www.macobserver.com Open in urlscan Pro
18.158.98.109  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 128

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQUBfmU5UcBCQFkSSrpQbk&google_cver=1

Request Chain 129

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YeESpuqnxLFs-6tRrxh1vQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQUBfmU5UcBCQFkSSrpQbk&google_cver=1

Request Chain 130

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEEIs8qYurgX4VuBo334CTXk&google_cver=1

Request Chain 131

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg1NDI3OTgwMjY5ODUxMDY2NQ%3D%3D

Request Chain 141

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESELz5BTxMKDWKZnMvdQzRTCU&google_cver=1&google_push=AYg5qPKXUUWjgqXKXxepRxj0pmz7GG-rakAXK1MGnJ4Qh8LILJ5-UG6OwURFt9AfU-P5E4ZDJ9uKC956koyxNcftwF1hsmAkbLo HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Njk4NTUyMTE1NzM0MjI5MzQ3Mg==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIPUve2E-QrokDXyB_BcEOw&google_cver=1

Request Chain 142

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEPMV6sTLzb1Q4vhCck2u9tY&google_cver=1&google_push=AYg5qPIQw2Gyf-897rjSufskO9Ex_HfLXa3yZxZJsJH8mrUgkh7giEHuJRmFzyAB3ishsZe6XfDz9SbQK8THu68CgY7OVDoR2bRC HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ObGvbo3bSwKu-F4pFop1WQ2&google_push=AYg5qPIQw2Gyf-897rjSufskO9Ex_HfLXa3yZxZJsJH8mrUgkh7giEHuJRmFzyAB3ishsZe6XfDz9SbQK8THu68CgY7OVDoR2bRC

Request Chain 143

• https://a.c.appier.net/gcm?google_gid=CAESEPMyav-CULM3MFo5C3OMlKs&google_cver=1&google_push=AYg5qPJpEniFiSBjK1Prm-oH9f0RwqtLTiW1EjnKVpagiqLyxP2oWl5miQPEkpn2327mO-iMx8-70_1me7BOGVOU8KqS6GbLIXM HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bXJ3amhWVkNBSk9kNEI2RXB4TGhZUQ%3D%3D&google_push=AYg5qPJpEniFiSBjK1Prm-oH9f0RwqtLTiW1EjnKVpagiqLyxP2oWl5miQPEkpn2327mO-iMx8-70_1me7BOGVOU8KqS6GbLIXM

Request Chain 144

• https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEMCOL32xzRVuNsuU8qsT2y0&google_cver=1&google_push=AYg5qPIgPu19vBC4yEIEO_FWfCham8byHDJtda6b-QkQ9dPix2ja_NNlINg5owcE1W2fBKjUsFaVsyK_sGmlBZRdv1kBgMqoRKY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPIgPu19vBC4yEIEO_FWfCham8byHDJtda6b-QkQ9dPix2ja_NNlINg5owcE1W2fBKjUsFaVsyK_sGmlBZRdv1kBgMqoRKY

Request Chain 146

• https://cs.media.net/cksync?type=g&google_gid=CAESEMP2ChPYd05ebuXcO729eMI&google_cver=1&google_push=AYg5qPJRSj7j9OmnL_Kcwk1vK6VMDysEKG80jk9CONGtUzU57CyExO2eRdnbNIN1LHf5UQ5ybmCAGA_EJrrr4Rh7J3Tp8kR0AD1z HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1MTQxOTI2NzU3Njg2NDAwMFYxMA%3d%3d&mn_hm=Mjg1MTQxOTI2NzU3Njg2NDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJRSj7j9OmnL_Kcwk1vK6VMDysEKG80jk9CONGtUzU57CyExO2eRdnbNIN1LHf5UQ5ybmCAGA_EJrrr4Rh7J3Tp8kR0AD1z&gdpr=&gdpr_consent=

Request Chain 198

• https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
• https://pb-server.ezoic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=YeESpuqnxLFs-6tRrxh1vQAA%261198

