Submitted URL: http://it.hackzl.com/
Effective URL: https://it.hackzl.com/
Submission Tags: falconsandbox
Submission: On January 26 via api from US — Scanned from DE

Summary

This website contacted 18 IPs in 3 countries across 11 domains to perform 142 HTTP transactions. The main IP is 2606:4700:3030::ac43:8bc5, located in United States and belongs to CLOUDFLARENET, US. The main domain is it.hackzl.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 26th 2021. Valid for: a year.
This is the only time it.hackzl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
50 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
698 KB
26 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
334 KB
22 hackzl.com
it.hackzl.com
hackzl.com
200 KB
15 google.com
cse.google.com — Cisco Umbrella Rank: 2788
www.google.com — Cisco Umbrella Rank: 13
adservice.google.com — Cisco Umbrella Rank: 80
116 KB
11 gstatic.com
fonts.gstatic.com
p4-ctwte7lnm4t6i-kshs3tfbbaco66ja-if-v6exp3-v4.metric.gstatic.com
www.gstatic.com
81 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
224 KB
6 zx-adnet.com
cdn.zx-adnet.com — Cisco Umbrella Rank: 148236
132 KB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2853
69 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
4 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
645 B
142 11
Domain Requested by
35 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
23 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
19 hackzl.com it.hackzl.com
hackzl.com
15 pagead2.googlesyndication.com it.hackzl.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
11 www.google.com 5 redirects cse.google.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
6 www.googletagservices.com googleads.g.doubleclick.net
6 cdn.zx-adnet.com it.hackzl.com
cdn.zx-adnet.com
4 mc.yandex.ru 1 redirects it.hackzl.com
4 fonts.googleapis.com it.hackzl.com
googleads.g.doubleclick.net
3 securepubads.g.doubleclick.net cdn.zx-adnet.com
securepubads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 it.hackzl.com 1 redirects it.hackzl.com
2 p4-ctwte7lnm4t6i-kshs3tfbbaco66ja-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-ctwte7lnm4t6i-kshs3tfbbaco66ja-if-v6exp3-v4.metric.gstatic.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cse.google.com it.hackzl.com
142 18

This site contains links to these domains. Also see Links.

Domain
id.hackzl.com
www.facebook.com
twitter.com
www.google.com
dribbble.com
rss.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-26 -
2022-06-25
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
www.drivermanager.club
GTS CA 1D4
2022-01-07 -
2022-04-07
3 months crt.sh
*.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
mc.yandex.ru
Yandex CA
2021-12-22 -
2022-06-03
5 months crt.sh
www.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.google.de
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh

This page contains 23 frames:

Primary Page: https://it.hackzl.com/
Frame ID: 7C6A1BFFBA9576110543B411A1E727F6
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20190131/zrt_lookup.html
Frame ID: 57333B8FCD9E2E1D5D5CD49EFCDA4681
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&adk=1812271804&adf=3025194257&lmt=1643204964&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fit.hackzl.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964647&bpp=4&bdt=466&idt=215&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4927713405458&frm=20&pv=2&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=229
Frame ID: AB074B0F80C27B7FCE0C93642BAC8B80
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=4219723477&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964662&bpp=3&bdt=481&idt=223&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nYYM7NkWKB&p=https%3A//it.hackzl.com&dtd=229
Frame ID: 83B3F603103ACE6A6EED236B4A258E5C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=200453717&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964665&bpp=1&bdt=483&idt=231&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=evohZ4bSBV&p=https%3A//it.hackzl.com&dtd=234
Frame ID: 552142002766E4B3F1C83162D7652245
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
Frame ID: 7938D5529D89D2A6A5765570CA891162
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454
Frame ID: 6EEF5AD839969BB58CF2FFAD1B0E5336
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63E5AF87A6FFA87A5192F1E7A0DD29E6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4E3B1D8B81A2280CAB60D3B8FA5CFFF2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8FB76215A2681CDC19F8F4DDED3527C8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Frame ID: 800A7B9BB7468A30333AF49BD22AAF93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5706EB8EB368176548DA2D5C6EE23F97
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Frame ID: EA5F6D073DE6E106CC43D1CCFC9F3310
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A95986A6E9F3D22A713A25AF9D54609E
Requests: 2 HTTP requests in this frame

Frame: https://p4-ctwte7lnm4t6i-kshs3tfbbaco66ja-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 8BBCEDC8808C34FFE3C7187BCC2D0226
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1E24E60C1E48A0FB4E1AEB795064AE2E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Frame ID: A4A316870913BF7E62720BA27FF76234
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 50EE8BB2E9349B08DC3454468275FE74
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Frame ID: F4841D8C65A4E57253C3C5354B29B90A
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6D65B9647E26900F58A6AA4FD577FA68
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CF16A77FD0D638D22A364FC7A953AFE6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Frame ID: C82E28FED05F8C1486A55E8D7140789F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Frame ID: C41ED285FFC7BD1D63F8C56DDA846F32
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Principale, January 2022

Page URL History Show full URLs

  1. http://it.hackzl.com/ HTTP 301
    https://it.hackzl.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/


Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

142
Requests

99 %
HTTPS

76 %
IPv6

11
Domains

18
Subdomains

18
IPs

3
Countries

1857 kB
Transfer

5185 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://it.hackzl.com/ HTTP 301
    https://it.hackzl.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://mc.yandex.ru/watch/86364980?wmode=7&page-url=https%3A%2F%2Fit.hackzl.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod71lkz4p33%3Afp%3A210%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A730%3Acn%3A1%3Adp%3A0%3Als%3A451671722402%3Ahid%3A804283891%3Az%3A0%3Ai%3A20220126134924%3Aet%3A1643204965%3Ac%3A1%3Arn%3A674924461%3Arqn%3A1%3Au%3A1643204965945801727%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643204964032%3Ads%3A0%2C25%2C62%2C1%2C59%2C0%2C%2C211%2C0%2C591%2C591%2C1%2C361%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643204965%3At%3APrincipale%2C%20January%202022&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/86364980/1?wmode=7&page-url=https%3A%2F%2Fit.hackzl.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod71lkz4p33%3Afp%3A210%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A730%3Acn%3A1%3Adp%3A0%3Als%3A451671722402%3Ahid%3A804283891%3Az%3A0%3Ai%3A20220126134924%3Aet%3A1643204965%3Ac%3A1%3Arn%3A674924461%3Arqn%3A1%3Au%3A1643204965945801727%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643204964032%3Ads%3A0%2C25%2C62%2C1%2C59%2C0%2C%2C211%2C0%2C591%2C591%2C1%2C361%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643204965%3At%3APrincipale%2C%20January%202022&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 71
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 93
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 124
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 128
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 143
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

142 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
it.hackzl.com/
Redirect Chain
  • http://it.hackzl.com/
  • https://it.hackzl.com/
53 KB
11 KB
Document
General
Full URL
https://it.hackzl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d826a37b17609fa93b85f086a4ac4c01b7d8248f136073c7d6027bf85241e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=2678400
expires
Wed, 26 Jan 2022 13:49:29 GMT
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
MISS
last-modified
Wed, 26 Jan 2022 13:49:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCEiEWpiY9c5f2d%2F3hALEcvwi420bRnQyajTbbZlEoqnRtDlh2c9PFg4MG3GAbE3fBEdx90JICfc2AjOjvttdQOrodA0J1%2BNvzqWtby9P%2F7NzBA2A29KJhNaj4GZhT%2FCFzOTK%2B90wSjBw8UB"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d3a3451cf245c20-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Wed, 26 Jan 2022 13:49:24 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 26 Jan 2022 14:49:24 GMT
Location
https://it.hackzl.com/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCYy9Xzo%2BF2ZuKLcIDQkYOFasCAmqHsQghqUYnTF%2B48ChCr2sPRwZ2FhxHheGMus%2F9HlvsjwV%2FalEqUGsiFhzWY3s6K8rzxh63j9yU0ix3SfQl%2B8hfBXWgDs04nuNzTakk8OBcIkJdez1oNE"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6d3a3451596a920e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logohackzl.png
hackzl.com/template/wp-content/uploads/sites/8/2019/03/
2 KB
3 KB
Image
General
Full URL
https://hackzl.com/template/wp-content/uploads/sites/8/2019/03/logohackzl.png
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2df17ee009b985ac709b1ac86071246686a86fb3d3dcabfc0a873b1eb5e147a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66805
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2557
last-modified
Fri, 10 Jan 2020 12:39:43 GMT
server
cloudflare
etag
"9fd-59bc86b8201c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qto4pyvcf%2Fnp0PztS9VhjwHNrHhD5uk6j3lHzptMmL28hI9WYtMqwk9cjsyDXgngJnt7TDmfJa0HuqVAgPjHyrL1BdFSx%2F84Q40CEmIeWCQXniQyO8tH%2BZ9aj8vyS7sutfgT6OoyrSJQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6d3a345289865c20-FRA
expires
Thu, 24 Feb 2022 19:15:59 GMT
style.min.css
hackzl.com/template/wp-includes/css/dist/block-library/
40 KB
6 KB
Stylesheet
General
Full URL
https://hackzl.com/template/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66804
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 14 Nov 2019 00:42:26 GMT
server
cloudflare
etag
W/"a1fb-59743c1592080-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLWNTX9EsRA1JxRyIx7Xzu5ftSQCXuci8pOKR5Q7J1LimkDkOhlEb2hbSXps2fgdMd%2B%2FFj631hhF6reHRfI6%2FrNgc89yrUOKKcNiTRXZDxenzl%2BQiVRVos%2BEc1XmSe%2BLniHYkjaZjtEs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a345289845c20-FRA
expires
Thu, 24 Feb 2022 19:16:00 GMT
style.css
hackzl.com/template/wp-content/themes/enspire/
76 KB
15 KB
Stylesheet
General
Full URL
https://hackzl.com/template/wp-content/themes/enspire/style.css
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd892829285110decb2625a366997542ed83c7ad69162d96c4a190ab972e6843

