2022 10:51:40 GMT
expires
Sun, 29 May 2022 10:51:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4AFE
436 B
235 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8792971168827506&output=html&h=163&slotname=4864544447&adk=3664531145&adf=1604659160&pi=t.ma~as.4864544447&w=652&fwrn=4&lmt=1653821500&rafmt=11&psa=0&format=652x163&url=https%3A%2F%2Fwebcache.googleusercontent.com%2Fsearch%3Fq%3Dcache%3AslvR0QRSpbQJ%3Ahttps%3A%2F%2Fmafia-download.com%2Ffile%2FGMIsdAXTea%2Fsaltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%2520%26cd%3D1%26hl%3Diw%26ct%3Dclnk%26gl%3Dil&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653821500548&bpp=1&bdt=228&idt=148&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C652x280&nras=1&correlator=2891249287590&frm=20&pv=1&ga_vid=1828784455.1653821501&ga_sid=1653821501&ga_hid=1296997776&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=474&ady=1009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C44761044%2C31067487&oid=2&pvsid=1653545361207864&pem=332&tmod=369545573&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VmioS1scTr&p=https%3A//webcache.googleusercontent.com&dtd=152
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8792971168827506&plah=webcache.googleusercontent.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d983c514a98bdfcb5f004d455873122d660a7aa1ef2a7c4b0bb99f545ca833f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webcache.googleusercontent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 29 May 2022 10:51:40 GMT
expires
Sun, 29 May 2022 10:51:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012205120110001/v0/
109 KB
31 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012205120110001/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
555ab5344578d8199dc2a6ae12cd9254144d887a9dbe904602b1c810aa9e82b3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webcache.googleusercontent.com/
Origin
https://webcache.googleusercontent.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
399889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31942
x-xss-protection
0
server
sffe
date
Tue, 24 May 2022 19:46:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d78ebfac2115dec2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 May 2023 19:46:51 GMT
integrator.json
adservice.google.com/adsid/
86 B
232 B
Fetch
General
Full URL
https://adservice.google.com/adsid/integrator.json?domain=mafia-download.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://webcache.googleusercontent.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 29 May 2022 10:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://webcache.googleusercontent.com
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-31926467182050088487.ampproject.net/2205120110001/
0
0
Other
General
Full URL
https://d-31926467182050088487.ampproject.net/2205120110001/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

amp-loader-0.1.js
cdn.ampproject.org/rtv/012205120110001/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012205120110001/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa8720280e359586de5d83a5a2ddc3e8f59caee5fe7be201796f7dfa063e30ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webcache.googleusercontent.com/
Origin
https://webcache.googleusercontent.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
399894
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3845
x-xss-protection
0
server
sffe
date
Tue, 24 May 2022 19:46:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3a6dc050aec0dfb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 May 2023 19:46:46 GMT
custom
pushmono.com/ Frame
0
0
Preflight
General
Full URL
https://pushmono.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://webcache.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://webcache.googleusercontent.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 29 May 2022 10:51:40 GMT
server
nginx
custom
pushmono.com/
39 B
335 B
Fetch
General
Full URL
https://pushmono.com/custom
Requested by
Host: webcache.googleusercontent.com
URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://webcache.googleusercontent.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
0a8de38348df49804d4f4faf1c0130e6
date
Sun, 29 May 2022 10:51:40 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://webcache.googleusercontent.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
sw.js
mafia-download.com/
0
0