214 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.macobserver.com/news/transcredit-leaks-800000/	183 KB 38 KB	244ms 219ms	Document text/html	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / PHP/7.4.22 Resource Hash 7dfa2169fc8e52ed3509c0c79146f4d11acac6d00d98e16464129720abcf7794 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers cache-control private, max-age=0, must-revalidate, no-cache, no-store content-encoding br content-type text/html; charset=UTF-8 date Fri, 14 Jan 2022 06:05:21 GMT display pub_site_sol expires Thu, 13 Jan 2022 06:05:21 GMT link <https://www.macobserver.com/wp-json/>; rel="https://api.w.org/", <https://www.macobserver.com/wp-json/wp/v2/posts/126824>; rel="alternate"; type="application/json", <https://www.macobserver.com/?p=126824>; rel=shortlink pagespeed off response 200 server nginx vary Accept-Encoding Accept-Encoding,User-Agent x-ez-minify-html 7.23% 187253 / 201838 x-ezoic-cdn Hit ds;mm;0e243bba5d7797ba207508e417a9f8ae;2-317836-5;5fb45b18-d395-4ef8-403d-89ac70ee4fb8 x-middleton-display pub_site_sol x-middleton-response 200 x-origin-cache-control x-powered-by PHP/7.4.22 x-sol pub_site
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	78 KB 27 KB	36ms 14ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software sffe / Resource Hash b346f636e2c30bada02356586ecd98fb9bab00005aad2af343e6771c4b889f30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26923 x-xss-protection 0 server sffe etag "1101 / 583 of 1000 / last-modified: 1642115081" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 14 Jan 2022 06:05:21 GMT
GET H2	200	dall.js Show response go.ezodn.com/hb/	355 KB 103 KB	91ms 73ms	Script application/javascript	2606:4700:3036::ac43:a1d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:a1d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 98385bd69cfe04592a82be198f059494f07d43d76966cdb9eb98e234db437e95 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br cf-cache-status MISS last-modified Fri, 14 Jan 2022 06:05:21 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvoE5Ec1h34Arz53D8oxhUnaRVMvNblAlh8%2FNFd%2BPNQCCj0liZD8ZKpYiLGNqHWIxheh9kptJe1cJ3gYHQhmDc4qx9xQNvhIynukaUsypUPakm5HfpGIGpx8y8z2f8M7CEV8WpAVDAxtfUM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6cd4ac11a8b07043-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	134 KB 36 KB	39ms 10ms	Script application/javascript	108.156.255.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.255.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-amz-version-id HFEsVPyG2xdk9_FYeN9qMCR4YggSwnaH content-encoding gzip etag 8d3665a9b316600491247ca6d78c204c age 800 x-cache Hit from cloudfront server Server x-amz-rid 02EMFCANWPJYSZVS9TB0 date Fri, 14 Jan 2022 05:52:06 GMT vary Accept-Encoding content-type application/javascript via 1.1 0247123ccdc6a2a86167d7f4de30885a.cloudfront.net (CloudFront) cache-control public, max-age=900 x-amz-cf-pop DUS51-P2 accept-ranges bytes timing-allow-origin * x-amz-cf-id i-lFysg-QxUu5VFVbS5DFop9EDC1SrTro-v3GG8QXrx-OV4tUDNqAw==
GET H2	200	banger.js Show response www.macobserver.com/porpoiseant/	53 KB 12 KB	18ms 17ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/porpoiseant/banger.js?cb=195-0&bv=94&v=57&PageSpeed=off Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 1a8fd72b6404a08c8687909ce6899507a126faf585bde78af44d12de45fd18f0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br server nginx vary Accept-Encoding, Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex
GET H2	200	data-leak.jpg www.macobserver.com/wp-content/uploads/2018/06/	162 KB 163 KB	24ms 23ms	Image image/webp	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/uploads/2018/06/data-leak.jpg?ezimgfmt=ng%3Awebp%2Fngcb1%2Frs%3Adevice%2Frscb1-1 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash deeb1c8ec2c018b68363e776e5ae7200bc80363fabfe2088b0ae80f76d127d63 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br display staticcontent_sol x-amzn-requestid 6217eda7-f929-497e-bd93-0b6f72d3e83a x-ezoic-cdn Hit ds;mm;ef07277e4e6ba9ee45448fed69c86b7c;2-317836-5;f2f68add-04ad-4a8e-7fb2-bdfc1bd7839f x-cache Miss from cloudfront x-middleton-display staticcontent_sol x-amzn-trace-id Root=1-61de1a93-389401e60eb4d50a6efce291;Sampled=0 x-middleton-response 200 x-amz-apigw-id LzkXIEGYoAMF2xA= response 200 server nginx x-origin-cache-control vary Accept-Encoding, User-Agent,Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront) cache-control public, max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA56-P3 access-control-allow-headers Content-Type, Authorization x-amz-cf-id --9KRCOYLZ5UOPx_ytw-WUsyd9bZ7xZg8WitbY0JTQ69Eg9eCYif8Q==
GET H2	200	ProximaNova.woff www.macobserver.com/wp-content/themes/observer_two/dist/fonts/	28 KB 28 KB	27ms 26ms	Font application/font-woff	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/fonts/ProximaNova.woff Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash b1d8e1b88a9016575e98f8285f9eeea821f9b79ef070b74ba53671e0e8987589 Request headers Referer https://www.macobserver.com/news/transcredit-leaks-800000/ Origin https://www.macobserver.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br etag "6e14-5cfc5b32b32b8-gzip-gzip" display staticcontent_sol x-ezoic-cdn Hit ds;mm;ef0db245cbaad13e7a8ddfe65aa3a3e2;2-317836-5;0f948462-966c-44b1-769d-98d8a6dc8167 x-middleton-display staticcontent_sol x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin response 200 last-modified Fri, 14 Jan 2022 02:12:25 GMT server nginx x-origin-cache-control access-control-max-age 1728000 access-control-allow-methods POST, GET, OPTIONS content-type application/font-woff access-control-allow-origin https://www.macobserver.com cache-control public, max-age=31536000
GET H2	200	ProximaNova-Bold.woff www.macobserver.com/wp-content/themes/observer_two/dist/fonts/	28 KB 28 KB	44ms 42ms	Font application/font-woff	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/fonts/ProximaNova-Bold.woff Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 44438d4a974efb377542aa90d8792e27b621d848bc1d60aec41dbf1994b2c758 Request headers Referer https://www.macobserver.com/news/transcredit-leaks-800000/ Origin https://www.macobserver.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br etag "6e30-5cfc5b32b4640-gzip-gzip" display staticcontent_sol x-ezoic-cdn Hit ds;mm;8397dc1ec6a6d2133b4a49f8d00c85da;2-317836-5;45dd21fb-c4f5-405d-4058-aef385a65253 x-middleton-display staticcontent_sol x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin response 200 last-modified Fri, 14 Jan 2022 02:58:19 GMT server nginx x-origin-cache-control access-control-max-age 1728000 access-control-allow-methods POST, GET, OPTIONS content-type application/font-woff access-control-allow-origin https://www.macobserver.com cache-control public, max-age=31536000
GET H2	200	ProximaNova-Italic.woff www.macobserver.com/wp-content/themes/observer_two/dist/fonts/	30 KB 30 KB	27ms 25ms	Font application/font-woff	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/fonts/ProximaNova-Italic.woff Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash a88819cc40363c32436e6263b244c98c588601948ff54603c9b982b2d252091b Request headers Referer https://www.macobserver.com/news/transcredit-leaks-800000/ Origin https://www.macobserver.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br etag "7690-5cfc5b32b32b8-gzip-gzip" display staticcontent_sol x-ezoic-cdn Hit ds;mm;f62028288e27b871e5255b8bacc8ce1c;2-317836-5;0f65a6c3-c301-41d9-5e28-cfa6f3a16814 x-middleton-display staticcontent_sol x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin response 200 last-modified Fri, 14 Jan 2022 03:57:23 GMT server nginx x-origin-cache-control access-control-max-age 1728000 access-control-allow-methods POST, GET, OPTIONS content-type application/font-woff access-control-allow-origin https://www.macobserver.com cache-control public, max-age=31536000
GET H2	200	ProximaNova-BoldItalic.woff www.macobserver.com/wp-content/themes/observer_two/dist/fonts/	29 KB 29 KB	26ms 23ms	Font application/font-woff	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/fonts/ProximaNova-BoldItalic.woff Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash d2ed827ec7f85c92d18cde066e0f1ed588823ec3e9487a2a12da1e41bcbc7c3d Request headers Referer https://www.macobserver.com/news/transcredit-leaks-800000/ Origin https://www.macobserver.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br etag "74f8-5cfc5b32b32b8-gzip-gzip" display staticcontent_sol x-ezoic-cdn Hit ds;mm;ccdc707eaccc3ad2cda0c571a058e02a;2-317836-5;ef1b93c0-28ef-4ccf-4e9e-a6d076f5653b x-middleton-display staticcontent_sol x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin response 200 last-modified Fri, 14 Jan 2022 03:48:28 GMT server nginx x-origin-cache-control access-control-max-age 1728000 access-control-allow-methods POST, GET, OPTIONS content-type application/font-woff access-control-allow-origin https://www.macobserver.com cache-control public, max-age=31536000
GET H2	200	ProximaNova.woff2 www.macobserver.com/wp-content/themes/observer_two/dist/fonts/	21 KB 22 KB	18ms 15ms	Font font/woff2	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/fonts/ProximaNova.woff2 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 92f85c159c10353a04b8caf90ff027dd45f8bae7e0629ff867748fa984d55b96 Request headers Referer https://www.macobserver.com/news/transcredit-leaks-800000/ Origin https://www.macobserver.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br etag "554c-5cfc5b32b4258-gzip-gzip" display staticcontent_sol x-ezoic-cdn Hit ds;mm;a1a6726975e0202e0348c3b32e5464ae;2-317836-5;d2423814-1fea-4c0e-5689-7a588223736d x-middleton-display staticcontent_sol x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin response 200 last-modified Fri, 14 Jan 2022 00:11:24 GMT server nginx x-origin-cache-control access-control-max-age 1728000 access-control-allow-methods POST, GET, OPTIONS content-type font/woff2 access-control-allow-origin https://www.macobserver.com cache-control public, max-age=31536000
GET H2	200	ProximaNova-Bold.woff2 www.macobserver.com/wp-content/themes/observer_two/dist/fonts/	21 KB 22 KB	36ms 33ms	Font font/woff2	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/fonts/ProximaNova-Bold.woff2 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash d10420983eca1a27ee7a501ae0d5011de529f286a11e66dedffcae6e4aae3701 Request headers Referer https://www.macobserver.com/news/transcredit-leaks-800000/ Origin https://www.macobserver.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br etag "55bc-5cfc5b32b32b8-gzip-gzip" display staticcontent_sol x-ezoic-cdn Hit ds;mm;91c0c4d259629f737cf2f9b4ead49018;2-317836-5;db93c70a-0594-40b6-4042-7ef86f9d31b7 x-middleton-display staticcontent_sol x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin response 200 last-modified Fri, 14 Jan 2022 03:12:22 GMT server nginx x-origin-cache-control access-control-max-age 1728000 access-control-allow-methods POST, GET, OPTIONS content-type font/woff2 access-control-allow-origin https://www.macobserver.com cache-control public, max-age=31536000
GET H2	200	ProximaNova-Italic.woff2 www.macobserver.com/wp-content/themes/observer_two/dist/fonts/	23 KB 23 KB	19ms 15ms	Font font/woff2	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/fonts/ProximaNova-Italic.woff2 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 37510be34740fc7f159156b06da086e3b6342f2e7662c1fd7c20605c14a21f29 Request headers Referer https://www.macobserver.com/news/transcredit-leaks-800000/ Origin https://www.macobserver.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br etag "5bd0-5cfc5b32b36a0-gzip-gzip" display staticcontent_sol x-ezoic-cdn Hit ds;mm;c1df4a7e5e2e11267a813537e199052e;2-317836-5;debf68b1-c253-414f-7257-aee0eb31bb0e x-middleton-display staticcontent_sol x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin response 200 last-modified Fri, 14 Jan 2022 00:11:24 GMT server nginx x-origin-cache-control access-control-max-age 1728000 access-control-allow-methods POST, GET, OPTIONS content-type font/woff2 access-control-allow-origin https://www.macobserver.com cache-control public, max-age=31536000
GET H2	200	ProximaNova-BoldItalic.woff2 www.macobserver.com/wp-content/themes/observer_two/dist/fonts/	23 KB 23 KB	25ms 22ms	Font font/woff2	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/fonts/ProximaNova-BoldItalic.woff2 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 682ba2487c20cd971d89062d170ef90db6d282d945674d626e54b69389c458c0 Request headers Referer https://www.macobserver.com/news/transcredit-leaks-800000/ Origin https://www.macobserver.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br etag "5a74-5cfc5b32b32b8-gzip-gzip" display staticcontent_sol x-ezoic-cdn Hit ds;mm;7f7ef6208cb1e46c5a2b0188b458ecb0;2-317836-5;c59e829e-0271-4b70-7664-a3a621f58b45 x-middleton-display staticcontent_sol x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin response 200 last-modified Fri, 14 Jan 2022 02:12:26 GMT server nginx x-origin-cache-control access-control-max-age 1728000 access-control-allow-methods POST, GET, OPTIONS content-type font/woff2 access-control-allow-origin https://www.macobserver.com cache-control public, max-age=31536000