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66805
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 12 Jan 2022 06:10:02 GMT
server
cloudflare
etag
W/"13033-5d55c6b922280-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvLuGR1MWuLfY3IIfg6ZS2eqeskqrRGLST6EE2G3MA1X3fgxqbM6wPsi1iN0TkfVuwQ3WouXk%2FlVRSZRAsyJTtWaeDysssOpwvCzTKIt5NpQroAMECeXK75WA2Ff9fqeAfVKORqO8RS2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a3452898e5c20-FRA
expires
Thu, 24 Feb 2022 19:15:59 GMT
responsive.css
hackzl.com/template/wp-content/themes/enspire/
10 KB
2 KB
Stylesheet
General
Full URL
https://hackzl.com/template/wp-content/themes/enspire/responsive.css
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baf517386dcda9e8a0a4a6b09e7feb3c2d0bab76e07798c9e136dc9e29b9aac3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66805
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 09 Jan 2020 13:51:00 GMT
server
cloudflare
etag
W/"27f5-59bb54c987900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHpZXxes7ezwGByDc8eJUQsL1t%2FQQeWf69MQYgpdzK6hvmFBpL14ldFS%2B7253%2BzYDyuCJqLLdkYkft90FpOHXnAZ9B%2Fyw3C0JrXknWq3eg6Xmi97ATsKEUixjeuy4WgTjX%2FmZ1biP%2FV5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a345289875c20-FRA
expires
Thu, 24 Feb 2022 19:15:59 GMT
font-awesome.min.css
hackzl.com/template/wp-content/themes/enspire/fonts/
30 KB
7 KB
Stylesheet
General
Full URL
https://hackzl.com/template/wp-content/themes/enspire/fonts/font-awesome.min.css
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ddf57e62a543bde300d007228be800823ee29bb65970231de681a56b260bd63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66804
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 09 Jan 2020 13:51:00 GMT
server
cloudflare
etag
W/"78c1-59bb54c987900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7%2BDaNSZFm4dW9kDBn7hqXvMP31DPgoQPEVigWlFz4e8JT8NgMM7Br8O5edD9gGCVMuNdTe4YaHwZf5kT6H2gKlpyuW1ha0GaNeX%2BxOVt9bdz4nLInrs4tCk8HHHHbaCgAIH5gVaAYR%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a3452898a5c20-FRA
expires
Thu, 24 Feb 2022 19:16:00 GMT
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ad55e6c0c91739bb8ce02dcc429d9e441562c0eafdabcd933840e633bd7a320
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 12:53:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 26 Jan 2022 13:49:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Jan 2022 13:49:24 GMT
font-awesome.css
hackzl.com/template/wp-content/font-awesome1/css/
37 KB
8 KB
Stylesheet
General
Full URL
https://hackzl.com/template/wp-content/font-awesome1/css/font-awesome.css
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
77578
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jun 2018 07:07:57 GMT
server
cloudflare
etag
W/"9226-56f720a850d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BhtmO13E0xBf%2FK%2FcTy6ig6Mbh8Ycm8xkF0RoqjClEAqw7GHIsekGQOqbbuHOp9g36YtVv9m5Ji2vJbF6jdsg67EFbCMPf21j6S%2FoJdiwSvcAoQwAiqPIOsGJsc0jHmSYupX6hhtraAu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a3452898c5c20-FRA
expires
Thu, 24 Feb 2022 16:16:26 GMT
font-awesome.min.css
hackzl.com/template/wp-content/font-awesome1/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://hackzl.com/template/wp-content/font-awesome1/css/font-awesome.min.css
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6309
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jun 2018 07:07:58 GMT
server
cloudflare
etag
W/"7918-56f720a944f80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZGuFJhoqoybsJzRkRLG75kpxw00NXxWiwiHq%2BtGZXo3JLc6zqk0kSK7qCB8FJM%2BCgPhc1ezIkhX3kzNOYjoPUvX6rSF4Xadu7F6lN1WEiofr43S0kgGgd3C4c0GnN3Ove0mU%2FZQWRU1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a3452ee4c9238-FRA
expires
Fri, 25 Feb 2022 12:04:15 GMT
rocket-loader.min.js
it.hackzl.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://it.hackzl.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Jan 2022 15:52:06 GMT
server
cloudflare
etag
W/"61e833a6-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZX9zCY8c9PY%2BEVczpXLzhnesZkFbL57JZKHWNZqv8ksLoOl11FtiaaF8NqC3PH1B8MJiIsQyLSqIzZUSqFopPk85eeVmx85x8E92AUl4CbXhc%2B3LsJdjFOR%2Fl7q6uIceHsv5skPK5JCPcd3M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d3a345248b95c20-FRA
vary
Accept-Encoding
expires
Fri, 28 Jan 2022 13:49:24 GMT
s-right-dual-full-expand.png
hackzl.com/template/wp-content/themes/enspire/img/sidebar/
958 B
1 KB
Image
General
Full URL
https://hackzl.com/template/wp-content/themes/enspire/img/sidebar/s-right-dual-full-expand.png
Requested by
Host: hackzl.com
URL: https://hackzl.com/template/wp-content/themes/enspire/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af9ff19f068e1aa0bcda4f1ec4ffed78a55680f4d1d5e803ec272b2b9575c490

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hackzl.com/template/wp-content/themes/enspire/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
958
last-modified
Mon, 11 Mar 2019 17:25:22 GMT
server
cloudflare
etag
"3be-583d4db790480"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvemF8z%2BrA%2FEXqgpCTJOCfwLEAihnVBcTaEDNCegtjKUnhiroiXL4tuyJN%2F3%2FDcvaaMyDq2gcjsO9lxpPTmO36Mq3na8DT3VQVCPpNUu34gctbgigbincmW%2Bb7mD8VLvhegVvSyNJziv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6d3a34530e979238-FRA
expires
Fri, 25 Feb 2022 13:49:24 GMT
fontawesome-webfont.woff2@v=4.7.0
hackzl.com/template/wp-content/themes/enspire/fonts/
0
0
Font
General
Full URL
https://hackzl.com/template/wp-content/themes/enspire/fonts/fontawesome-webfont.woff2@v=4.7.0
Requested by
Host: hackzl.com
URL: https://hackzl.com/template/wp-content/themes/enspire/fonts/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://hackzl.com/template/wp-content/themes/enspire/fonts/font-awesome.min.css
Origin
https://it.hackzl.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYYNLfdkDVoD1c5dm9Yb1t7CaHmRLbXWTyAz9bB%2B4%2F9Ot92NvA3QFSX9F9INDJsH0TpBm4l6uW2HqC40MjHIRmkRA1SNMMDfRfFx2hjcQiTdLDH0jsJnBoZHfOaQIj%2Fvi4IARNmDMU8D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a3453490a8fdd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-embed.min.js
hackzl.com/template/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://hackzl.com/template/wp-includes/js/wp-embed.min.js
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6309
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 14 Nov 2019 00:42:26 GMT
server
cloudflare
etag
W/"577-59743c1592080-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78kXH7aK6sxiqGK05ob%2FVIXeht6d%2B4rF30EFtc9KxQPOwHyCxnBqPW4LCWtyVY8venlgNzu4HKZFUmaPuLyLXe3igLVBGz1F%2BQkXtHQ%2FihFlBpMljRIizwAEDFAxd0slHxUEHhWNYrcP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a34537fb39238-FRA
expires
Fri, 25 Feb 2022 12:04:15 GMT
scripts.js
hackzl.com/template/wp-content/themes/enspire/js/
4 KB
2 KB
Script
General
Full URL
https://hackzl.com/template/wp-content/themes/enspire/js/scripts.js
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d1916023634831d5e14400f23063f9979175c10023cf8f4c04c36295ddd77f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6308
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 11 Mar 2019 17:25:22 GMT
server
cloudflare
etag
W/"112d-583d4db790480-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HenzJOv5oBhk2Xd9JJGAK56HpZFFmTRfGEH3i1CROoJsXInMLBJslIrqH4BilFWWZC88SUOB18n8tYR3rRAGNwFPxWdjtQG8s6X626LnW0qP7GqfQO73Oie0pX%2BFihPc6PJVmhRIDiK7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a34537fb69238-FRA
expires
Fri, 25 Feb 2022 12:04:16 GMT
owl.carousel.min.js
hackzl.com/template/wp-content/themes/enspire/js/
23 KB
7 KB
Script
General
Full URL
https://hackzl.com/template/wp-content/themes/enspire/js/owl.carousel.min.js
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6308
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 11 Mar 2019 17:25:22 GMT
server
cloudflare
etag
W/"5d80-583d4db790480-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S05%2BJ43JASGBF6DrMIffqAfmj7rSICD5G3ojOzEWNc%2BU22sKg9Yb2pag6aU6HPK7Wd2%2FKQ7aApluzZswz8h7MuzF2QuNx7yDLuipS0zxUq6C8hOWiVCf0Pcc3zSyIsSd7tcCWr8CbgCz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a34537fb89238-FRA
expires
Fri, 25 Feb 2022 12:04:16 GMT
jquery.fitvids.js
hackzl.com/template/wp-content/themes/enspire/js/
3 KB
2 KB
Script
General
Full URL
https://hackzl.com/template/wp-content/themes/enspire/js/jquery.fitvids.js
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c29ff6cb8ebb7a83af704c02a235b37fd77ce8cc48d87aaef2bfd9727fbd166