amp4ads-host-v0.js
cdn.ampproject.org/
23 KB
8 KB
Script
General
Full URL
https://cdn.ampproject.org/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8792971168827506&plah=webcache.googleusercontent.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b1a305da350bc055d16465a63764af0d8ecc55219c3e2491aa3ffeade125a7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7847
x-xss-protection
0
server
sffe
date
Sun, 29 May 2022 10:51:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"33d424766c6f5905"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 29 May 2022 10:51:40 GMT
googleanalytics.json
cdn.ampproject.org/rtv/012205120110001/v0/analytics-vendors/
2 KB
812 B
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012205120110001/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://webcache.googleusercontent.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
399889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
782
x-xss-protection
0
server
sffe
date
Tue, 24 May 2022 19:46:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8ad5a3d95588a7c0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 May 2023 19:46:51 GMT
custom
pushmono.com/ Frame
0
0
Preflight
General
Full URL
https://pushmono.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://webcache.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://webcache.googleusercontent.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 29 May 2022 10:51:41 GMT
server
nginx
custom
pushmono.com/
39 B
335 B
Fetch
General
Full URL
https://pushmono.com/custom
Requested by
Host: webcache.googleusercontent.com
URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://webcache.googleusercontent.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
7dd7b848a921d1e193bcd9e97cb1415e
date
Sun, 29 May 2022 10:51:41 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://webcache.googleusercontent.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
gid.js
my.rtmark.net/
65 B
554 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=0d69d5063d0d4511b6ebb452130abc25&zoneId=2938639&checkDuplicate=true&ymid=&var=
Requested by
Host: webcache.googleusercontent.com
URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a992bb5e9763101f23df0cf17b7af3c0b30d394c0eb302c844f3488260598920
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 10:51:41 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://webcache.googleusercontent.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
event
pushmono.com/ Frame
0
0
Preflight
General
Full URL
https://pushmono.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://webcache.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://webcache.googleusercontent.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 29 May 2022 10:51:41 GMT
server
nginx
event
pushmono.com/
94 B
390 B
Fetch
General
Full URL
https://pushmono.com/event
Requested by
Host: webcache.googleusercontent.com
URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ac49810369066b9508e6615d6eff44ca95c197ca9c57ef5f133f38c66d336355
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://webcache.googleusercontent.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
27bcefed13d47dc2abf1092950879814
date
Sun, 29 May 2022 10:51:41 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://webcache.googleusercontent.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
94
custom
pushmono.com/ Frame
0
0
Preflight
General
Full URL
https://pushmono.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://webcache.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://webcache.googleusercontent.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 29 May 2022 10:51:43 GMT
server
nginx
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220525&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8792971168827506&plah=webcache.googleusercontent.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4eba9f6f9e267cc17934021e148dd9825ceb5b73ada75e01c51d0c0b6cb42ce5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 29 May 2022 10:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10566
x-xss-protection
0
custom
pushmono.com/
39 B
335 B
Fetch
General
Full URL
https://pushmono.com/custom
Requested by
Host: webcache.googleusercontent.com
URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://webcache.googleusercontent.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
0b6a1bf5b9eb9abd886d2577df76a490
date
Sun, 29 May 2022 10:51:43 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://webcache.googleusercontent.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8792971168827506&plah=webcache.googleusercontent.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 10:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 29 May 2022 10:51:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0034
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webcache.googleusercontent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9459
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 May 2022 08:14:04 GMT
expires
Mon, 29 May 2023 08:14:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 68B0
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fc2c26b7bb7b0f813e61dc47dcc4f8d645a3619dd9cef4ddcda8727c9fbf1f0c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-E4Z9goAN3t_xPp2Cab-p1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://webcache.googleusercontent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-E4Z9goAN3t_xPp2Cab-p1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 29 May 2022 10:51:43 GMT
expires
Sun, 29 May 2022 10:51:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame 0034
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 07:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
11095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 May 2023 07:46:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 68B0
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220525&jk=1653545361207864&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 0034
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?kuzugg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 10:51:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220525&jk=1653545361207864&bg=!h4SlhMDNAAao8wy8iPM7ACkAdvg8WsS6YYQuyzbKGZBYkId9Zp2aQtfnWZxgrFeQ-oF0iKqfWdto6gIAAABBUgAAAAloAQeZArgSfV_WNDZNxHcR5Cp6L9n8A-u6koTi6Ig9aXBkz3ToD8JPreC9aU5ODgkslO04riK2d9-JSyfUka9eId7WY7WJ1ajoXlAmTxKtYsG4XE61r4p32gHUN43H0zdnxgJe7GSfJ5iXvi1ZRRQvyM3n9yaoei7B_k87s8iIRavqcNbTtyfem_tOPz4kMgz-tA2aZx_HPfIoUsE5DrDIeqOBB1q3rlei2TzAqCxsTuDmBkyH6ZNtcqRuhMuRR0fu7KP6R7qDq8Yfrvk6jCgdwX1TuhvPIhTdW6usfx42DliDU8XIWxnwwhW29YfKg4-AXRSTYtg6hSM4O9aIRd1-VVn5xD4WW8r8b0uXR2KbA2yNaDdWRWSZEz57hHdnN64T1p_kUtIPDtQq2Ih1M9JPElk5JEEqkvXa3vXb26AqEufJe7IxdKvqEzIIeTpxZIU7-uS_5JSQrSj_2qCS4SeaUWfZaUwkzjMvhzr6GeGWAIZcbv7m71phDuTTQw8O_RiGnHqjiAIsZevVZHA2W0fwpxW-qDUhiCwrXbdBAqhLMozsyOdH5mmPi8w6n7cGsJb_1lE0NF5aIX6xcV2M7REwk_GR60KSeXZtdMBOyOm3zjAfOl8-6snWufcirsA528nahtsTLUqVJ-25k5zwd985_I14PogYwXm2Kl3iL3LsQ1PmS7KhN7BeZPvwzzP49ljvMKIrsQYgAC_6UhpqsfRgZg_HK-xzVzWQGPHCitM_RjXViRielBwLPGIvFaNDCWBazqxaZNJJ5EnyMhklQPncygh01oy8oPT3CogO1mI1Fv8QCW_URIASl6oU4DeueC7Ujn8dBvG6OJU1RWyFWce6Wu35XWfiGfuseBE3-tzqkZ53WZi13TWiTvhXPaqm8rqVbciNVpPv5I4AFrEcYfBvFG-jztffURqJEfkO52w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webcache.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mafia-download.com
URL
https://mafia-download.com/sw.js