GET H2	200	tmo-icons.ttf www.macobserver.com/wp-content/themes/observer_two/dist/fonts/	9 KB 5 KB	26ms 23ms	Font application/font-sfnt	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/fonts/tmo-icons.ttf Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 49947954b9eb7f925945f288a0e05145990dcfbee00d6ba0ba68b58ec22fc49a Request headers Referer https://www.macobserver.com/news/transcredit-leaks-800000/ Origin https://www.macobserver.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br etag "2538-5cfc5b32b32b8-gzip-gzip" display staticcontent_sol x-ezoic-cdn Hit ds;mm;cdc34fb39b9fc2b995e3cd8ec4c029e5;2-317836-5;a9798dcf-455f-4cca-435c-9d3d11637a31 x-middleton-display staticcontent_sol x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin response 200 last-modified Fri, 14 Jan 2022 02:58:21 GMT server nginx x-origin-cache-control access-control-max-age 1728000 access-control-allow-methods POST, GET, OPTIONS content-type application/font-sfnt access-control-allow-origin https://www.macobserver.com cache-control public, max-age=31536000
GET H2	200	style.min.css www.macobserver.com/wp-includes/css/dist/block-library/	4 KB 1 KB	26ms 22ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 5aec865af9e301dcba0e97c75b9630ad0a067d818ec60976f35adbc59e807017 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;d5605c866bcb7ce97c4930227a6545ee;2-317836-5;340048ce-783a-4232-5913-4c466b30b07a x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 969 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 00:11:23 GMT server nginx etag "13abe-5c791e39340fe-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	mediaelementplayer-legacy.min.css www.macobserver.com/wp-includes/js/mediaelement/	8 KB 2 KB	34ms 30ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash a98a5878be86d1be7dac08f3cb6a4f8eb215c58bd45b24019a1d5f3a9c02e07d Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;827f943fb38e87b5999c187c00cbc3da;2-317836-5;2b6ace46-ed6f-4da6-4e34-681dd83429b3 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 1816 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 00:11:25 GMT server nginx etag "2bf8-5b60edbd506c5-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	wp-mediaelement.min.css www.macobserver.com/wp-includes/js/mediaelement/	1 KB 584 B	36ms 31ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.3&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 104fa067ddda6e63f2c6e3d31927fc59d20c1cd8410d269dbf7d8644f359647a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;a4b61d3ac44b11b22dbecd049005f918;2-317836-5;a30f774b-5ecb-44a7-4ad2-27d4722ca9fa x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 417 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 03:12:23 GMT server nginx etag "105a-597dc94fd2963-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	wc-blocks-vendors-style.css www.macobserver.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/	202 B 243 B	34ms 30ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.3.3&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 3189481ca0d43cbf1b55c6b22744a1162efabb6f24a30a9b2bd2d281ebd9fcf3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;3cec50dd9481165e3df75196218aa9cf;2-317836-5;3afefe63-b3a1-44c0-74d6-856ecb24cec1 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 90 x-origin-cache-control response 200 last-modified Thu, 13 Jan 2022 09:11:33 GMT server nginx etag "14b9-5d436e5030f54-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	wc-blocks-style.css www.macobserver.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/	2 KB 830 B	41ms 36ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.3.3&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash dbb8e3c1d88048f0a0177ea7940ef3d05ac5cf4e4b6d8cf3b8da05ef55c30c82 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;a93c15e0ae4b455c487a37dbd35ca19c;2-317836-5;b4f1d5be-2623-4a96-6f5a-416ccb2d942c x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 675 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 03:04:19 GMT server nginx etag "303c8-5d436e5031b0c-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	style.css www.macobserver.com/wp-content/plugins/wordpress-social-login/assets/css/	145 B 204 B	32ms 27ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/wordpress-social-login/assets/css/style.css?ver=5.8.3&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 2b71245c497c12247011a740a3c54c330ff83571b409a16b23c62ae6b3c59d09 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;946a4e4e51b19e87d3005145ddf1e33c;2-317836-5;9587d5d7-b922-4665-574f-c8f46136d251 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 74 x-origin-cache-control response 200 last-modified Thu, 13 Jan 2022 09:11:15 GMT server nginx etag "10c-5b089d6971d22-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	style.css www.macobserver.com/wp-content/plugins/wpdiscuz/themes/default/	44 KB 8 KB	53ms 48ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/wpdiscuz/themes/default/style.css?ver=7.3.9&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 2e85745e1b72d76cb7a6254969bc848441a1997e670792666f056a2dfb7f2b42 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br etag "1c83a-5d203a31c1417-gzip-gzip" response 200 last-modified Fri, 14 Jan 2022 03:12:24 GMT server nginx display staticcontent_sol, orig_site_sol x-origin-cache-control x-ezoic-cdn Hit ds;mm;3e9d7562c3b7de40a1f25b0a8bba020e;2-317836-5;4ea1e947-2156-4f6b-6844-45df00dd637c content-type text/css x-sol orig x-middleton-display staticcontent_sol, orig_site_sol cache-control public, max-age=31536000 x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin
GET H2	200	fa.min.css www.macobserver.com/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/	2 KB 688 B	39ms 35ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css?ver=7.3.9&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash ba63cd3aa13b67bfdd3a9474b544948ef3eb03e15cdb79a5e8591373ffdaaea9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;2d72ccdddf69e0d54ccd96569d94775c;2-317836-5;25f68032-e9ab-480e-5429-103ea866a14c x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 519 x-origin-cache-control response 200 last-modified Thu, 13 Jan 2022 09:11:16 GMT server nginx etag "2d07-5d203a31c9ccf-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	wpdiscuz-combo.min.css www.macobserver.com/wp-content/plugins/wpdiscuz/assets/css/	3 KB 1 KB	42ms 38ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/wpdiscuz/assets/css/wpdiscuz-combo.min.css?ver=5.8.3&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 23c4749147b75e874333677805370cba6065764579133e9e6378cb5b833729a2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;96f6fd265f686775f8eaa23897271121;2-317836-5;05622069-3daf-4377-7c5f-fb60fad7b950 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 890 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 03:04:19 GMT server nginx etag "9023-5d203a31c6a07-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	flag.min.css www.macobserver.com/wp-content/plugins/wpdiscuz-report-flagging/assets/css/	0 113 B	32ms 28ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/wpdiscuz-report-flagging/assets/css/flag.min.css?ver=7.0.7&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT etag "71e-5cbf65835cc2b-gzip" response 200 last-modified Fri, 14 Jan 2022 03:57:23 GMT server nginx display staticcontent_sol, orig_site_sol x-origin-cache-control x-ezoic-cdn Hit ds;mm;816f4c980e5bc8d02e1678c1b30df326;2-317836-5;3e33d27d-2f23-4655-5a6e-5ee1449323bc content-type text/css x-sol orig x-middleton-display staticcontent_sol, orig_site_sol cache-control public, max-age=31536000 x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-length 0
GET H2	200	style.css www.macobserver.com/wp-content/plugins/wpdiscuz-user-comment-mentioning/css/	716 B 408 B	36ms 32ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/wpdiscuz-user-comment-mentioning/css/style.css?ver=1.0.0&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 8ff47d77ef33643dd965c52365fca1483cd735a94a0fa1536c8fc8fcdc916264 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;b668fb3493c72cdd1b1a8add983bc40f;2-317836-5;12cdbad7-10db-4cc5-5484-470b159617ef x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 253 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 03:12:22 GMT server nginx etag "c4a-5d203a384865f-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	widgets.css www.macobserver.com/wp-content/plugins/wpforo/wpf-themes/classic/	8 KB 1 KB	35ms 30ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/wpforo/wpf-themes/classic/widgets.css?ver=1.9.9.1&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 1f2f0989ed981fcffb34e2b07191523147cfe1c5c58e0a3e8696cba5bc74cfea Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;b00e3a56560270d359552ccacb6f9994;2-317836-5;2cd33097-652b-41b5-680e-10e83db5dfed x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 1206 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 03:48:28 GMT server nginx etag "465d-5d109dfc19fef-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	wpforo-cross.css www.macobserver.com/wp-content/plugins/wpforo-cross-posting/assets/css/	1 KB 401 B	35ms 31ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/wpforo-cross-posting/assets/css/wpforo-cross.css?ver=5.8.3&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 5ce34027f792b598c52ac2e64d2d9aa567eeee2e761e2184c729dc8e9c650524 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;55fe3dac66f8ac4498c427be31ab8d90;2-317836-5;95a6a12d-2fd1-4a92-7baf-5870922f6314 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 271 x-origin-cache-control response 200 last-modified Thu, 13 Jan 2022 09:11:33 GMT server nginx etag "64f-5d29316c8e77c-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	embed.css www.macobserver.com/wp-content/plugins/wpforo-embeds/assets/css/	274 B 298 B	35ms 31ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/wpforo-embeds/assets/css/embed.css?ver=2.0.13&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash acb5098445d3134bbf7c7eb7200d2f9371cbf59a9643791aae9067dc583edeb4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;ea88c4109688b1861cda1b5d749e6343;2-317836-5;c01297c4-fd61-4dcc-40a7-d499ea35391a x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 102 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 00:11:25 GMT server nginx etag "6d4-5cadf28ad1183-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	tmo.css www.macobserver.com/wp-content/themes/observer_two/dist/css/	75 KB 11 KB	50ms 46ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/css/tmo.css?ver=1640241749&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash ec1e7d691dd6e5473ab8381f738732df7b6fd941d5231df67a4df54071282aaf Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br etag "4242c-5d3ca8ada2898-gzip-gzip" response 200 last-modified Fri, 14 Jan 2022 03:04:15 GMT server nginx display staticcontent_sol, orig_site_sol x-origin-cache-control x-ezoic-cdn Hit ds;mm;4b8cf186cefb7a4f2277834840eab788;2-317836-5;86d8cf28-5003-4add-70fc-26017e9068ae content-type text/css x-sol orig x-middleton-display staticcontent_sol, orig_site_sol cache-control public, max-age=31536000 x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin
GET H2	200	single.css www.macobserver.com/wp-content/themes/observer_two/dist/css/	3 KB 1 KB	31ms 27ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/css/single.css?ver=1635894539&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e31a0ba4f2b24274fc129280feef8285bc254eb7f7a6ed8cd622ff63c94b464c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;72d3f32c364bbb9e640565bb7d6d6542;2-317836-5;55dff9e2-23d1-4bf7-419b-db1b49eb7c80 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 896 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 03:57:21 GMT server nginx etag "1a78-5cfd660e82eb4-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	woo.css www.macobserver.com/wp-content/themes/observer_two/dist/css/	4 KB 1 KB	32ms 28ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/css/woo.css?ver=1.0.1&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash c8569a376f07a701e8cd043217d147f2c83f1385d4f2a9a86b593b88651daceb Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;4808f5cd5d62ba8221347c407db44cdd;2-317836-5;407a1b1f-8e60-4a89-7c6b-6519a840b02c x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 906 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 00:11:24 GMT server nginx etag "4d73-5cfc6357a0d01-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	name-your-price.min.css www.macobserver.com/wp-content/plugins/woocommerce-name-your-price/assets/css/	0 161 B	30ms 27ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/woocommerce-name-your-price/assets/css/name-your-price.min.css?ver=3.3.7&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT etag "4b8-5d2931693d975-gzip" response 200 last-modified Fri, 14 Jan 2022 03:12:23 GMT server nginx display staticcontent_sol, orig_site_sol x-origin-cache-control x-ezoic-cdn Hit ds;mm;564a3c10a769e9505fe0e9287de33bfe;2-317836-5;ce416ebf-b96c-4342-5aa4-2c68c66ecece content-type text/css x-sol orig x-middleton-display staticcontent_sol, orig_site_sol cache-control public, max-age=31536000 x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-length 0