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6309
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 11 Mar 2019 17:25:22 GMT
server
cloudflare
etag
W/"ce7-583d4db790480-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3u%2FCBsNYEqNcL1EjplRFLyBpFvDo4ECGENDHEHyMF7zhWWOCT5rMRaUti9sznb20rCjOf644JFN7WyzXVGzUgbLM5hOGY%2FH6qpGKfdxkyU2TwrmafgmqMYQg3dUF8nDwbn4o0e0xRQU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a34537fb99238-FRA
expires
Fri, 25 Feb 2022 12:04:15 GMT
jquery.flexslider.min.js
hackzl.com/template/wp-content/themes/enspire/js/
17 KB
6 KB
Script
General
Full URL
https://hackzl.com/template/wp-content/themes/enspire/js/jquery.flexslider.min.js
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3dce99e558cff8cbd5f975a0a8682e79de9fc5946878229035cf75e09b51215

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6309
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 11 Mar 2019 17:25:22 GMT
server
cloudflare
etag
W/"423f-583d4db790480-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njp%2B5%2FxzF3mmA4Fml%2BzXNymSf%2BeSlWHc6ZMJh10Pg9nEtaJAIUcHf1Z5Of9aLrScpoSH48P37%2BHIqjpE5Cc0K8bDue0g3fZg86Zqto9vwyZxz9mb%2BNCWYaXMICOTE1gcyrqvaDMKvvRH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a34537fbc9238-FRA
expires
Fri, 25 Feb 2022 12:04:15 GMT
jquery-migrate.min.js
hackzl.com/template/wp-includes/js/jquery/
10 KB
5 KB
Script
General
Full URL
https://hackzl.com/template/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6309
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 20 May 2016 09:41:28 GMT
server
cloudflare
etag
W/"2748-53342e5188200-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGEaeL0kDqnYg1FrSHZ2gnywd1o3sblM63Bi4f1rr1U1QOeVfNUvOVg79FZEaxIEkzorRscoN04sYX3AeHrGnNBKBijtqtqSaUgLC4T9Qau1O5zThWR9QCrJOAeVYUQvWz6Qz8es4XIK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a34537fbe9238-FRA
expires
Fri, 25 Feb 2022 12:04:15 GMT
jquery.js
hackzl.com/template/wp-includes/js/jquery/
95 KB
35 KB
Script
General
Full URL
https://hackzl.com/template/wp-includes/js/jquery/jquery.js
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:8bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6309
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 May 2019 21:56:10 GMT
server
cloudflare
etag
W/"17a69-5896ceaa97280-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tn%2BUrRlnXfbT8M1YP8LY%2Bxueq%2F0TZxGFGUz2ZGbTVR3jrixFcGWKfJDDaKHcdliNEN76WZj%2FiyZG5uHvYtnNo%2FMNX4g%2FKWk%2F44QKYdSpjkI8b6c%2FQjWcdNiif%2F0klPtvnMj6pSi3PVHX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a34537fbf9238-FRA
expires
Fri, 25 Feb 2022 12:04:15 GMT
skdd_19091901.js
cdn.zx-adnet.com/adx/
145 KB
19 KB
Script
General
Full URL
https://cdn.zx-adnet.com/adx/skdd_19091901.js
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
27256333926c5856d23af79adcbf57ae6a1d2f79771ab1d18618b9db0019ed08
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Sat, 22 Jan 2022 14:22:51 GMT
x-timer
S1643204964.423883,VS0,VE1
etag
"ce6c08a9bee3d37b09a906dd8743f73e6f25fef652dc49aab8900c01a1c30a20-br"
x-served-by
cache-hhn4069-HHN
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
date
Wed, 26 Jan 2022 13:49:24 GMT
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
19468
x-cache-hits
1
cse.js
cse.google.com/
10 KB
4 KB
Script
General
Full URL
https://cse.google.com/cse.js?cx=2e476a8cbc55c9e15
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
2cdce6185ce6c45959bbeee0c3258a58ad024bdbe19b9a0e0feda83174d8b7d2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3434
x-xss-protection
0
server
gws
expires
Wed, 26 Jan 2022 13:49:24 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
148 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31ddb3a6b73aeb9af87202b06918ec409f79b0c070c9d7f3ffff01fd050e7823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52514
x-xss-protection
0
server
cafe
etag
8834536479742354344
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 26 Jan 2022 13:49:24 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://it.hackzl.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 04:33:53 GMT
x-content-type-options
nosniff
age
465331
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15604
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 21 Jan 2023 04:33:53 GMT
fontawesome-webfont.woff2
hackzl.com/template/wp-content/font-awesome1/fonts/
75 KB
76 KB
Font
General
Full URL
https://hackzl.com/template/wp-content/font-awesome1/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: hackzl.com
URL: https://hackzl.com/template/wp-content/font-awesome1/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://hackzl.com/template/wp-content/font-awesome1/css/font-awesome.css
Origin
https://it.hackzl.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jun 2018 07:07:54 GMT
server
cloudflare
etag
"12d68-56f720a574680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0I8SEmrv9S%2FM%2BO6HGr%2B1sAosTC%2BgvGI9y93Cbqs8W67KoZhjB8NvYi6%2FzloRpfqY4pOwZXyveBC2SwlnxdkXEWgiR%2F6r0bLqjoMMEHXIScZMc%2FRX50RfFN3C3t4Nk2SbDDiF9sLwCTH"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6d3a345389af8fdd-FRA
expires
Wed, 26 Jan 2022 13:49:29 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://it.hackzl.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 17:55:21 GMT
x-content-type-options
nosniff
age
158043
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 24 Jan 2023 17:55:21 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://it.hackzl.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:17:54 GMT
x-content-type-options
nosniff
age
84690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 14:17:54 GMT
fontawesome-webfont.woff@v=4.7.0
hackzl.com/template/wp-content/themes/enspire/fonts/
0
0
Font
General
Full URL
https://hackzl.com/template/wp-content/themes/enspire/fonts/fontawesome-webfont.woff@v=4.7.0
Requested by
Host: hackzl.com
URL: https://hackzl.com/template/wp-content/themes/enspire/fonts/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://hackzl.com/template/wp-content/themes/enspire/fonts/font-awesome.min.css
Origin
https://it.hackzl.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPCP8up16rRNtdVxMkwivy1cSnhZOadh2bCaj3XO1CeOJ0%2Fgje6shkTTMQH%2BhXecGSYIOvenxzdo%2FUnhHYj724iMgz%2F1KVzQZnmybtHsjjCQ59zcC507Ek0WrnZEtVKIwF1Pe9wFNTEp"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a34541b148fdd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fontawesome-webfont.ttf@v=4.7.0
hackzl.com/template/wp-content/themes/enspire/fonts/
0
0
Font
General
Full URL
https://hackzl.com/template/wp-content/themes/enspire/fonts/fontawesome-webfont.ttf@v=4.7.0
Requested by
Host: hackzl.com
URL: https://hackzl.com/template/wp-content/themes/enspire/fonts/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://hackzl.com/template/wp-content/themes/enspire/fonts/font-awesome.min.css
Origin
https://it.hackzl.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4b8u6QiQui%2FlBivAz66zVjcvQSHyAGlY72ixEdQuXf%2FFmDcIei98J71FRVSRznrz0RsO%2FwU9x708PwQHw86sVbLZzbs4U1WkEfXOqL8NbUVmwBAT5F8oa2YYYYyAf60E2sPejcrUE1DG"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
6d3a34549c3b8fdd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cookies_gdpr.js
cdn.zx-adnet.com/consent/
34 KB
9 KB
Script
General
Full URL
https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.8785875073326825
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Sat, 22 Jan 2022 14:22:51 GMT
x-timer
S1643204965.630097,VS0,VE158
etag
"e816600dd00bd96b1fef78362730b72e57d5bac88839b4da007d48db85d79519-br"
x-served-by
cache-hhn4069-HHN
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
no-cache
date
Wed, 26 Jan 2022 13:49:24 GMT
accept-ranges
bytes
x-cache-hits
0
tag.js
mc.yandex.ru/metrika/
196 KB
67 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
14f8ba90ae55f120df9ad242a6dcb942e7e10215cf98e146b14b749b0f397bb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
br
last-modified
Wed, 26 Jan 2022 09:25:59 GMT
etag
"61f113a7-10a61"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
68193
expires
Wed, 26 Jan 2022 14:49:24 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/
284 KB
102 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
879695be8b29947d7bb905b40073624bd52be4716676c1545529d61f38dd6d34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104673
x-xss-protection
0
server
cafe
etag
1030829256815589132
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 26 Jan 2022 13:49:24 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220120/r20190131/ Frame 5733
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220120/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Wed, 26 Jan 2022 06:48:47 GMT
expires
Wed, 09 Feb 2022 06:48:47 GMT
cache-control
public, max-age=1209600
age
25237
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cse_element__de.js
www.google.com/cse/static/element/ff97a008b4153450/
301 KB
100 KB
Script
General
Full URL
https://www.google.com/cse/static/element/ff97a008b4153450/cse_element__de.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=2e476a8cbc55c9e15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
234d09380fb6381bad3b8bf8d46c8ff4d63ddd604b823356e58199c688ac2e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 17:19:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
160197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102218
x-xss-protection
0
last-modified
Fri, 10 Dec 2021 15:35:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 24 Jan 2023 17:19:27 GMT
default+de.css
www.google.com/cse/static/element/ff97a008b4153450/
41 KB
9 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/element/ff97a008b4153450/default+de.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=2e476a8cbc55c9e15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 17:19:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
160197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Fri, 10 Dec 2021 15:35:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 24 Jan 2023 17:19:27 GMT
default.css
www.google.com/cse/static/style/look/v4/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=2e476a8cbc55c9e15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 26 Jan 2022 14:11:15 GMT
abs.js
cdn.zx-adnet.com/adx/
220 B
222 B
Script
General
Full URL
https://cdn.zx-adnet.com/adx/abs.js?0.6737338899319505
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/skdd_19091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Sat, 22 Jan 2022 14:22:51 GMT
x-timer
S1643204965.665850,VS0,VE126
etag
"5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
x-served-by
cache-hhn4069-HHN
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
date
Wed, 26 Jan 2022 13:49:24 GMT
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
107
x-cache-hits
0
1
mc.yandex.ru/watch/86364980/