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation string| k object| _87a8gel59xg object| zfgformats function| setImmediate function| clearImmediate function| _vzvmheqj function| _tdtfmoyk object| adsbygoogle object| AMP function| gtag object| dataLayer object| regeneratorRuntime object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| google_tag_manager string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal object| sdk function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN boolean| installOnFly number| ampAdGoogleIfiCounter number| ampAdPageCorrelator boolean| ampInaboxInitialized object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode object| GoogleGcLKhOms

6 Cookies

Domain/Path Name / Value
.googleusercontent.com/ Name: CONSENT
Value: PENDING+727
.googleusercontent.com/ Name: _ga_RBNEBCK9MT
Value: GS1.1.1653821500.1.0.1653821500.0
.googleusercontent.com/ Name: _ga
Value: GA1.1.1828784455.1653821501
.googleusercontent.com/ Name: __gads
Value: ID=b9237ee443a72d62-22a4d6e7a1cd00b5:T=1653821500:RT=1653821500:S=ALNI_MbzM2NLkci7Na5f-NJHzV5GSc3AOg
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
my.rtmark.net/ Name: ID
Value: 0d69d5063d0d4511b6ebb452130abc25

2 Console Messages

Source Level URL
Text
javascript error URL: https://webcache.googleusercontent.com/search?q=cache:slvR0QRSpbQJ:https://mafia-download.com/file/GMIsdAXTea/saltinbank-pure-privesc-techniques-ctf-cron-job-ld-preload-c-so-bypass-container-360-x-640-mp4.html%20&cd=1&hl=iw&ct=clnk&gl=il
Message:
Access to fetch at 'https://mafia-download.com/sw.js' from origin 'https://webcache.googleusercontent.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://mafia-download.com/sw.js
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.ampproject.org
d-31926467182050088487.ampproject.net
googleads.g.doubleclick.net
mafia-download.com
my.rtmark.net
pagead2.googlesyndication.com
partner.googleadservices.com
pushmono.com
tpc.googlesyndication.com
webcache.googleusercontent.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
mafia-download.com
139.45.195.8
139.45.197.250
142.250.186.66
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
096049fba7550b97562184243c86332dea94eec11d7c3867d79b7217929b70db
0ab28d87daf672d752627367bae34cee308b97b5bb725e29b6823ebc80fecadd
0eac6b5f41d0f2427f6aeda18b9665a82ded261f7bc0d009216b0231479faf5f
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
44622ad81d00376a115d53533ed61fe1e479a6e7aa36b3072765cbba0b46ec16
451331c6c8cf257d8466074218238e1ae46e522d533d3eabb24c2fbb1d9db52b
48a93117af0ebc11d2e3416569823ac502dbeac8bd056aa775146f635ec44d8d
4eba9f6f9e267cc17934021e148dd9825ceb5b73ada75e01c51d0c0b6cb42ce5
555ab5344578d8199dc2a6ae12cd9254144d887a9dbe904602b1c810aa9e82b3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b3ef717b1dd8f7bfd8d3dcbc26cdaa0f8dbf5cca22c4939f907c41aa80b6f0
69edcbb1e2908a1e8d08f6d137fceb3b1e417fa86f26fe82e28e7dcc0a5719ba
6b5e9a31f45432949caf9d1d0daba90db878a092de52ead21d87fa1d88fde7e5
6ce875c03f54b8df0cada10252c969767a29261039550d8fb401dcf218d237c9
7a9fb9c8151af1869b5a789d3b69d622e24b1464b4fdbb56de420b1dc45d797f
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
8b5df96ca8e9d69d855dc5938dc8cb7452d83541c53f153f587ddd22820d4aa3
90c950139e6ebc28bddf52939001120b42f4a06925ce9d2b556eff089b6d6b3a
9b381f02c205cfd19fb20d60d82183cfc20e3859752539a08d351d5fc9136350
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a992bb5e9763101f23df0cf17b7af3c0b30d394c0eb302c844f3488260598920
ac49810369066b9508e6615d6eff44ca95c197ca9c57ef5f133f38c66d336355
c6782e68f18ac73cc34b217bed34a8427ea3b95bde41336f561c86157d05de34
ccb78ca2c969f86cf6c1e49f36fe25338c73b0e2ce2aba732c50a7a6de45ba61
d69a45fa7d8c1425f31392db641130d32246e320baec10aadeff470cd86a17f7
d983c514a98bdfcb5f004d455873122d660a7aa1ef2a7c4b0bb99f545ca833f1
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1b1a305da350bc055d16465a63764af0d8ecc55219c3e2491aa3ffeade125a7
f99b855a657f18ad1d306ad2571dba92c2ee5862faf4756e44eea8c06328563e
fa8720280e359586de5d83a5a2ddc3e8f59caee5fe7be201796f7dfa063e30ba
fc2c26b7bb7b0f813e61dc47dcc4f8d645a3619dd9cef4ddcda8727c9fbf1f0c
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881