GET H2	200	colors.css www.macobserver.com/wp-content/plugins/wpforo/wpf-themes/classic/	28 KB 3 KB	38ms 34ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/wpforo/wpf-themes/classic/colors.css?ver=1.9.9.1.f8fca00c826bd2f7aca3f56569b9f94f&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e2d95be32836b02ea7ec0ba47547c9d5f5055bbd2ad7acadba06701eb6cf5439 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;874b37d56e690c139f8da7ecdc239bcd;2-317836-5;0d791a65-5ea2-4b4f-693b-2a0a7b577471 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 3278 x-origin-cache-control response 200 last-modified Thu, 13 Jan 2022 09:11:16 GMT server nginx etag "108bb-5d55004a90da1-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	animate.min.css www.macobserver.com/wp-content/plugins/observer-plugin/css/	6 KB 504 B	29ms 26ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/observer-plugin/css/animate.min.css?ver=1.0&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash b65fbdc6092e212ee6b986ab7e37c8766226d0ff05a0e31ba873976111f8480b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;b17f6b4d59fe6e14107df97f687a82be;2-317836-5;0a310fae-a2b9-4d4e-5f4d-e04a001da9b1 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 373 x-origin-cache-control response 200 last-modified Thu, 13 Jan 2022 09:11:15 GMT server nginx etag "1ddc-5cfc5b173803b-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	observer-plugin.min.css www.macobserver.com/wp-content/plugins/observer-plugin/css/	8 KB 2 KB	33ms 30ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/observer-plugin/css/observer-plugin.min.css?ver=1.0&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash f64e95f88eee420db3efc3fd6b647ea680c09a08632c5a4031de4e3ef5ddfbc0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;3d30783ef1e50f06ec8de92cf1b85b5a;2-317836-5;a0faf82b-44ea-4135-43c8-cc5d21be8a4c x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 1484 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 00:11:25 GMT server nginx etag "24d3-5cfc5b173803b-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	jquery.fancybox.css www.macobserver.com/wp-content/plugins/observer-plugin/javascript/vendor/fancybox/	17 KB 4 KB	21ms 18ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/observer-plugin/javascript/vendor/fancybox/jquery.fancybox.css?ver=3.5.7&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 3fc93cc3f2dec261a4dbd670cfcf476a15f759d6b9066f30bb65e4082d032fdb Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;e46c135e25d1bd33c038769c8b7fd423;2-317836-5;237cd928-1b19-494f-7ec4-ff4d70ed9624 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 3444 x-origin-cache-control response 200 last-modified Thu, 13 Jan 2022 09:11:15 GMT server nginx etag "4404-5cfc5b17368cb-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=2592000
GET H2	200	jetpack.css www.macobserver.com/wp-content/plugins/jetpack/css/	11 KB 4 KB	48ms 45ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.4&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 9f486d37d5c3c79f8426ef4c6aeb4beed051659d8d99fa5b9ba7381b300dab41 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;085655c0f44405a492310d2123e756e0;2-317836-5;68246439-424e-4162-6f84-7b353e6dca9a x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 3394 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 03:04:19 GMT server nginx etag "1540e-5d2931615eb2e-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	tmo-icons.woff www.macobserver.com/wp-content/themes/observer_two/dist/fonts/	9 KB 5 KB	28ms 26ms	Font application/font-woff	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/fonts/tmo-icons.woff Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash a91a55b25f1fb830e2f943a63b173e350299c67694c84a117c51098b991050e3 Request headers Referer https://www.macobserver.com/news/transcredit-leaks-800000/ Origin https://www.macobserver.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br etag "2584-5cfc5b32b4258-gzip-gzip" display staticcontent_sol x-ezoic-cdn Hit ds;mm;36ef7ef2c9dc301f81e2d88909ecad83;2-317836-5;5099df39-a4cb-4ce3-7d02-d0c99fe4a066 x-middleton-display staticcontent_sol x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin response 200 last-modified Fri, 14 Jan 2022 00:11:25 GMT server nginx x-origin-cache-control access-control-max-age 1728000 access-control-allow-methods POST, GET, OPTIONS content-type application/font-woff access-control-allow-origin https://www.macobserver.com cache-control public, max-age=31536000
GET H2	200	cookieconsent.min.js Show response www.macobserver.com/ezoic/	4 KB 2 KB	11ms 10ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/ezoic/cookieconsent.min.js Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br last-modified Tue, 13 Jul 2021 14:05:09 GMT server nginx etag "11a4-5c701b9c2cf40-gzip" vary Accept-Encoding, Accept-Encoding content-type application/javascript cache-control max-age=31536000, public accept-ranges bytes x-robots-tag noindex content-length 1707 expires Sat, 14 Jan 2023 06:05:21 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	91 KB 36 KB	44ms 16ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-438845-1 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cda924b3a17f91831e831ed4b5ce03340714bdd815bcd897341662d8cd2f35b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36461 x-xss-protection 0 expires Fri, 14 Jan 2022 06:05:21 GMT
GET H2	200	cmbv2.js Show response www.macobserver.com/detroitchicago/	88 KB 25 KB	22ms 22ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash a83e1270ab12b4c8d5137335035c652af1776fdde652a9798656405e0aa84f17 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br server nginx vary Accept-Encoding, Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public, max-age=31536000, public x-robots-tag noindex
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4c9031f746980a41a3dfb88200c9e65299c8acd72594624f5f2ffedd8591552f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d77c8636e7131d17157d91e24c730940324d540b7dfc1caf1e065e997751b92b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	pubads_impl_2022010407.js Show response securepubads.g.doubleclick.net/gpt/	352 KB 118 KB	8ms 7ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software sffe / Resource Hash d4d964d6d34df7fde3554039d33b468b74afee14d6526a87b926688f0fc8d93c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 02:02:39 GMT content-encoding gzip x-content-type-options nosniff age 14562 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 120967 x-xss-protection 0 last-modified Tue, 04 Jan 2022 16:13:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 14 Jan 2023 02:02:39 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	197 B 154 B	31ms 16ms	XHR application/json	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.macobserver.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 3a1550bd4f00a5b503b8076ef91e1daf20d4a604f4956096b4204cbfc6465300 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 14 Jan 2022 06:05:21 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 129 x-xss-protection 0 expires Fri, 14 Jan 2022 06:05:21 GMT
GET H2	200	imp.gif Show response www.macobserver.com/detroitchicago/	43 B 159 B	194ms 194ms	XHR image/gif	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A-1%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%2222%2C22%2C22%2C1%2C1%2C1%2C3%2C5%2C4%2C701%2C0%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A11%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22Frankfurt%20am%20Main%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A6%2C%22domain_id%22%3A317836%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A5%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1101%2C1101%2C1101%2C1102%2C1111%2C1117%2C1127%2C1148%2C1148%2C1148%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22c02d9edc-e960-43af-5945-27efd0e27fbf%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2260326%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A79009%2C%22response_time_orig%22%3A20%2C%22serverid%22%3A%2252.58.149.195%3A26274%22%2C%22state%22%3A%22HE%22%2C%22sub_page_ad_positions%22%3A%221100%2C1101%2C1101%2C1101%2C1102%2C1111%2C1117%2C1127%2C1148%2C1148%2C1148%22%2C%22t_epoch%22%3A1642140321%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A516%2C%22worst_bad_word_level%22%3A0%7D Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br server nginx vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/gif x-middleton-display imp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 47 expires Thu, 13 Jan 2022 06:05:21 GMT
GET H2	200	quant.js Show response secure.quantserve.com/	24 KB 10 KB	32ms 8ms	Script application/javascript	2620:116:800d:21:36a9:ecb:e518:b308 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding gzip etag "FMCWFRCBdbNj8Eh2c0G78Q==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes expires Fri, 21 Jan 2022 06:05:21 GMT
GET DATA	200 OK	truncated /	42 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	cmbdv2.js Show response www.macobserver.com/detroitchicago/	47 KB 11 KB	17ms 16ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-5y0c-5y18-4y35-23y58-21&cmbcb=20&sj=x03x0cx18x35x58 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 95ebd12bc64aad08832885e6cc06e1927c37583261cf9c5be85b1fb8f4799c02 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br server nginx vary Accept-Encoding, Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public, max-age=31536000, public x-robots-tag noindex
GET H2	200	nmash.js www.macobserver.com/porpoiseant/	24 KB 6 KB	11ms 10ms	Other application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/porpoiseant/nmash.js?v=94 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br last-modified Fri, 14 Jan 2022 03:12:23 GMT server nginx etag "6003-5d5822bf2dc08;5d5822bf2dc08-gzip" vary Accept-Encoding, Accept-Encoding content-type application/javascript cache-control max-age=31536000, public accept-ranges bytes x-robots-tag noindex
GET		config c.amazon-adsystem.com/cdn/prod/	0 0
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	23 B 496 B	46ms 46ms	XHR text/javascript	108.156.255.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&pid=AhY6EpF48OUhi&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-macobserver_com-medrectangle-4-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fmacobserver_com-medrectangle-4%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-macobserver_com-medrectangle-4-0_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fmacobserver_com-medrectangle-4%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-macobserver_com-medrectangle-4-0_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fmacobserver_com-medrectangle-4%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-macobserver_com-box-2-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fmacobserver_com-box-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-macobserver_com-box-2-0_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fmacobserver_com-box-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-macobserver_com-box-2-0_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fmacobserver_com-box-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-macobserver_com-box-4-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fmacobserver_com-box-4%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-macobserver_com-medrectangle-2-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2Fmacobserver_com-medrectangle-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-macobserver_com-medrectangle-1-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2Fmacobserver_com-medrectangle-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-macobserver_com-large-mobile-banner-1-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fmacobserver_com-large-mobile-banner-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-macobserver_com-box-1-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fmacobserver_com-box-1%22%7D%5D&schain=1.0%2C1!ezoic.ai%2C7edf3e09a35d92663cb9fbba8e3a5813%2C1%2C%2C%2C&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.255.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT via 1.1 0247123ccdc6a2a86167d7f4de30885a.cloudfront.net (CloudFront) server Server x-amz-cf-pop DUS51-P2 x-amz-rid 2SRNR7BCFHBT84YH3ATV vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.macobserver.com access-control-allow-credentials true permissions-policy interest-cohort=() strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 23 x-amz-cf-id lbuAukAaZrvC9u7gRyUK-YSZlGvDJJG02uaJPhJtbLvvjZibUNkcjw==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	31ms 10ms	XHR application/javascript	108.156.255.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.255.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-amz-version-id L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96 content-encoding gzip etag W/"a4d296427fc806b21335359e398c025c" age 14257 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-origin * last-modified Wed, 22 Dec 2021 01:41:37 GMT server AmazonS3 date Fri, 14 Jan 2022 03:06:51 GMT vary Accept-Encoding,Origin access-control-allow-methods GET content-type application/javascript via 1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop DUS51-P2 x-amz-cf-id HpMEjl28uq6ZK2UMRVcRTLtuXB-iWNX2DCMBeQcSpTsieFdpmO7aWQ==