Redirect Chain
  • https://mc.yandex.ru/watch/86364980?wmode=7&page-url=https%3A%2F%2Fit.hackzl.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod71lkz4p33%3Afp%3A210%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
  • https://mc.yandex.ru/watch/86364980/1?wmode=7&page-url=https%3A%2F%2Fit.hackzl.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod71lkz4p33%3Afp%3A210%3Afu%3A0%3Aen%3Autf-8%3Ala%...
331 B
413 B
XHR
General
Full URL
https://mc.yandex.ru/watch/86364980/1?wmode=7&page-url=https%3A%2F%2Fit.hackzl.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod71lkz4p33%3Afp%3A210%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A730%3Acn%3A1%3Adp%3A0%3Als%3A451671722402%3Ahid%3A804283891%3Az%3A0%3Ai%3A20220126134924%3Aet%3A1643204965%3Ac%3A1%3Arn%3A674924461%3Arqn%3A1%3Au%3A1643204965945801727%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643204964032%3Ads%3A0%2C25%2C62%2C1%2C59%2C0%2C%2C211%2C0%2C591%2C591%2C1%2C361%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643204965%3At%3APrincipale%2C%20January%202022&t=gdpr%2814%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
01fd40f8e8b5e924546fcacf48ab20bb3c602fa6b15c93058973a0360b60ca28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 13:49:24 GMT
x-content-type-options
nosniff
last-modified
Wed, 26-Jan-2022 13:49:24 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://it.hackzl.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Wed, 26-Jan-2022 13:49:24 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jan 2022 13:49:24 GMT
last-modified
Wed, 26-Jan-2022 13:49:24 GMT
location
/watch/86364980/1?wmode=7&page-url=https%3A%2F%2Fit.hackzl.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod71lkz4p33%3Afp%3A210%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A730%3Acn%3A1%3Adp%3A0%3Als%3A451671722402%3Ahid%3A804283891%3Az%3A0%3Ai%3A20220126134924%3Aet%3A1643204965%3Ac%3A1%3Arn%3A674924461%3Arqn%3A1%3Au%3A1643204965945801727%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643204964032%3Ads%3A0%2C25%2C62%2C1%2C59%2C0%2C%2C211%2C0%2C591%2C591%2C1%2C361%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643204965%3At%3APrincipale%2C%20January%202022&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://it.hackzl.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 26-Jan-2022 13:49:24 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
136 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
last-modified
Wed, 26 Jan 2022 12:25:59 GMT
etag
"61f113a7-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 26 Jan 2022 14:49:24 GMT
sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js
cdn.zx-adnet.com/consent/
341 KB
66 KB
Script
General
Full URL
https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.8785875073326825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Sat, 22 Jan 2022 14:22:51 GMT
x-timer
S1643204965.849310,VS0,VE0
etag
"903d4e9708a69e8cc899413e10c8bd8c12ff0e8553c05df46fc83d843518567b-br"
x-served-by
cache-hhn4069-HHN
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=315000
date
Wed, 26 Jan 2022 13:49:24 GMT
accept-ranges
bytes
content-length
67057
x-cache-hits
2
checkabuse
cdn.zx-adnet.com/
56 B
371 B
Script
General
Full URL
https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Fit.hackzl.com%2F
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.6737338899319505
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:25 GMT
content-encoding
gzip
x-cache
MISS
content-length
65
x-served-by
cache-hhn4069-HHN
server
Google Frontend
x-timer
S1643204965.849503,VS0,VE154
etag
W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html; charset=utf-8
x-cloud-trace-context
9fd40758d30ef86e501642b3602d1741
cache-control
max-age=3600,public
function-execution-id
mq0oz0npvkec
accept-ranges
bytes
x-orig-accept-language
de-DE,de;q=0.9
x-country-code
DE
x-cache-hits
0
cookie.js
partner.googleadservices.com/gampad/
214 B
645 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=it.hackzl.com&callback=_gfp_s_&client=ca-pub-3322491651172602
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3a127f799887e76c114fdc21659a16694caeab7b46cabd643ca6bc8563fce4c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=it.hackzl.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=it.hackzl.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fit.hackzl.com%2F&tn=HEADER&id=header&cls=group&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 13:49:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame AB07
230 KB
55 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&adk=1812271804&adf=3025194257&lmt=1643204964&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fit.hackzl.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964647&bpp=4&bdt=466&idt=215&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4927713405458&frm=20&pv=2&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=229
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33713134d5dc29e15e088931c0b9c8d7dbbaf0c124bfff47d510c7e47545f2d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 26 Jan 2022 13:49:25 GMT
server
cafe
content-length
56468
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 26 Jan 2022 13:49:25 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220120&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57f6c6de8e08356faeca1b8c52f433fbf59087c36455ee8c8ca883b0c601dede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 26 Jan 2022 13:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8885
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 83B3
69 KB
27 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=4219723477&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964662&bpp=3&bdt=481&idt=223&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nYYM7NkWKB&p=https%3A//it.hackzl.com&dtd=229
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fabe83b907db78170f1372d2697ec85b934ec6c11e7705a6df3296c7b81d5557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 26 Jan 2022 13:49:25 GMT
server
cafe
content-length
27306
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 26 Jan 2022 13:49:25 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 5521
100 KB
31 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=200453717&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964665&bpp=1&bdt=483&idt=231&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=evohZ4bSBV&p=https%3A//it.hackzl.com&dtd=234
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f94f95412385fcb827b533c005466f71b0ad2f6ec0f1b715df97242315a5025
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 26 Jan 2022 13:49:25 GMT
server
cafe
content-length
31685
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 26 Jan 2022 13:49:25 GMT
cache-control
private
ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js
cdn.zx-adnet.com/consent/
230 KB
37 KB
Script
General
Full URL
https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Sat, 22 Jan 2022 14:22:51 GMT
x-timer
S1643204965.971186,VS0,VE2
etag
"dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by
cache-hhn4069-HHN
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=315000
date
Wed, 26 Jan 2022 13:49:24 GMT
accept-ranges
bytes
content-length
37832
x-cache-hits
1
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Jan 2022 13:49:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
79 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/skdd_19091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
0d20921d3495b1d2c456ebde74dd61f180c7e849c78b0ddfa8357b83d517849a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27061
x-xss-protection
0
server
sffe
etag
"1113 / 256 of 1000 / last-modified: 1643198680"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 26 Jan 2022 13:49:25 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=it.hackzl.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 26 Jan 2022 13:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=it.hackzl.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 26 Jan 2022 13:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7938
97 KB
31 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d48bdd64c17df14172cc79396cf7ad20c2b0f09afb8e03d0064f4146cc119f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 26 Jan 2022 13:49:25 GMT
server
cafe
content-length
31283
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 26 Jan 2022 13:49:25 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6EEF
94 KB
30 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
838f63730452ed72839c2faecdfe0806447739a5046d104182c034c07cf85998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 26 Jan 2022 13:49:25 GMT
server
cafe
content-length
30349
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 26 Jan 2022 13:49:25 GMT
cache-control
private
pubads_impl_2022011002.js
securepubads.g.doubleclick.net/gpt/
352 KB
118 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:29:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1225
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121009
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:10:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 26 Jan 2023 13:29:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
32 B
72 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=it.hackzl.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
75acf5613dfd94067dbfa7f0724cc378d959b5b2ac164432a876c0348ae5bb68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 26 Jan 2022 13:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48
x-xss-protection
0
expires
Wed, 26 Jan 2022 13:49:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63E5
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 26 Jan 2022 13:23:52 GMT
expires
Thu, 26 Jan 2023 13:23:52 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1533
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4E3B
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
10f8e22a94959ef8d01c4de92c0c325b59580d0061c2e8b6d4d73589b0963651
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PU3m75AbKXYbn3nc5GBu6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 26 Jan 2022 13:49:25 GMT
date
Wed, 26 Jan 2022 13:49:25 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-PU3m75AbKXYbn3nc5GBu6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
pagead2.googlesyndication.com/bg/ Frame 63E5
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 07:55:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
21231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13497
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Jan 2023 07:55:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4E3B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220120&jk=2744283142389354&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