GET H2	200	houston.js Show response www.macobserver.com/detroitchicago/	4 KB 1 KB	11ms 11ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/detroitchicago/houston.js?gcb=0&cb=16 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br server nginx vary Accept-Encoding, Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex content-length 1351
GET H2	200	style.min.css www.macobserver.com/wp-includes/css/dist/block-library/	4 KB 4 KB	31ms 30ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;d5605c866bcb7ce97c4930227a6545ee;2-317836-5;340048ce-783a-4232-5913-4c466b30b07a x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 969 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 03:04:19 GMT server nginx etag "13abe-5c791e39340fe-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	mediaelementplayer-legacy.min.css www.macobserver.com/wp-includes/js/mediaelement/	8 KB 8 KB	19ms 18ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;827f943fb38e87b5999c187c00cbc3da;2-317836-5;2b6ace46-ed6f-4da6-4e34-681dd83429b3 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 1816 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 02:58:19 GMT server nginx etag "2bf8-5b60edbd506c5-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	wp-mediaelement.min.css www.macobserver.com/wp-includes/js/mediaelement/	1 KB 1 KB	23ms 22ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.3&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;a4b61d3ac44b11b22dbecd049005f918;2-317836-5;a30f774b-5ecb-44a7-4ad2-27d4722ca9fa x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 417 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 02:58:21 GMT server nginx etag "105a-597dc94fd2963-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	wc-blocks-vendors-style.css www.macobserver.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/	202 B 202 B	26ms 25ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.3.3&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;3cec50dd9481165e3df75196218aa9cf;2-317836-5;3afefe63-b3a1-44c0-74d6-856ecb24cec1 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 90 x-origin-cache-control response 200 last-modified Thu, 13 Jan 2022 09:11:33 GMT server nginx etag "14b9-5d436e5030f54-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	wc-blocks-style.css www.macobserver.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/	2 KB 2 KB	32ms 31ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.3.3&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;a93c15e0ae4b455c487a37dbd35ca19c;2-317836-5;b4f1d5be-2623-4a96-6f5a-416ccb2d942c x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 675 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 03:04:19 GMT server nginx etag "303c8-5d436e5031b0c-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	style.css www.macobserver.com/wp-content/plugins/wordpress-social-login/assets/css/	145 B 145 B	20ms 19ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/wordpress-social-login/assets/css/style.css?ver=5.8.3&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;946a4e4e51b19e87d3005145ddf1e33c;2-317836-5;9587d5d7-b922-4665-574f-c8f46136d251 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 74 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 00:11:23 GMT server nginx etag "10c-5b089d6971d22-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	style.css www.macobserver.com/wp-content/plugins/wpdiscuz/themes/default/	44 KB 44 KB	32ms 30ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/wpdiscuz/themes/default/style.css?ver=7.3.9&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br etag "1c83a-5d203a31c1417-gzip-gzip" response 200 last-modified Fri, 14 Jan 2022 02:58:21 GMT server nginx display staticcontent_sol, orig_site_sol x-origin-cache-control x-ezoic-cdn Hit ds;mm;3e9d7562c3b7de40a1f25b0a8bba020e;2-317836-5;4ea1e947-2156-4f6b-6844-45df00dd637c content-type text/css x-sol orig x-middleton-display staticcontent_sol, orig_site_sol cache-control public, max-age=31536000 x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin
GET H2	200	fa.min.css www.macobserver.com/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/	2 KB 2 KB	25ms 23ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css?ver=7.3.9&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;2d72ccdddf69e0d54ccd96569d94775c;2-317836-5;25f68032-e9ab-480e-5429-103ea866a14c x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 519 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 02:12:26 GMT server nginx etag "2d07-5d203a31c9ccf-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	wpdiscuz-combo.min.css www.macobserver.com/wp-content/plugins/wpdiscuz/assets/css/	3 KB 3 KB	28ms 26ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/wpdiscuz/assets/css/wpdiscuz-combo.min.css?ver=5.8.3&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;96f6fd265f686775f8eaa23897271121;2-317836-5;05622069-3daf-4377-7c5f-fb60fad7b950 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 890 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 03:04:19 GMT server nginx etag "9023-5d203a31c6a07-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	flag.min.css www.macobserver.com/wp-content/plugins/wpdiscuz-report-flagging/assets/css/	0 138 B	25ms 23ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/wpdiscuz-report-flagging/assets/css/flag.min.css?ver=7.0.7&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT etag "71e-5cbf65835cc2b-gzip" response 200 last-modified Fri, 14 Jan 2022 03:57:23 GMT server nginx display staticcontent_sol, orig_site_sol x-origin-cache-control x-ezoic-cdn Hit ds;mm;816f4c980e5bc8d02e1678c1b30df326;2-317836-5;3e33d27d-2f23-4655-5a6e-5ee1449323bc content-type text/css x-sol orig x-middleton-display staticcontent_sol, orig_site_sol cache-control public, max-age=31536000 x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-length 0
GET H2	200	style.css www.macobserver.com/wp-content/plugins/wpdiscuz-user-comment-mentioning/css/	716 B 716 B	20ms 17ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/wpdiscuz-user-comment-mentioning/css/style.css?ver=1.0.0&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;b668fb3493c72cdd1b1a8add983bc40f;2-317836-5;12cdbad7-10db-4cc5-5484-470b159617ef x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 253 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 02:58:19 GMT server nginx etag "c4a-5d203a384865f-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	widgets.css www.macobserver.com/wp-content/plugins/wpforo/wpf-themes/classic/	8 KB 8 KB	70ms 67ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/wpforo/wpf-themes/classic/widgets.css?ver=1.9.9.1&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;b00e3a56560270d359552ccacb6f9994;2-317836-5;2cd33097-652b-41b5-680e-10e83db5dfed x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 1206 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 00:11:25 GMT server nginx etag "465d-5d109dfc19fef-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	wpforo-cross.css www.macobserver.com/wp-content/plugins/wpforo-cross-posting/assets/css/	1 KB 1 KB	25ms 21ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/wpforo-cross-posting/assets/css/wpforo-cross.css?ver=5.8.3&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;55fe3dac66f8ac4498c427be31ab8d90;2-317836-5;95a6a12d-2fd1-4a92-7baf-5870922f6314 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 271 x-origin-cache-control response 200 last-modified Thu, 13 Jan 2022 09:11:33 GMT server nginx etag "64f-5d29316c8e77c-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	embed.css www.macobserver.com/wp-content/plugins/wpforo-embeds/assets/css/	274 B 274 B	29ms 26ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/wpforo-embeds/assets/css/embed.css?ver=2.0.13&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;ea88c4109688b1861cda1b5d749e6343;2-317836-5;c01297c4-fd61-4dcc-40a7-d499ea35391a x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 102 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 00:11:25 GMT server nginx etag "6d4-5cadf28ad1183-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	tmo.css www.macobserver.com/wp-content/themes/observer_two/dist/css/	64 KB 64 KB	131ms 128ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/css/tmo.css?ver=1640241749&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br etag "4242c-5d3ca8ada2898-gzip-gzip" response 200 last-modified Fri, 14 Jan 2022 03:57:21 GMT server nginx display staticcontent_sol, orig_site_sol x-origin-cache-control x-ezoic-cdn Hit ds;mm;4b8cf186cefb7a4f2277834840eab788;2-317836-5;86d8cf28-5003-4add-70fc-26017e9068ae content-type text/css x-sol orig x-middleton-display staticcontent_sol, orig_site_sol cache-control public, max-age=31536000 x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin
GET H2	200	single.css www.macobserver.com/wp-content/themes/observer_two/dist/css/	3 KB 3 KB	28ms 25ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/css/single.css?ver=1635894539&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;72d3f32c364bbb9e640565bb7d6d6542;2-317836-5;55dff9e2-23d1-4bf7-419b-db1b49eb7c80 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 896 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 02:12:26 GMT server nginx etag "1a78-5cfd660e82eb4-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	woo.css www.macobserver.com/wp-content/themes/observer_two/dist/css/	4 KB 4 KB	26ms 23ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/css/woo.css?ver=1.0.1&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;4808f5cd5d62ba8221347c407db44cdd;2-317836-5;407a1b1f-8e60-4a89-7c6b-6519a840b02c x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 906 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 03:12:22 GMT server nginx etag "4d73-5cfc6357a0d01-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	name-your-price.min.css www.macobserver.com/wp-content/plugins/woocommerce-name-your-price/assets/css/	0 136 B	27ms 24ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/woocommerce-name-your-price/assets/css/name-your-price.min.css?ver=3.3.7&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT etag "4b8-5d2931693d975-gzip" response 200 last-modified Fri, 14 Jan 2022 00:11:25 GMT server nginx display staticcontent_sol, orig_site_sol x-origin-cache-control x-ezoic-cdn Hit ds;mm;564a3c10a769e9505fe0e9287de33bfe;2-317836-5;ce416ebf-b96c-4342-5aa4-2c68c66ecece content-type text/css x-sol orig x-middleton-display staticcontent_sol, orig_site_sol cache-control public, max-age=31536000 x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-length 0
GET H2	200	colors.css www.macobserver.com/wp-content/plugins/wpforo/wpf-themes/classic/	28 KB 28 KB	28ms 26ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/wpforo/wpf-themes/classic/colors.css?ver=1.9.9.1.f8fca00c826bd2f7aca3f56569b9f94f&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;874b37d56e690c139f8da7ecdc239bcd;2-317836-5;0d791a65-5ea2-4b4f-693b-2a0a7b577471 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 3278 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 02:58:19 GMT server nginx etag "108bb-5d55004a90da1-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	animate.min.css www.macobserver.com/wp-content/plugins/observer-plugin/css/	6 KB 6 KB	28ms 26ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/observer-plugin/css/animate.min.css?ver=1.0&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;b17f6b4d59fe6e14107df97f687a82be;2-317836-5;0a310fae-a2b9-4d4e-5f4d-e04a001da9b1 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 373 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 03:48:28 GMT server nginx etag "1ddc-5cfc5b173803b-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	observer-plugin.min.css www.macobserver.com/wp-content/plugins/observer-plugin/css/	8 KB 8 KB	21ms 19ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/observer-plugin/css/observer-plugin.min.css?ver=1.0&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;3d30783ef1e50f06ec8de92cf1b85b5a;2-317836-5;a0faf82b-44ea-4135-43c8-cc5d21be8a4c x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 1484 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 00:11:24 GMT server nginx etag "24d3-5cfc5b173803b-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	jquery.fancybox.css www.macobserver.com/wp-content/plugins/observer-plugin/javascript/vendor/fancybox/	17 KB 17 KB	17ms 16ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/observer-plugin/javascript/vendor/fancybox/jquery.fancybox.css?ver=3.5.7&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;e46c135e25d1bd33c038769c8b7fd423;2-317836-5;237cd928-1b19-494f-7ec4-ff4d70ed9624 x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 3444 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 03:04:15 GMT server nginx etag "4404-5cfc5b17368cb-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=2592000