7292426673613177572
tpc.googlesyndication.com/simgad/ Frame 83B3
138 KB
138 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7292426673613177572
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=4219723477&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964662&bpp=3&bdt=481&idt=223&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nYYM7NkWKB&p=https%3A//it.hackzl.com&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87e6edd97dfa54e7fd22a33421c1159a60cc624e409c0d5f4e2e7b7ec0df5efb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 07:01:16 GMT
x-content-type-options
nosniff
age
370089
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
140888
x-xss-protection
0
last-modified
Thu, 30 Sep 2021 15:05:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 22 Jan 2023 07:01:16 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/ Frame 83B3
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=4219723477&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964662&bpp=3&bdt=481&idt=223&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nYYM7NkWKB&p=https%3A//it.hackzl.com&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
983
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:33:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 83B3
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=4219723477&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964662&bpp=3&bdt=481&idt=223&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nYYM7NkWKB&p=https%3A//it.hackzl.com&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:48:15 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 83B3
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=4219723477&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964662&bpp=3&bdt=481&idt=223&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nYYM7NkWKB&p=https%3A//it.hackzl.com&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1513
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:24:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 83B3
122 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=4219723477&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964662&bpp=3&bdt=481&idt=223&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nYYM7NkWKB&p=https%3A//it.hackzl.com&dtd=229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643027698847572"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Jan 2022 13:49:25 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 83B3
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=4219723477&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964662&bpp=3&bdt=481&idt=223&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nYYM7NkWKB&p=https%3A//it.hackzl.com&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 21:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11395
x-xss-protection
0
server
cafe
etag
13428216562775282503
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 21:39:30 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 83B3
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ctb1DZFHxYZnuOsOKiQbb67aYCpfW_YRo7s3owPAO0oTPiZcOEAEg2LPUcWCV4pCCoAegAerribsDyAEDqAMByAPJBKoE0gFP0McV1LGlrW4P4lh9icTsyyJplsvYG46TGDjp0KoQZsRoFRD7zcGi3GFXZ7b1vkhAUfK4pUhrWiyOYZ2DERJ1zkybNmjdvDZVbD68yGFgey_zYGqXX4N4tEnRYwxKXWqiTVFWIcy_sFUfYwQqvfLoIoqr9gyoUUK8GmNrMuWgt9kRnk0_636EQCnFykXTrg0ge7BhggYHKSi4aX2Z7V8N6XaMq--v95dzUByvuyFoTHw-rRVouAxydfIsa-OIj_sP2Mw4wobJsWUpxzGeHWLgrIfABIGeoM7dA5IFBAgEGAGSBQQIBRgEoAYDgAf-k_ZEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ6KsH0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTMzMjI0OTE2NTExNzI2MDIYAA&sigh=Sb0fwiS14Tk&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=4219723477&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964662&bpp=3&bdt=481&idt=223&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nYYM7NkWKB&p=https%3A//it.hackzl.com&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=4219723477&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964662&bpp=3&bdt=481&idt=223&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nYYM7NkWKB&p=https%3A//it.hackzl.com&dtd=229
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 26 Jan 2022 13:49:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 26 Jan 2022 13:49:25 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8FB7
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=4219723477&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964662&bpp=3&bdt=481&idt=223&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nYYM7NkWKB&p=https%3A//it.hackzl.com&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=4219723477&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964662&bpp=3&bdt=481&idt=223&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nYYM7NkWKB&p=https%3A//it.hackzl.com&dtd=229

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Wed, 26 Jan 2022 13:03:51 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
2734
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
generate_204
tpc.googlesyndication.com/ Frame 63E5
0
0

truncated
/ Frame 83B3
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8db1a3ecadac9d9d979f38429313c7dddcefd95fb1baeb1a642305e5291dbbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220120&jk=2744283142389354&bg=!MjGlMXXNAAZ_DxPPfw87ACkAdvg8Wrh6jShh5y51buzCVr-LZnr7J3l6F7o8dw6L7Gsfy8E9EH7USQIAAABuUgAAAAJoAQcKAGw8NEUBmJJTXisGuyxHEZPnm104IZsrmi7azsJ5wAUp4yrkW0aNn7qeCrza9VzI3OiZcjQWi4rEVTJ-rXaFsqp8U4LCPmZgIu-Acs9VVBd1pSxsuYx2QemV_PLpFji6fD_3f3zJ0LK9sIW6LbGZArfkmNly5Ka_dVsbCVqayKm8COB66bu_Um2du4r2aatLfYR1QLrW1mVPnDCrfoFA7blP2_8gG8NtCdrIawFnpEUlPPTbKa9XY6cq8-JvDsXI6vMLno6A2e8XtIMaDJFCTWrSSaY58HfhWs-uIrcaYtToHz-Ehs_gvPdDcsCA4tI4O9Se5JYqGKiul4Yn1T__jT0rpJm_IQCpGgHhAJ2eaG9Rg67uw_OxriptY_kbhtDzAUwkNSGrltPHULN53rA3hmav5wWv4KJ65UchH79KdkhjmFwSDP3qcF12rdxbLAyUDAk3Q72A71SMaWOd9peHyS5nYHd7HiiT6lGgFnFd9rXkG5jKRCz2Z8I7MEjOc4Ct4ApxJNi9i3IRjjsw1Uco2762SuAOxnfC98PVVt7HgvCYAm76FPQ0SpLzoTFRRJQeQdmp7Ht35EJOV8Ync9PerHMul0UYr_CaMoI3pF9fakwffgkLpX71fNhGSs0MjqTAsv7hvAVf2EzQnKCQVoV0Y1fFq-0LLNfFwiF5__eFMhiHStvkbjR4FHdaRqOcZopPGcePpC25FQjXNrVV9V7t4HPECoBeaMI5itt_5H2G430sqtvM2z0-uEBbP8ElHoaHasAMLAJdSQ1bI4YkJEJRNwwYywba27_JsvRu5qI2712w3FaFWFGuZStPJ9Z0GvTPdgyUGmePVbHiuY8oxkqgDJd-AWwZMUP3QWVw80m53XSVfkTmgSvHCWTDFTcdMigbkYOTIo3wmb3X1ddsiQyjNZFjMaBHOy1rJJ2XLEaV4tfoH4TVpxv2K0fClTP_kC-QyTq8_xxXbR6qLfoSi0FgoGMWkWr8_1j3_U4oijsI16WjI2YBu8pFxaIC1xRGvVDCXbJujgHmksmDPuUUyjs5eR8uUroEe41bPm_Rj_yZOGqLC_Hkbanhsg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 13:49:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8FB7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=4219723477&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964662&bpp=3&bdt=481&idt=223&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nYYM7NkWKB&p=https%3A//it.hackzl.com&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 26 Jan 2022 13:49:25 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 26 Jan 2022 13:49:25 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 26 Jan 2022 13:49:25 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
pagead2.googlesyndication.com/bg/ Frame 800A
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=4219723477&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964662&bpp=3&bdt=481&idt=223&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nYYM7NkWKB&p=https%3A//it.hackzl.com&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 07:55:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
21231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13497
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Jan 2023 07:55:34 GMT
16085597416699857073
tpc.googlesyndication.com/simgad/ Frame 5521
24 KB
25 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/16085597416699857073?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkcCoYRbrdEv4-Nw0pZw4NGAhjAdQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=200453717&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964665&bpp=1&bdt=483&idt=231&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=evohZ4bSBV&p=https%3A//it.hackzl.com&dtd=234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dac0d6cb23062a990e1e04348b4fd110886b43cc370fc06978c85e1ae91a78c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 06:15:02 GMT
x-content-type-options
nosniff
age
200063
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25078
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 21:26:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 24 Jan 2023 06:15:02 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/ Frame 5521
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=200453717&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964665&bpp=1&bdt=483&idt=231&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=evohZ4bSBV&p=https%3A//it.hackzl.com&dtd=234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
983
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:33:02 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5521
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CDVGRZFHxYeaEO_ixiQbkp6FAvN2i4WfEhPP0sw_C4eLokw4QASDYs9RxYJXikIKgB6AB8Pm8igPIAQKoAwHIA8kEqgTJAU_QWz85ePxZUTnlLm7obfy9pjJLS5C7WbW8ZoOW3susVyml_VX92Fs5RZnFcocq0oX4lTaNrx-rZ1cvtkYYdAcXJ2ZiDAHMq_mgaHbdcpSAXv9aQtnu_YTbHRUvNFlF8tkJde4y4NEDn73UA_MPVrH-s3Zb3VHZItw97Z5GBfrvg3yLRimr1-olu4SlMXtVH-w3mpcAtbs3nBJ3tP2xy2VTci3qrdqBULXMLsP3iZUnmHc3NAhGyhOPt3LShXsl5rqPkZCx2TlZzcAEqLiJz-0DkgUECAQYAZIFBAgFGASgBgKAB_iFw3WoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCi1AbSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMzMyMjQ5MTY1MTE3MjYwMhgA&sigh=DQiHqmOM6gM&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=200453717&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964665&bpp=1&bdt=483&idt=231&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=evohZ4bSBV&p=https%3A//it.hackzl.com&dtd=234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=200453717&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964665&bpp=1&bdt=483&idt=231&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=evohZ4bSBV&p=https%3A//it.hackzl.com&dtd=234
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 26 Jan 2022 13:49:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 5521
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=200453717&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964665&bpp=1&bdt=483&idt=231&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=evohZ4bSBV&p=https%3A//it.hackzl.com&dtd=234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:48:15 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 5521
67 B
91 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=200453717&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964665&bpp=1&bdt=483&idt=231&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=evohZ4bSBV&p=https%3A//it.hackzl.com&dtd=234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 18:14:59 GMT
x-content-type-options
nosniff
server
cafe
age
70466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
2462972746714251406
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Wed, 26 Jan 2022 18:14:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5521
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=200453717&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964665&bpp=1&bdt=483&idt=231&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=evohZ4bSBV&p=https%3A//it.hackzl.com&dtd=234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643027698847572"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Jan 2022 13:49:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 5521
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=200453717&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964665&bpp=1&bdt=483&idt=231&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=evohZ4bSBV&p=https%3A//it.hackzl.com&dtd=234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1513
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:24:12 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 5521
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=200453717&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964665&bpp=1&bdt=483&idt=231&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=evohZ4bSBV&p=https%3A//it.hackzl.com&dtd=234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 21:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11395
x-xss-protection
0
server
cafe
etag
13428216562775282503
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 21:39:30 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5706
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=200453717&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964665&bpp=1&bdt=483&idt=231&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=evohZ4bSBV&p=https%3A//it.hackzl.com&dtd=234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=200453717&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964665&bpp=1&bdt=483&idt=231&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=evohZ4bSBV&p=https%3A//it.hackzl.com&dtd=234