GET H2	200	jetpack.css www.macobserver.com/wp-content/plugins/jetpack/css/	11 KB 11 KB	43ms 42ms	Image text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.4&ez_used_css_s=13 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br x-sol orig display staticcontent_sol, orig_site_sol x-ezoic-cdn Hit ds;mm;085655c0f44405a492310d2123e756e0;2-317836-5;68246439-424e-4162-6f84-7b353e6dca9a x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 3394 x-origin-cache-control response 200 last-modified Fri, 14 Jan 2022 03:12:24 GMT server nginx etag "1540e-5d2931615eb2e-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	ezoic.png go.ezoic.net/utilcave_com/img/	1 KB 2 KB	31ms 6ms	Image image/png	2600:9000:2250:b400:2:cb38:840:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://go.ezoic.net/utilcave_com/img/ezoic.png Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:b400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 10 Jan 2022 07:27:28 GMT via 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront) x-sol middleton age 340673 x-cache Hit from cloudfront x-middleton-display staticcontent_sol content-length 1181 x-amz-cf-id s49rmKsKKiZ7jq168PxAlUpusMYFFOhD_QzgpalglyUzDycOBjoB6g== last-modified Tue, 13 Jul 2021 14:05:09 GMT server nginx etag "49d-5bd497273b080-gzip-gzip" vary Accept-Encoding,Accept-Encoding content-type image/png cache-control max-age=604800 x-amz-cf-pop FRA60-P2 display staticcontent_sol expires Mon, 17 Jan 2022 07:27:28 GMT
GET H2	200	logo.png www.macobserver.com/wp-content/themes/observer_two/dist/images/	3 KB 4 KB	16ms 15ms	Image image/webp	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/themes/observer_two/dist/images/logo.png?ezimgfmt=rs:112x46/rscb1/ng:webp/ngcb1 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash cea29a32196ecb5d2b9bdf8042602995bb418c5e12d87f0faa1707276ccd7453 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br display staticcontent_sol x-amzn-requestid 4e7fb527-bc3b-4ef8-bbbf-2a54d55173e1 x-ezoic-cdn Hit ds;mm;cf7c49a9fc6eefac0fc94cc52f531630;2-317836-5;342e4d70-e28c-4fdb-5a8a-21e9e373cc97 x-cache Miss from cloudfront x-middleton-display staticcontent_sol x-amzn-trace-id Root=1-61dda0bb-4d84c19d1c22e9555349eae2;Sampled=0 x-middleton-response 200 x-amz-apigw-id LyYNZF9jIAMFYPQ= content-length 3184 response 200 server nginx x-origin-cache-control vary Accept-Encoding, User-Agent,Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront) cache-control public, max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA56-P3 access-control-allow-headers Content-Type, Authorization x-amz-cf-id B1qdUpCBLFFVR6sL1PJ-AAuInfUsDUdlUn0tSBw1YrKcmwnjr9SNYw==
GET H2	200	20191022-headshot.png www.macobserver.com/wp-content/uploads/2019/10/	354 B 650 B	17ms 17ms	Image image/webp	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.macobserver.com/wp-content/uploads/2019/10/20191022-headshot.png?ezimgfmt=rs:32x32/rscb1/ng:webp/ngcb1 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 5a01f380162c3ba5e820c154213550adf89022c69837df286af7547cfabdf017 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br display staticcontent_sol x-amzn-requestid cc191a76-e95e-411e-8034-7b7fed046959 x-ezoic-cdn Hit ds;mm;4c214f86ad7acd7f44b070314eaa4037;2-317836-5;6a6e9164-5ac2-488a-58c9-7dee7fef0ecc x-cache Miss from cloudfront x-middleton-display staticcontent_sol x-amzn-trace-id Root=1-61dda0bb-11e3196b4645ee615760126b;Sampled=0 x-middleton-response 200 x-amz-apigw-id LyYNZGjaoAMF8AQ= content-length 358 response 200 server nginx x-origin-cache-control vary Accept-Encoding, User-Agent,Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 920a6dce56a0ee957dbaa3bf4429f8ff.cloudfront.net (CloudFront) cache-control public, max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA56-P3 access-control-allow-headers Content-Type, Authorization x-amz-cf-id WnnhnnDEkqrmyPqrMIOOkmzIUAHPn2WM1fmSryD7f-az8XegFbUlEA==
GET H2	200	rules-p-31iz6hfFutd16.js Show response rules.quantcount.com/	3 B 428 B	22ms 6ms	Script application/javascript	2600:9000:206f:9200:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-31iz6hfFutd16.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:9200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 04:57:46 GMT via 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront) age 28515 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 3 last-modified Sat, 04 Mar 2017 19:50:24 GMT server AmazonS3 etag "8a80554c91d9fca8acb82f023de02f11" access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop FRA56-C1 accept-ranges bytes x-amz-cf-id itKzetMubYOFcf8ZjvuLIx1A5qj4YPN19jrmgYqeWezB-3m8Z3aPsA==
GET H2	200	pixel;r=325871676;labels=Domain.macobserver_com%2CDomainId.317836;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F;uht=2;fpan=1;fpa=P0-1491245777-16... pixel.quantserve.com/	35 B 371 B	11ms 10ms	Image image/gif	2620:116:800d:21:36a9:ecb:e518:b308 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=325871676;labels=Domain.macobserver_com%2CDomainId.317836;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F;uht=2;fpan=1;fpa=P0-1491245777-1642140321154;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=macobserver.com;je=0;sr=1600x1200x24;dst=0;et=1642140321154;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.TransCredit%20Data%20Leak%20Over%20800%252C000%20Records%20of%20Credit%20Reports%2Cdescription.Jeremiah%20Fowler%20together%20with%20the%20Website%20Planet%20research%20team%20found%20an%20unsecure%2Curl.https%3A%2F%2Fwww%252Emacobserver%252Ecom%2Fnews%2Ftranscredit-leaks-800000%2F%2Csite_name.The%20Mac%20Observer%2Cimage.https%3A%2F%2Fwww%252Emacobserver%252Ecom%2Fwp-content%2Fuploads%2F2018%2F06%2Fdata-leak%252Ejpg%2Cimage%3Awidth.1200%2Cimage%3Aheight.630 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:21 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	29ms 6ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-438845-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 1827 date Fri, 14 Jan 2022 05:34:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 14 Jan 2022 07:34:54 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	91 KB 36 KB	33ms 19ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-196032186-1&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-438845-1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fd893e849de912aad69d94eef6bf54af4ecba7634ebdbeabd69cb347a1e68849 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36500 x-xss-protection 0 expires Fri, 14 Jan 2022 06:05:21 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	29ms 14ms	XHR text/plain	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=365389118&t=pageview&_s=1&dl=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&ul=en-us&de=UTF-8&dt=TransCredit%20Data%20Leak%20Over%20800%2C000%20Records%20of%20Credit%20Reports%20-%20The%20Mac%20Observer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=607130003&gjid=1355425218&cid=2102813519.1642140321&tid=UA-438845-1&_gid=1986643352.1642140321&_r=1&gtm=2ou1c0&z=2092026341 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:21 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.macobserver.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	16ms 13ms	XHR text/plain	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=365389118&t=pageview&_s=1&dl=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&ul=en-us&de=UTF-8&dt=TransCredit%20Data%20Leak%20Over%20800%2C000%20Records%20of%20Credit%20Reports%20-%20The%20Mac%20Observer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1836993777&gjid=1785298161&cid=2102813519.1642140321&tid=UA-196032186-1&_gid=1986643352.1642140321&_r=1&gtm=2ou1c0&z=1450199184 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:21 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.macobserver.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dark-bottom.css www.macobserver.com/ezoic/styles/	3 KB 843 B	10ms 10ms	Stylesheet text/css	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/ezoic/styles/dark-bottom.css Requested by Host: www.macobserver.com URL: https://www.macobserver.com/ezoic/cookieconsent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:21 GMT content-encoding br last-modified Tue, 13 Jul 2021 14:05:09 GMT server nginx etag "bd7-5c701b9c2cf40-gzip" vary Accept-Encoding, Accept-Encoding content-type text/css cache-control max-age=31536000, public accept-ranges bytes x-robots-tag noindex content-length 725
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 445 B	58ms 19ms	XHR text/plain	2a00:1450:400c:c09::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-438845-1&cid=2102813519.1642140321&jid=607130003&gjid=1355425218&_gid=1986643352.1642140321&_u=YEBAAUAAAAAAAC~&z=408672217 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 14 Jan 2022 06:05:21 GMT content-type text/plain access-control-allow-origin https://www.macobserver.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	40ms 18ms	Image image/gif	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-438845-1&cid=2102813519.1642140321&jid=607130003&_u=YEBAAUAAAAAAAC~&z=417769889 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:22 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	39ms 18ms	Image image/gif	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-438845-1&cid=2102813519.1642140321&jid=607130003&_u=YEBAAUAAAAAAAC~&z=417769889 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:22 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	39ms 16ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.macobserver.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 14 Jan 2022 06:05:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	65ms 16ms	Script application/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.macobserver.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 14 Jan 2022 06:05:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	2 KB 295 B	435ms 435ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2066825233645634&correlator=3792064846416649&output=ldjh&impl=fifs&eid=31060889&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1254144%2Cmacobserver_com-box-1%2Cmacobserver_com-box-2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2&prev_iu_szs=300x250%2C300x250%2C300x250%2C300x250&prev_scp=a%3D%257C1%257C%26iid1%3D3936532464050530%26eid%3D3936532464050530%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D10%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dmacobserver_com-box-1-3936532464050530%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D3%26acptad%3D1%26br1%3D140%26br2%3D220%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C1%257C%26iid1%3D1897857644082790%26eid%3D1897857644082790%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dmacobserver_com-box-2-1897857644082790%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D0%26bvm%3D2%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D280%26br2%3D140%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C3%257C%26iid1%3D1897857644082790%26eid%3D1897857644082790%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dmacobserver_com-box-2-1897857644082790%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D0%26bvm%3D2%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D280%26br2%3D140%26ezoic%3D1%26nmau%3D3%26mau%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C3%257C%26iid1%3D1897857644082790%26eid%3D1897857644082790%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dmacobserver_com-box-2-1897857644082790%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D0%26bvm%3D2%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D280%26br2%3D140%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1642140321&dt=1642140321611&dlt=1642140320810&idt=285&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933%2C315%2C639%2C962&adys=-12245933%2C300%2C300%2C300&adks=1235169102%2C32735598%2C3431401826%2C3431401827&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C323x250%7C323x250%7C323x250&msz=0x-1%7C323x250%7C323x250%7C323x250&ga_vid=2102813519.1642140321&ga_sid=1642140322&ga_hid=365389118&ga_fc=true&fws=644%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&btvi=-1%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 5a53a4a3b30de0b017a243574ba7243580827ae7e03c67d46db5015a3a285fa8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:22 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 265 x-xss-protection 0 google-lineitem-id -2,-2,-2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-2,-2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.macobserver.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 9 KB	50ms 27ms	XHR application/json	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022010407&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b4177bea84bb2b9bef2b49127e5e7055ba6d657f076e8820080b14fc7f3fab50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 14 Jan 2022 06:05:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8680 x-xss-protection 0