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Wed, 26 Jan 2022 13:03:51 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
2734
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5521
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
847d977f5deee77494aa6c763ff6426ffe9662f859fc26a64adae038cd113999

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/
150 KB
54 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/reactive_library_fy2019.js?bust=31064219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e30ec67e101a90f93327db3756d91d3ca622eefadadf3388cc33c0b4a755de0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54792
x-xss-protection
0
server
cafe
etag
16978633003394132997
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Jan 2022 13:49:25 GMT
17610668041843247088
tpc.googlesyndication.com/daca_images/simgad/ Frame 7938
48 KB
48 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/17610668041843247088
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbf9af14baa91cebfa7dc523a0b459787e7f5d858779f301972e5d71d23a2842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 09:31:26 GMT
x-content-type-options
nosniff
age
188279
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48991
x-xss-protection
0
last-modified
Sun, 09 Jan 2022 20:13:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 24 Jan 2023 09:31:26 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/ Frame 7938
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
983
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:33:02 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7938
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CxHaaZVHxYbuKCobgZ8XtoZgHkYqm7Wetju33jw-Wgs2FiBYQASDYs9RxYJXikIKgB6ABgoGViAPIAQKpAnSUnHdG2nM-qAMByAPJBKoEygFP0GM5gQu_Jembi2Bx9zJi3ZA76SqyD67apT7FgHaXl_6LoocjML3S50PK1STYuMrZwraK7nnScXtsSWHfDoReN40iaBJ27cq3ap4cfHm8HWo5AbZcEKlJdhAhXI-5X9yXeDUSp4u6lhLD8cibpCxjSIQq8daPQJtFtg-dcylGqV8yAzZmDYcyo1MoJkw0_Z4jVKZ11f273Io7mfxRMzi5oreDiypiErZ7etpvj-BPwo4oif8837CpbImwG0g6wyC18jaMsHSRWtU1wASRt7Xy8AOSBQQIBBgBkgUECAUYBKAGAoAH5v7qd6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJPwAtIICQiI4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0zMzIyNDkxNjUxMTcyNjAyGAA&sigh=F4jev7YEzVc&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 26 Jan 2022 13:49:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 7938
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:48:15 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 7938
67 B
91 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 18:14:59 GMT
x-content-type-options
nosniff
server
cafe
age
70466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
2462972746714251406
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Wed, 26 Jan 2022 18:14:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7938
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643027698847572"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Jan 2022 13:49:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 7938
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1513
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:24:12 GMT
l
www.google.com/ads/measurement/ Frame 7938
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4S2r9aMbQQhcwM5VyJ49NduPR66cPOiocfuiA33CKPCd7lfVAsptzJqfCgbCVq_uaFBm_B9vlbhMFSTx9VaKOKeB9BA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 7938
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 21:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11395
x-xss-protection
0
server
cafe
etag
13428216562775282503
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 21:39:30 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5706
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=200453717&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964665&bpp=1&bdt=483&idt=231&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=evohZ4bSBV&p=https%3A//it.hackzl.com&dtd=234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 26 Jan 2022 13:49:25 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 26 Jan 2022 13:49:25 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 26 Jan 2022 13:49:25 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
pagead2.googlesyndication.com/bg/ Frame EA5F
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=200453717&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964665&bpp=1&bdt=483&idt=231&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=evohZ4bSBV&p=https%3A//it.hackzl.com&dtd=234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 07:55:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
21231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13497
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Jan 2023 07:55:34 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A959
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Wed, 26 Jan 2022 13:03:51 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
2734
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
redir.html
p4-ctwte7lnm4t6i-kshs3tfbbaco66ja-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 8BBC
247 B
961 B
Document
General
Full URL
https://p4-ctwte7lnm4t6i-kshs3tfbbaco66ja-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f3.1e100.net
Software
sffe /
Resource Hash
75217f4e21a1d59608b5b1244a7654712549dafb65ca6be3452fd95a6f1cc251
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-lc5EGh3lb1OwNgyLNA3PYw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
203
date
Wed, 26 Jan 2022 13:49:25 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=it.hackzl.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 26 Jan 2022 13:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=it.hackzl.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 26 Jan 2022 13:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/ Frame 1E24
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Wed, 26 Jan 2022 11:35:19 GMT
expires
Wed, 09 Feb 2022 11:35:19 GMT
cache-control
public, max-age=1209600
age
8046
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/ Frame A4A3
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3322491651172602&plah=it.hackzl.com&bust=31064219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://it.hackzl.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Wed, 26 Jan 2022 11:35:19 GMT
expires
Wed, 09 Feb 2022 11:35:19 GMT
cache-control
public, max-age=1209600
age
8046
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7938
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c3ec0a1f941e6f5dbd2f2f9f887eba43cd926e0d10fc5bb35db02673ae461a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
10826544509272981773
tpc.googlesyndication.com/simgad/ Frame 6EEF
33 KB
33 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/10826544509272981773?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm9vkla2h8toqlDh0_cAEjfhtNdVg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
603307c1ce28fbca598fc41a70a57f29ca95c7c850c016367d40837248e1885a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 23:12:38 GMT
x-content-type-options
nosniff
age
139007
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33846
x-xss-protection
0
last-modified
Fri, 26 Mar 2021 14:33:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 24 Jan 2023 23:12:38 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/ Frame 6EEF
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
983
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:33:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 6EEF
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:48:15 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 6EEF
67 B
91 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 18:14:59 GMT
x-content-type-options
nosniff
server
cafe
age
70466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
2462972746714251406
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Wed, 26 Jan 2022 18:14:59 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6EEF
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CdYTEZVHxYY28CtqMiQbT2rfQC5j708ZjoNjnzK0Ns6u_tZAOEAEg2LPUcWCV4pCCoAegAdXphssDyAECqQLvKd89PX6QPqgDAcgDyQSqBMYBT9AUk8hTs6VoKSPC-7-_5EZeXOGE6MNUISoscLAx3EdFf20Dj6nIPKTcwMf56G1frQvSe92wM6_uIlzQUx_HVuOry3YHmzOofj8OVqvf9h0VHKFLag23SLuuJomWpN8eh8HwK3MAFfssLC-4PC74gpw2BZwdlhJwKjzr9jiePZZzer5ZUiIfFi1p1z2B6ZNkWojNs0j03n859xIW3EFYWDTvEFC7tEMpD75Y2Vjmz19_CbWYlxSAkVhggcyAD7VXH88EVRNywAS6qbyPrQOSBQQIBBgBkgUECAUYBKAGAoAHk5b5NKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJK-BNIICQiI4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0zMzIyNDkxNjUxMTcyNjAyGAA&sigh=HSBqn8NkklM&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 26 Jan 2022 13:49:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6EEF
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643027698847572"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Jan 2022 13:49:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 6EEF
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1513
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:24:12 GMT
l
www.google.com/ads/measurement/ Frame 6EEF
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTL8aDedQtl5MDS6EuAI3hkMjDhj6U5WE8NlnBiv6XXFA0Vzd46eRN6Zx9awqVr9k9mtvjxEvaKCnm8ZMLIQ4I0_nvR8g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 6EEF
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 21:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11395
x-xss-protection
0
server
cafe
etag
13428216562775282503
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 21:39:30 GMT
css2
fonts.googleapis.com/ Frame 1E24
4 KB
634 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 12:25:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 26 Jan 2022 13:49:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Jan 2022 13:49:26 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1E24
205 B
296 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 20:41:08 GMT
x-content-type-options
nosniff
age
234498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 23 Jan 2023 20:41:08 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1E24
604 B
920 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:25:06 GMT
x-content-type-options
nosniff
age
156260
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 24 Jan 2023 18:25:06 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/elements/html/ Frame 1E24
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b277171297bfc840b62b9f160060bf8fc630389b0dee3aadcbb0e855ac7ecbc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:47:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8104
x-xss-protection
0
server
cafe
etag
11153116566150069083
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:47:45 GMT
4f0fd669188cad1c7ccc61140507409e.js
www.gstatic.com/mysidia/ Frame A4A3
8 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4f0fd669188cad1c7ccc61140507409e.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d6d254d04b4d7ed36b0cc3c11fbc46d4cf376428a1a110bb7e0617a3034ff64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 15:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3356
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 01:20:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 23 Apr 2022 15:42:15 GMT
6c2d6b1206f3d1fe21ef2c83ec0fd504.js
www.gstatic.com/mysidia/ Frame A4A3
8 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/6c2d6b1206f3d1fe21ef2c83ec0fd504.js?tag=text/vanilla_highlight_sizing_fix
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f464b353ea31f3c703986ea74b4578e04b7d5c0ab28f46db9895890afeec2309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:41:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
493665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3844
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 18:31:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 20:41:41 GMT
css
fonts.googleapis.com/ Frame A4A3
8 KB
888 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 12:22:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 26 Jan 2022 13:49:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Jan 2022 13:49:26 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame A4A3
1 KB
882 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
399
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:42:46 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/ Frame A4A3
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
983
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:33:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame A4A3
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:48:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A4A3
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643027698847572"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Jan 2022 13:49:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame A4A3
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1513
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:24:12 GMT
fccbdb50d0e11463e1edb3d8fcf7c364.js
www.gstatic.com/mysidia/ Frame A4A3
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 00:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11411
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 01:20:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 00:35:42 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A959
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 26 Jan 2022 13:49:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 26 Jan 2022 13:49:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 26 Jan 2022 13:49:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 50EE
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Wed, 26 Jan 2022 13:03:51 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
2734
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iframe.html
p4-ctwte7lnm4t6i-kshs3tfbbaco66ja-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 8BBC
4 KB
2 KB
Document
General
Full URL
https://p4-ctwte7lnm4t6i-kshs3tfbbaco66ja-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-ctwte7lnm4t6i-kshs3tfbbaco66ja-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-ctwte7lnm4t6i-kshs3tfbbaco66ja-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f3.1e100.net
Software
sffe /
Resource Hash
c3f1c6dd83b5efafc135a540534aad6e40f2c0677405d60aec5083f3efcd0b2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://p4-ctwte7lnm4t6i-kshs3tfbbaco66ja-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-WKlSqVaHW1Vf5AWQpYHv7w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
1863
date
Wed, 26 Jan 2022 13:49:26 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6EEF
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ee86e7be616a1783e8260227d357e0d52ba152fe20962e4cd2854e1d7d229ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 50EE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 26 Jan 2022 13:49:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 26 Jan 2022 13:49:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 26 Jan 2022 13:49:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
pagead2.googlesyndication.com/bg/ Frame F484
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=3905652070&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=329&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=3123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KC4mnf2dhz&p=https%3A//it.hackzl.com&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 07:55:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
21232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13497
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Jan 2023 07:55:34 GMT
css
fonts.googleapis.com/ Frame 6D65
8 KB
888 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 12:26:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 26 Jan 2022 13:49:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Jan 2022 13:49:26 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 6D65
1 KB
883 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:42:46 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/ Frame 6D65
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
984
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:33:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 6D65
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:48:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6D65
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643027698847572"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Jan 2022 13:49:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 6D65
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 13:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1514
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:24:12 GMT
fccbdb50d0e11463e1edb3d8fcf7c364.js
www.gstatic.com/mysidia/ Frame 6D65
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 00:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11411
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 01:20:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 00:35:42 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/12760002408031070293/ Frame A4A3
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12760002408031070293/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abcf3d293f1af2c85f4cff3f5534e852dd27067ec5e0314a55c36edd3b650b9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:11:46 GMT
x-content-type-options
nosniff
age
106660
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1467
x-xss-protection
0
last-modified
Fri, 18 Jun 2021 07:29:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Jan 2023 08:11:46 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A4A3
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkNHNZFHxYeySOqSP7_UPkseUmAOZ6Mf1Z8mjidmEDq2Y0M2ABxABINiz1HFgleKQgqAHoAHp0s_HA8gBAakCIqhNx5fvsj6oAwGqBNoBT9DTI7N1cipC23AdEebCm8n5iBqSUPdJ1ntOxx4ZMuTd3LSMbV8qvfXgEmun8lNoh9HxNSkoysS1sENyB2BtIbFdPdIkATDiF22OhYBZ8vbgF5LYLAfYqvrgP7t2HXFqAk0-yvR59xBo4LND06o-admv3k2WpERC9J_DhlX3QWlr6v4pJzmyjrzuk8dps3nDpa5HfhoAoaFiwlH41_3ZZARpdX3E7j3ZasyI_HRP_Qxux0xmkdMLAbavWNr6QD7DJzMvgervO4ax9OYnT6KYnoE_dRbNoKpYjqvABM6hh8bbA5IFBAgEGAGSBQQIBRgEgAf_rLA4qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQxdsJ0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTMzMjI0OTE2NTExNzI2MDIYAA&sigh=2cIv-mzGCgE&uach_m=[UACH]&template_id=5001
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 26 Jan 2022 13:49:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame CF16
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Wed, 26 Jan 2022 13:03:51 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
2735
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame A4A3
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2c2654a0f3644d09fb8bbab08c611888f37116e105f18cbc3e267042646b86f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
pagead2.googlesyndication.com/bg/ Frame C82E
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Requested by
Host: it.hackzl.com
URL: https://it.hackzl.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 07:55:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
21232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13497
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Jan 2023 07:55:34 GMT
RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
pagead2.googlesyndication.com/bg/ Frame C41E
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3322491651172602&output=html&h=280&slotname=5827243226&adk=1388195251&adf=1075004747&pi=t.ma~as.5827243226&w=340&fwrn=4&fwrnh=100&lmt=1643204964&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fit.hackzl.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643204964667&bpp=1&bdt=486&idt=314&shv=r20220120&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db649b881b3cabb38-22477e6c29cd00c5%3AT%3D1643204964%3ART%3D1643204964%3AS%3DALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw&prev_fmts=0x0%2C340x280%2C340x280&nras=1&correlator=4927713405458&frm=20&pv=1&ga_vid=2084393496.1643204965&ga_sid=1643204965&ga_hid=1777938679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=4302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740%2C31064219%2C31063222&oid=2&pvsid=2744283142389354&pem=419&tmod=1975999468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mSPnbhAo5o&p=https%3A//it.hackzl.com&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 07:55:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
21232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13497
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Jan 2023 07:55:34 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CF16
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 26 Jan 2022 13:49:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 26 Jan 2022 13:49:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 26 Jan 2022 13:49:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 83B3
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNiM78v3f1P5KOQcjPVqWe3w6xOUQc2Ir5PlX8Fp-27lxyPkWvpCleLbRapT3WFZ3OZWqpweZZ374Ang175z--rNcznDp1Mh1kRYozhSBNqXz68RtmcA&sai=AMfl-YS_ojjdKwjDAPutmRcFaL6ypjxMAeVZVOHcq6ff2YEk-2hFuBSjkUr-NoCMqX2fWHQpUK-aGJqgDoIp&sig=Cg0ArKJSzH-LYsDzpFhCEAE&id=lidar2&mcvt=1000&p=0,2,280,338&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220124&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1388195251&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643204964892&rpt=695&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 13:49:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A4A3
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVOiTnxMuiALiAC1ccPE-AYwaI0ty5jqm9zsoroDmPZCwcM3V_ZJ39YZAmxBrVCUOyw8Iavh73jY8eao4IhLKxJKH9WuOpVRczSgb2ZQ-TsrU74uEjgg&sai=AMfl-YRN1wJU74ddrAcP5Todf2okAC8IkVmOHQ20ccdJ9irqshBQ8MFlwiRG5SQpbOUaPMlwn6aaS1s0a3BT&sig=Cg0ArKJSzETb2J_WcjBMEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=86,770,1000,1000,1000&tos=86,684,230,0,0&v=20220124&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643204965835&rpt=397&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 13:49:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?PJb8qQ