GET H2	200	container.html Show response 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5237	6 KB 4 KB	621ms 228ms	Document text/html	2a00:1450:4019:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4019:806::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Fri, 14 Jan 2022 06:05:22 GMT expires Sat, 14 Jan 2023 06:05:22 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	44ms 23ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 14 Jan 2022 06:05:22 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	33ms 16ms	Script application/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.macobserver.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 14 Jan 2022 06:05:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	30ms 16ms	Script application/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.macobserver.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 14 Jan 2022 06:05:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	466 B 280 B	438ms 438ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2066825233645634&correlator=2059516016460513&output=ldjh&impl=fifs&eid=31060889&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1254144%2Cmacobserver_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=a%3D%257C3%257C%26iid1%3D8961983148080399%26eid%3D8961983148080399%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dmacobserver_com-medrectangle-2-8961983148080399%26eb_br%3D9e0a1ce5b2455cb9b48d5df4c6bf4053%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D15%26bvm%3D0%26bvr%3D5%26shp%3D1%26ftsn%3D3%26br1%3D350%26br2%3D180%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C14%2C0%2C4%2C0%2C193%2C20%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1642140321&dt=1642140321687&dlt=1642140320810&idt=285&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=2077988210&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=2102813519.1642140321&ga_sid=1642140322&ga_hid=365389118&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 570e0cae298f72fcc277bb74534abd04a545ae4c6907a0f23b02e596c72baf8c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:22 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 250 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.macobserver.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame E1F6	13 KB 5 KB	25ms 8ms	Document text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ Response headers cross-origin-resource-policy cross-origin accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Thu, 13 Jan 2022 22:55:09 GMT expires Fri, 13 Jan 2023 22:55:09 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 25813 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame CDAC	783 B 535 B	36ms 18ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e9f3c52157888b59d053e6d2f9dca9d05ae7fba7b3ffb26ae88ab197c0929b30 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-GtUNTuo9Nsz6gV1oK+pYLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Fri, 14 Jan 2022 06:05:22 GMT date Fri, 14 Jan 2022 06:05:22 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-GtUNTuo9Nsz6gV1oK+pYLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame CDAC	0 0	75ms 61ms	Image text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022010407&jk=2066825233645634&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	200	qOjxjXcXCvgvcs-4P0zsCT9Wg6D8_9jxJtnS_OGjMvI.js Show response pagead2.googlesyndication.com/bg/ Frame E1F6	35 KB 13 KB	21ms 9ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/qOjxjXcXCvgvcs-4P0zsCT9Wg6D8_9jxJtnS_OGjMvI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a8e8f18d77170af82f72cfb83f4cec093f5683a0fcffd8f126d9d2fce1a332f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 18:45:50 GMT content-encoding br x-content-type-options nosniff age 40772 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13349 x-xss-protection 0 last-modified Thu, 06 Jan 2022 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 13 Jan 2023 18:45:50 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame E1F6	0 9 B	6ms 6ms	Image text/plain	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?wTnbYQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:22 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	29ms 29ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022010407&jk=2066825233645634&bg=!UFOlUxfNAAaocxMpqHM7ACkAdvg8WrqmZ3lYrVND3maz2Lj-TDmR9z-Y6B34NusgWKrTOKed8jzxfwIAAABYUgAAAAhoAQeZAr1Pwtru1RVl-F-l1UMBftJDaU6v1a8OG2c4PjMXAoVda_-D5YGnZnFg3oE4L32x5eVFsaaxE3P6zPMhmZU0S7qFlIOhDmRdcLN4H7b4PlDToMG0M-_gwvhsFi_agqj1Q-PWyA4AAbrfyQfiObj6-_Sov4UqzVqk7p5cTV5BF1PKnAwhm2l84kW-rxZ0VhSkIsZOgnWpwaDu07nlsH-qWaYxV0cxOA4DQ4PVzZ42oLKXgA7N6SLfkd3SVu9Umw0UEJ7UACOSt1zr_-y6cHj46_81t0p6sQE2U5jMe0KbriOsA8B8hKAfKpjuh_9s0FCpyQwvJqrF5MYo5-lx1pFbPxiXGPilBU_nBxkRf6rZCSugAQUVHeveLO9TYFTFDh3kI6c-8iZvp3XLpxJQS33R2UVG8LFzAGI6IssYdp4ZQ9o5-SZ-VkF6JhxiD_87C5GKONr4ZbYTBKhCtg7D0b9W02D72vnHaIB5GO-P_Hr6VzmeZb81zsTCqmyNUlUotR7Mhn0UCOkaO5idQyBl5mzpB2b-qh8xEKu36sTyAKRL81OceaEvnY5DzFp28Q0RJv7tFiaqxEU6jln47rGrhg3KK1pKrWoqU-UrKP46lh41ulw7t5mBKSeLzmUvWWQyUCk_lpmKBPF29wSrYOOJDwJnoBpGcg5oTs1UIcRKYnchf_QbKnr_JdzhOl3ySOVJEPeCtEWr8ARguBBIKetAkAsZMIoWmxv8ESNe6WwSU8Oywra_UTeOHTTV8Yrluc98LWELtcwmOQMwjW-Xvca3e1M86GNKFHFcFn0n0_pUh0NPx9Xv7dXKLsYwj478gBn4Choi5rFTQ3yRx8IMQ-zaRxDYdZVD_SL4pGR9mAFexojdFl-D1q6DiKH8TZx6vo5v-Vro15cVeWhl5EZPFJ3xuS3nUz9HIC1Nt0linuQ7wNHYFA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:22 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	greenoaks.gif Show response www.macobserver.com/detroitchicago/	0 42 B	13ms 12ms	XHR text/plain	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMDJkOWVkYy1lOTYwLTQzYWYtNTk0NS0yN2VmZDBlMjdmYmYiLCJkb21haW5faWQiOiIzMTc4MzYiLCJ0X2Vwb2NoIjoxNjQyMTQwMzIxLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzAyZDllZGMtZTk2MC00M2FmLTU5NDUtMjdlZmQwZTI3ZmJmIiwiZG9tYWluX2lkIjoiMzE3ODM2IiwidF9lcG9jaCI6MTY0MjE0MDMyMSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMDEtMTQifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI2In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMwMmQ5ZWRjLWU5NjAtNDNhZi01OTQ1LTI3ZWZkMGUyN2ZiZiIsImRvbWFpbl9pZCI6IjMxNzgzNiIsInRfZXBvY2giOjE2NDIxNDAzMjEsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMwMmQ5ZWRjLWU5NjAtNDNhZi01OTQ1LTI3ZWZkMGUyN2ZiZiIsImRvbWFpbl9pZCI6IjMxNzgzNiIsInRfZXBvY2giOjE2NDIxNDAzMjEsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzAyZDllZGMtZTk2MC00M2FmLTU5NDUtMjdlZmQwZTI3ZmJmIiwiZG9tYWluX2lkIjoiMzE3ODM2IiwidF9lcG9jaCI6MTY0MjE0MDMyMSwiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ== Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:22 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 13 Jan 2022 06:05:31 GMT
GET H2	200	greenoaks.gif Show response www.macobserver.com/detroitchicago/	0 93 B	13ms 12ms	XHR text/plain	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMDJkOWVkYy1lOTYwLTQzYWYtNTk0NS0yN2VmZDBlMjdmYmYiLCJkb21haW5faWQiOiIzMTc4MzYiLCJ0X2Vwb2NoIjoxNjQyMTQwMzIxLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIyNiJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMjQ1In0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIxNCJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIyNDAifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIyNDEifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiNDEzIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzAyZDllZGMtZTk2MC00M2FmLTU5NDUtMjdlZmQwZTI3ZmJmIiwiZG9tYWluX2lkIjoiMzE3ODM2IiwidF9lcG9jaCI6MTY0MjE0MDMyMSwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiMzkzIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzAyZDllZGMtZTk2MC00M2FmLTU5NDUtMjdlZmQwZTI3ZmJmIiwiZG9tYWluX2lkIjoiMzE3ODM2IiwidF9lcG9jaCI6MTY0MjE0MDMyMSwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiIzOTMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMDJkOWVkYy1lOTYwLTQzYWYtNTk0NS0yN2VmZDBlMjdmYmYiLCJkb21haW5faWQiOiIzMTc4MzYiLCJ0X2Vwb2NoIjoxNjQyMTQwMzIxLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzAyZDllZGMtZTk2MC00M2FmLTU5NDUtMjdlZmQwZTI3ZmJmIiwiZG9tYWluX2lkIjoiMzE3ODM2IiwidF9lcG9jaCI6MTY0MjE0MDMyMSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX1d Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:22 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 13 Jan 2022 06:05:22 GMT
GET H2	200	greenoaks.gif Show response www.macobserver.com/detroitchicago/	0 19 B	13ms 13ms	XHR text/plain	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMDJkOWVkYy1lOTYwLTQzYWYtNTk0NS0yN2VmZDBlMjdmYmYiLCJkb21haW5faWQiOiIzMTc4MzYiLCJ0X2Vwb2NoIjoxNjQyMTQwMzIxLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzAyZDllZGMtZTk2MC00M2FmLTU5NDUtMjdlZmQwZTI3ZmJmIiwiZG9tYWluX2lkIjoiMzE3ODM2IiwidF9lcG9jaCI6MTY0MjE0MDMyMSwiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiIxMjI5In1dfV0= Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:22 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 13 Jan 2022 06:05:21 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	16ms 16ms	Script application/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.macobserver.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 14 Jan 2022 06:05:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	16ms 15ms	Script application/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.macobserver.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 14 Jan 2022 06:05:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	5 KB 2 KB	415ms 414ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2066825233645634&correlator=2145342205147340&output=ldjh&impl=fifs&eid=31060889&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1254144%2Cmacobserver_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=3&rcs=1&prev_scp=a%3D%257C3%257C%26iid1%3D8961983148080399%26eid%3D8961983148080399%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dmacobserver_com-medrectangle-2-8961983148080399%26eb_br%3D9ae587f95e95c876b7b76fd4c72a3838%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D15%26bvm%3D0%26bvr%3D5%26shp%3D1%26ftsn%3D3%26br1%3D180%26br2%3D180%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C14%2C0%2C4%2C0%2C193%2C20%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D350%26reqt%3D1642140324623&eri=1&cookie=ID%3D9718d19c6294c089-2206b0f31fcd0031%3AT%3D1642140322%3AS%3DALNI_MaFznVkYb3I2lIza-uTpvJTwX2AaQ&bc=31&abxe=1&lmt=1642140324&dt=1642140324628&dlt=1642140320810&idt=285&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=2077988210&ucis=5&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2102813519.1642140321&ga_sid=1642140322&ga_hid=365389118&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash d93fd11048ddde137547ab3910b370832786f900cbec7a46309a9b8fc055547c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:25 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2316 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.macobserver.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	441 B 255 B	354ms 354ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2066825233645634&correlator=4478221978390732&output=ldjh&impl=fifs&eid=31060889&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1254144%2Cmacobserver_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=a%3D%257C3%257C%26iid1%3D1897857644082790%26eid%3D1897857644082790%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dmacobserver_com-box-2-1897857644082790%26eb_br%3D43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D0%26bvm%3D2%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D220%26br2%3D140%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D280%26reqt%3D1642140324631&eri=1&cookie=ID%3D9718d19c6294c089-2206b0f31fcd0031%3AT%3D1642140322%3AS%3DALNI_MaFznVkYb3I2lIza-uTpvJTwX2AaQ&bc=31&abxe=1&lmt=1642140324&dt=1642140324634&dlt=1642140320810&idt=285&frm=20&biw=1600&bih=1200&oid=2&adxs=962&adys=300&adks=3431401827&ucis=4&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&vis=1&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2102813519.1642140321&ga_sid=1642140322&ga_hid=365389118&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 4ffdec7ea056a709e61cf85dccaedf999902b30275e4bd5e832239372a599447 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:25 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 224 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.macobserver.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	17 KB 9 KB	395ms 394ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2066825233645634&correlator=1405186908734289&output=ldjh&impl=fifs&eid=31060889&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1254144%2Cmacobserver_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=a%3D%257C3%257C%26iid1%3D1897857644082790%26eid%3D1897857644082790%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dmacobserver_com-box-2-1897857644082790%26eb_br%3D43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D0%26bvm%3D2%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D220%26br2%3D140%26ezoic%3D1%26nmau%3D3%26mau%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D280%26reqt%3D1642140324638&eri=1&cookie=ID%3D9718d19c6294c089-2206b0f31fcd0031%3AT%3D1642140322%3AS%3DALNI_MaFznVkYb3I2lIza-uTpvJTwX2AaQ&bc=31&abxe=1&lmt=1642140324&dt=1642140324642&dlt=1642140320810&idt=285&frm=20&biw=1600&bih=1200&oid=2&adxs=639&adys=300&adks=3431401826&ucis=3&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&vis=1&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2102813519.1642140321&ga_sid=1642140322&ga_hid=365389118&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash afa728622130cdab07c4cc399e1d5e3fb47c1f2bf6952f704f88e5dc2cc7ff50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:25 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9391 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.macobserver.