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| __cfQR object| zxConsentParams object| t object| e function| ym object| google_js_reporting_queue number| google_srt object| googletag object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| __gcse object| _0x4b33 number| zxadflg_rich_stat boolean| cs_flg string| zxmngname_ext string| yamId string| zx_domaine_ext string| zxadblockmng_ext boolean| zx_ad_flg boolean| zx_flgCap number| zx_gcWrk boolean| zx_flgOverlay boolean| zx_flgNative function| ZxStartMainModule string| zx_type_ad string| zxadpartner_ext object| __ZXNT number| zxCheckAbsStart object| __ZXCONSENT number| google_lpabyc string| google_user_agent_client_hint undefined| $ function| jQuery object| wp boolean| __cfRLUnblockHandlers object| Ya object| yaCounter86364980 object| _0xe9ce object| $jscomp function| $jscomp$lookupPolyfilledValue function| ZxStartMainModule21 object| __ZXCONSENT21 number| zxConsentEnabled number| ZxConsentFlg number| OaCmpEnabledflg number| ZxConsentCheckStatus string| didomiCountry object| didomiGeoRegulations object| didomiOnReady string| _CSS object| didomiRemoteConfig function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| webpackJsonpDidomi function| setImmediate function| clearImmediate object| Didomi object| didomiEventListeners object| dataLayer function| __tcfapi object| didomiState object| GoogleGcLKhOms number| zxCheckAbs object| ZXNT object| ABS_URL object| DATAZXNT string| slot_ext string| zxadblock_ext string| domen string| site_topdomen number| prtintstlprocent string| zxAdUnit77 function| getCs object| ed object| google_llp

13 Cookies

Domain/Path Name / Value
.hackzl.com/ Name: _ym_uid
Value: 1643204965945801727
.hackzl.com/ Name: _ym_d
Value: 1643204965
.yandex.ru/ Name: yandexuid
Value: 2674980281643204964
.yandex.ru/ Name: yuidss
Value: 2674980281643204964
mc.yandex.ru/ Name: yabs-sid
Value: 1735519401643204964
.yandex.ru/ Name: i
Value: HORjQukGNMc+/geDH4EdaYdByJlAEyTxdDYPt4hCOeOpNu6IFERrMSKI8a0QrjoiWhLFZjkeDpsq3hk/s3LIdUZEgQE=
.yandex.ru/ Name: ymex
Value: 1674740964.yrts.1643204964#1674740964.yrtsi.1643204964
.hackzl.com/ Name: _ym_isad
Value: 2
.hackzl.com/ Name: __gads
Value: ID=b649b881b3cabb38-22477e6c29cd00c5:T=1643204964:RT=1643204964:S=ALNI_MZkSEdXr0iPTUfjxsc3YPfVaIGDZw
.hackzl.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTdlOTZhNWYtMjMzOC02ZDRjLWIxNmUtNjQxMzRkMWRmNjYyIiwiY3JlYXRlZCI6IjIwMjItMDEtMjZUMTM6NDk6MjUuMDYyWiIsInVwZGF0ZWQiOiIyMDIyLTAxLTI2VDEzOjQ5OjI1LjA2MloiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.hackzl.com/ Name: euconsent-v2
Value: CPTbS3zPTbS3zAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.doubleclick.net/ Name: IDE
Value: AHWqTUnIR-TDA5xiA13YbGO3uNl-8ztg0eDLdXjgt3rMOvy6Ad6PgkX-KsTq1SYYkkA
.doubleclick.net/ Name: DSID
Value: NO_DATA

4 Console Messages

Source Level URL
Text
network error URL: https://hackzl.com/template/wp-content/themes/enspire/fonts/fontawesome-webfont.woff2@v=4.7.0
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hackzl.com/template/wp-content/themes/enspire/fonts/fontawesome-webfont.woff@v=4.7.0
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hackzl.com/template/wp-content/themes/enspire/fonts/fontawesome-webfont.ttf@v=4.7.0
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-3322491651172602&fa=1&ifi=7&uci=a!7&btvi=4&xpc=1HVN5dzFkK&p=https%3A//it.hackzl.com
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.zx-adnet.com
cse.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hackzl.com
it.hackzl.com
mc.yandex.ru
p4-ctwte7lnm4t6i-kshs3tfbbaco66ja-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
tpc.googlesyndication.com
142.250.184.226
142.250.74.67
151.101.1.195
172.217.23.98
2606:4700:3030::ac43:8bc5
2606:4700:3037::6815:1b03
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2003
2a02:6b8::1:119
01fd40f8e8b5e924546fcacf48ab20bb3c602fa6b15c93058973a0360b60ca28
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
0d20921d3495b1d2c456ebde74dd61f180c7e849c78b0ddfa8357b83d517849a
10f8e22a94959ef8d01c4de92c0c325b59580d0061c2e8b6d4d73589b0963651
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
14f8ba90ae55f120df9ad242a6dcb942e7e10215cf98e146b14b749b0f397bb8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
234d09380fb6381bad3b8bf8d46c8ff4d63ddd604b823356e58199c688ac2e49
27256333926c5856d23af79adcbf57ae6a1d2f79771ab1d18618b9db0019ed08
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee
2cdce6185ce6c45959bbeee0c3258a58ad024bdbe19b9a0e0feda83174d8b7d2
2ddf57e62a543bde300d007228be800823ee29bb65970231de681a56b260bd63
2df17ee009b985ac709b1ac86071246686a86fb3d3dcabfc0a873b1eb5e147a7
31ddb3a6b73aeb9af87202b06918ec409f79b0c070c9d7f3ffff01fd050e7823
33713134d5dc29e15e088931c0b9c8d7dbbaf0c124bfff47d510c7e47545f2d1
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3a127f799887e76c114fdc21659a16694caeab7b46cabd643ca6bc8563fce4c3
3ad55e6c0c91739bb8ce02dcc429d9e441562c0eafdabcd933840e633bd7a320
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4d1916023634831d5e14400f23063f9979175c10023cf8f4c04c36295ddd77f5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f94f95412385fcb827b533c005466f71b0ad2f6ec0f1b715df97242315a5025
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57f6c6de8e08356faeca1b8c52f433fbf59087c36455ee8c8ca883b0c601dede
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ee86e7be616a1783e8260227d357e0d52ba152fe20962e4cd2854e1d7d229ef
603307c1ce28fbca598fc41a70a57f29ca95c7c850c016367d40837248e1885a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad
6d48bdd64c17df14172cc79396cf7ad20c2b0f09afb8e03d0064f4146cc119f2
75217f4e21a1d59608b5b1244a7654712549dafb65ca6be3452fd95a6f1cc251
75acf5613dfd94067dbfa7f0724cc378d959b5b2ac164432a876c0348ae5bb68
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e30ec67e101a90f93327db3756d91d3ca622eefadadf3388cc33c0b4a755de0
838f63730452ed72839c2faecdfe0806447739a5046d104182c034c07cf85998
847d977f5deee77494aa6c763ff6426ffe9662f859fc26a64adae038cd113999
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
879695be8b29947d7bb905b40073624bd52be4716676c1545529d61f38dd6d34
87e6edd97dfa54e7fd22a33421c1159a60cc624e409c0d5f4e2e7b7ec0df5efb
9c29ff6cb8ebb7a83af704c02a235b37fd77ce8cc48d87aaef2bfd9727fbd166
9c3ec0a1f941e6f5dbd2f2f9f887eba43cd926e0d10fc5bb35db02673ae461a6
9d6d254d04b4d7ed36b0cc3c11fbc46d4cf376428a1a110bb7e0617a3034ff64
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8db1a3ecadac9d9d979f38429313c7dddcefd95fb1baeb1a642305e5291dbbd
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abcf3d293f1af2c85f4cff3f5534e852dd27067ec5e0314a55c36edd3b650b9b
af9ff19f068e1aa0bcda4f1ec4ffed78a55680f4d1d5e803ec272b2b9575c490
b277171297bfc840b62b9f160060bf8fc630389b0dee3aadcbb0e855ac7ecbc8
baf517386dcda9e8a0a4a6b09e7feb3c2d0bab76e07798c9e136dc9e29b9aac3
bd892829285110decb2625a366997542ed83c7ad69162d96c4a190ab972e6843
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c2c2654a0f3644d09fb8bbab08c611888f37116e105f18cbc3e267042646b86f
c3f1c6dd83b5efafc135a540534aad6e40f2c0677405d60aec5083f3efcd0b2b
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
dac0d6cb23062a990e1e04348b4fd110886b43cc370fc06978c85e1ae91a78c1
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e1d826a37b17609fa93b85f086a4ac4c01b7d8248f136073c7d6027bf85241e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f3dce99e558cff8cbd5f975a0a8682e79de9fc5946878229035cf75e09b51215
f464b353ea31f3c703986ea74b4578e04b7d5c0ab28f46db9895890afeec2309
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fabe83b907db78170f1372d2697ec85b934ec6c11e7705a6df3296c7b81d5557
fbf9af14baa91cebfa7dc523a0b459787e7f5d858779f301972e5d71d23a2842
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68