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	441 B 254 B	430ms 429ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2066825233645634&correlator=2551237310466032&output=ldjh&impl=fifs&eid=31060889&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1254144%2Cmacobserver_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=a%3D%257C1%257C%26iid1%3D1897857644082790%26eid%3D1897857644082790%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dmacobserver_com-box-2-1897857644082790%26eb_br%3D43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D0%26bvm%3D2%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D220%26br2%3D140%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D280%26reqt%3D1642140324645&eri=1&cookie=ID%3D9718d19c6294c089-2206b0f31fcd0031%3AT%3D1642140322%3AS%3DALNI_MaFznVkYb3I2lIza-uTpvJTwX2AaQ&bc=31&abxe=1&lmt=1642140324&dt=1642140324649&dlt=1642140320810&idt=285&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=300&adks=32735598&ucis=2&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&vis=1&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2102813519.1642140321&ga_sid=1642140322&ga_hid=365389118&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 28b98047b63b97d51d7ee48273d4077fbb9a92234256041921158f52282625f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:25 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 223 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.macobserver.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	441 B 253 B	342ms 342ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2066825233645634&correlator=742078290098122&output=ldjh&impl=fifs&eid=31060889&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1254144%2Cmacobserver_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=a%3D%257C1%257C%26iid1%3D3936532464050530%26eid%3D3936532464050530%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D10%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dmacobserver_com-box-1-3936532464050530%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D3%26acptad%3D1%26br1%3D70%26br2%3D220%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C17%2C19%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D140%26reqt%3D1642140324652&eri=1&cookie=ID%3D9718d19c6294c089-2206b0f31fcd0031%3AT%3D1642140322%3AS%3DALNI_MaFznVkYb3I2lIza-uTpvJTwX2AaQ&bc=31&abxe=1&lmt=1642140324&dt=1642140324655&dlt=1642140320810&idt=285&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1235169102&ucis=1&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2102813519.1642140321&ga_sid=1642140322&ga_hid=365389118&ga_fc=true&fws=644&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 9006dfe8d390cba3a5bae757cb9a4814e72e4e9ee29ebd7e5c3c40643969521b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:25 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 222 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.macobserver.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	78 KB 26 KB	25ms 24ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software sffe / Resource Hash b346f636e2c30bada02356586ecd98fb9bab00005aad2af343e6771c4b889f30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26923 x-xss-protection 0 server sffe etag "1101 / 950 of 1000 / last-modified: 1642115081" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 14 Jan 2022 06:05:25 GMT
GET H3	200	container.html Show response 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8A4F	6 KB 3 KB	347ms 119ms	Document text/html	2a00:1450:4019:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4019:806::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 x-content-type-options nosniff server sffe x-xss-protection 0 date Fri, 14 Jan 2022 06:05:22 GMT expires Sat, 14 Jan 2023 06:05:22 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT content-type text/html age 4 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	greenoaks.gif Show response www.macobserver.com/detroitchicago/	0 42 B	13ms 12ms	XHR text/plain	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMDJkOWVkYy1lOTYwLTQzYWYtNTk0NS0yN2VmZDBlMjdmYmYiLCJkb21haW5faWQiOiIzMTc4MzYiLCJ0X2Vwb2NoIjoxNjQyMTQwMzIxLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjQyMzAifV19XQ== Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:25 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 13 Jan 2022 06:05:24 GMT
GET H2	200	army.gif Show response www.macobserver.com/porpoiseant/	0 19 B	12ms 11ms	XHR text/plain	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5Nzg1NzY0NDA4Mjc5MCIsImRvbWFpbl9pZCI6IjMxNzgzNiIsInVuaXQiOiJkaXYtZ3B0LWFkLW1hY29ic2VydmVyX2NvbS1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjQyMTQwMzIxLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMDJkOWVkYy1lOTYwLTQzYWYtNTk0NS0yN2VmZDBlMjdmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE4OTc4NTc2NDQwODI3OTAiLCJkb21haW5faWQiOiIzMTc4MzYiLCJ1bml0IjoiZGl2LWdwdC1hZC1tYWNvYnNlcnZlcl9jb20tYm94LTItMF8xIiwidF9lcG9jaCI6MTY0MjE0MDMyMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzAyZDllZGMtZTk2MC00M2FmLTU5NDUtMjdlZmQwZTI3ZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjQzYWExNjA3YTBjMDhjNzRiMTRhOTAzOWU3YjkwOWI0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODk3ODU3NjQ0MDgyNzkwIiwiZG9tYWluX2lkIjoiMzE3ODM2IiwidW5pdCI6ImRpdi1ncHQtYWQtbWFjb2JzZXJ2ZXJfY29tLWJveC0yLTBfMSIsInRfZXBvY2giOjE2NDIxNDAzMjEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMjIsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDIyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDI4LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMDJkOWVkYy1lOTYwLTQzYWYtNTk0NS0yN2VmZDBlMjdmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5Nzg1NzY0NDA4Mjc5MCIsImRvbWFpbl9pZCI6IjMxNzgzNiIsInVuaXQiOiJkaXYtZ3B0LWFkLW1hY29ic2VydmVyX2NvbS1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjQyMTQwMzIxLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMDJkOWVkYy1lOTYwLTQzYWYtNTk0NS0yN2VmZDBlMjdmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ0ODYifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE4OTc4NTc2NDQwODI3OTAiLCJkb21haW5faWQiOiIzMTc4MzYiLCJ1bml0IjoiZGl2LWdwdC1hZC1tYWNvYnNlcnZlcl9jb20tYm94LTItMF8xIiwidF9lcG9jaCI6MTY0MjE0MDMyMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzAyZDllZGMtZTk2MC00M2FmLTU5NDUtMjdlZmQwZTI3ZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:25 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 13 Jan 2022 06:05:24 GMT
GET H2	200	army.gif Show response www.macobserver.com/porpoiseant/	0 65 B	11ms 11ms	XHR text/plain	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5Nzg1NzY0NDA4Mjc5MCIsImRvbWFpbl9pZCI6IjMxNzgzNiIsInVuaXQiOiJkaXYtZ3B0LWFkLW1hY29ic2VydmVyX2NvbS1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjQyMTQwMzIxLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMDJkOWVkYy1lOTYwLTQzYWYtNTk0NS0yN2VmZDBlMjdmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMi0wMS0xNCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:25 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 13 Jan 2022 06:05:25 GMT
GET H2	200	army.gif Show response www.macobserver.com/porpoiseant/	0 19 B	11ms 10ms	XHR text/plain	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5Nzg1NzY0NDA4Mjc5MCIsImRvbWFpbl9pZCI6IjMxNzgzNiIsInVuaXQiOiJkaXYtZ3B0LWFkLW1hY29ic2VydmVyX2NvbS1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjQyMTQwMzIxLCJhdWN0aW9uX2Vwb2NoIjoxNjQyMTQwMzI1LCJhZF9wb3NpdGlvbiI6MTEwMSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMwMmQ5ZWRjLWU5NjAtNDNhZi01OTQ1LTI3ZWZkMGUyN2ZiZiIsImJpZF9mbG9vcl9pbml0aWFsIjoyODAsImJpZF9mbG9vcl9wcmV2IjoyODAsImJpZF9mbG9vcl9maWxsZWQiOjIyMCwiYXVjdGlvbl9jb3VudCI6MiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NDEyLCJtdWx0aV9hZF91bml0IjoxLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0= Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:25 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 13 Jan 2022 06:05:25 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame EB6E	624 B 504 B	18ms 18ms	Document text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQkt-DAhiI4q1wMAE&v=APEucNXmpiHnoknbSAKF1QPWUPLb6UCDuJYiP4zNrpP-dOeHEgw_RpoDyNGPghv9fFfluGLg4JFYAb-ggFXgCZrrrEuF0_65EFt2Nss_wdx_VGsRL8hKwlP10VArR_Y-KLEhjV17lHkewrZ_xFyupxoqynBpKOBrJbh-5KumRpyTmzqSoYm--BUwse2bM6bUlNGZ2px2J7uuip0PTzUdd8mLfIqbhb6aiw Requested by Host: 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com URL: https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 14 Jan 2022 06:05:26 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 8A4F	54 KB 27 KB	46ms 45ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxJi7IkYUG1_zvfqsmjnVKwMpUOgWtoth-WfnbGrci_tU6k2QYlI-_dv__NdOis0MiUl56GEMXJE7aJQhoypZbr_Wuz_LpQtiM9BoiZoqoFjVbxL1ahMvRe7b4N31PZZgkOVje-AG0K47-VNeeitPE79K0Og&dbm_d=AKAmf-C9hMUiy2sEmcivnLzN1RCsxv-yJCUhi16hwRkulfZwZGAvKA-p649ENWKwseihAbktrKXhXei_GJq1Se78uk_u4sFQix18t2Ur8N_FqPBtJp7fqGFtBQaTdMmOZZ9fLnHmsjbxJfMAQyjrWx811aYDha5K6LinA-PeyySPC7Ue-k4W9LtHlie4198s51q1EdJKHi0fYZ4YdjRuiMNoEUK5BeYT9ljRbEhBUuriRf_JMsdGK8_R2b9lqlyQd0mzSEF7noUNzd_ojNApYKYJBMbDAxl7k3XO5_s4xQLqReBMF9eolUdBxkCbOTeobCZPg1Lbi-2cIW7X3oBK7rj_q9nLfpGKAa9jarzxfmKmqNp3mgiaq5CKXRpd49Ubnf3S7iUe4p3zFSZM4lfN-wAODkx_xTkaaRjZ59Y7teoKTeWqozjqZnXx5WxcU1ZuMmkJYcDsKZv-BZKU6fSeEHEKtdg-fvG-Mf-_M5272olDGucKZizwylIgD4dYnt80YIrZvkJfDwZ1MCirr_QuDLZYu2vZPVHDznPw9p-YvJ6_12dHI4w8TgcRKysLrTOoxhYizpzDjUq0kq3YrnikmYxWbtSfCGFi4DMteXN-1D7tFI9oi5434Ye-Ei8UjagOgpeAHmVaFeTe9_HtcKKKkhuMl2xLA5Z10As1T6wg_kBKRZdGa547bxoWZ_AlIe9l0OCWRTSWSwZjq2ng66TTfskqnO-MpY6KSMDOo50sAmt8oo_cLH2ItvrgSNlPNSpJgQ9zUZ212slmUAw4_ygh95p3legie1RGshsMWmoIunSQOdoREkDUHTou9_7zaaC1blA0C9OTRHp6m-RLiMNhioyX5pKrxHSEHTpOpmsgEk4LxajDLJDMYbhcJwDcyin_l_LKWWPrNBzTpu00Ogxk-kPy1ma5V8uEGRxe97-mCV9_jAfCO_8-WT106Yn6NRqRYt--75c8MknkWq3tFymwePTYtGQP7upKKS-dGC2m_cbNQt58548L7iGpDga1T77tNqs7tE0GaJr0dYsy-vou0YeVNCfg7bOnu_tTZdr2J4JnOULUqi7LzXiZRb9d4NpcAjHauz2dvp7yC22ZbqZ2ch4uZhSmrG1r-AT4vil3QLYcXLaE2X6Y4cv0Ci1HgkwVkHFdnWX1IT4HK4Q6qn-fISlRX_8stLLXSDDKIbVwvWzATwWrS4451MwbZdr0YmqBpPXS4wBfPkafuKQNKLwfoK4skPbeEiXO4_SUqAp77uAAI8VcSc8Udo2fTxqyCYVKYts9YRbk_h4zSPomFR7zsjNAEaRM1t7ANHNv_jmGUJ90IE5O1S7M4iZIY3QTmJrWNPdwgRbJXpj_d7CtBeaVAcsLMMAmd3htJ0tHp_YrgvdlzIFnU0rm9960Up3XoMPbHpVpl_gaw09k8v5pvzvoDUtPmOUABZ6eHmG_GPdVUNJ-MN-b7wfWVJKs9KXzAKrjJTmmPrU4ws3RSvTb1KWvrS69aqAYURr81nFio4QnEJurc4HkXI_NGhPSus0OKq74DS2EqTsTiaOqEAiAm6OhTSG2-Qm8WEhbFkosGXZilXFIFG0R5zU1171KDuSNiXXFOVyRyeqH4xNzx9kgvUsU-o9DDrxVi1WmYtfP4fdJyk2-sNs4-2toijbrYPrttzbjWVR87290J1OoYdsQxafER1QMfI1QSWKkbMelrl32YcMFHMqMbOvmwfICM8sUD87qpI7bc2MjW5mw4b1d_c7yfdc2nh5E1e574HZYWRomoS_hnbrDeFoJtvubZwC9IUIbybedic6I1k6X2p19WtG3xhHelsu35kFMVVUpNnA1LKHZp8HSxzxqA9j2A-O4DeZeItjzx7vVFkGP1-JAck9AaWZQTvrdHSKm-D8uAlOcNkkd8tkKo1auVJVBZy9NQVbv-v170vT4XpC2LW7YAbtW5w1mwFYz5AlJ2uI5ctCovRYtz0TOZvapT_ruUUjjjFK5QE6opvAPL383s0zFJTogG5ryW4ZGY2WlL8a2Js_LEzZ45t8e43brq2Mxf56vdI5XaFwZIuFqFm_JcPQECRtiXMQaJM0mXP9tY_n39Vfy_7TuxS55LeWgf5F_w6_IdHBUM68hUr7lKdCRHgvKXllgPiApcbHkcA2QnhWeUCcn6RLQPffxF83C-sYWFcXl1m9Oz0qBkQYnkCyOFQzcOgmAW-OtbjnJiQqpRiExPmYO3qB_fsq_7fCqUWWwQ0Gj4cuAyTbgWpVczHA1aRS7PWcrpnYAr8gJJiy7VmIaYbP-yr6acw8djUG4gUHPaxIfxAe3p8AlIvi6162ywp5aUoRv4CBs1CqCK6Nfs_uuQJC5SisNgDk_YqM1Ic9clGZUVD7pvpfELe6QJRg-qbcx3uZ-vKDklXZocNGG7aIOGL_cPpPj8T2lkS3SQj1AaBuyBryiGIBBYdbSFK3K2y26A4n2-HqhZABvXdyVbtok8evNwDLKptgKZzuOXSCjUtFWOJfTUMLTm9hf47c3AkaZI_r7XZgTytQ97NbZ-_gq9CrOnJeueMq0eIO1RhbEE4_SN6SBpU0aMGEf1SMjYHtnCBQMRkTzMunC5Yu_gyZi1k74bBd0RpdwunOyCbWIQ4A45d3WGcPR8v14smDGbxQvXhG0trGzv08IyaPTTQz5k3PbaXeQljvhcJEkC4ETuCO8gpoly8xRmc48zl-JuO1VXc70Dv6_sAc18zwFlxSNWzOXceVOlAkrHU6uASQuCHa0KNJ2bvVzhBN57mLvSDegUbG2bJzwaISKbk13xBbw3Qh81caP4Wp2T0KFWCCUkqyEvoqJub9ySDgadWdQjBC7z--0fI8lu2Ji9jVMX1aP1ny9U0iC0fpFUWm6N1H5NgWg_EevLJeekRyhuLeN2ZFYiuSluqrFYHUh20Va1Yx61DSWV7YQKDF9245wWnuUwM4OHbvBOfmhop6TTaL656dKS_px3O9tEFKrDJkFBOhIMQ7onOR8f4mD_0xE5mj2Hi-HLeShYr_8VFO5qclEou-9qggtNM730TNAL8fb9MJQ7ujPtxrW_--tsKflRviO7hD1r5E2QaVDOY7Hf_hz-M0Gg3cQYj90xkKIoktGZmC-kkOGkpsNrObQbqjZXYW3K0KLbZYK0kr-grua1kNy&cid=CAASEuRo7_kgnIEjyV5ZAtR0CXKO-g&rfl=1%2Chttps%253A%252F%252Fwww.macobserver.com%252F%240 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 9594181d0d5da7b2ede9d47388203d9b129b8992e6c6698982eb891bcd14f3c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:26 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27620 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8A4F	42 B 63 B	27ms 27ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CIeINfZhUehseuBIdGXs_RE6D7v_8zBJYH310LFRugZFacJjWsM6XOhvJ-TgkEOjkX4ufRxcHFoG8gvf7A3uEKfy-A6TiyQZyl8HEiCF5nGHyIfNI Requested by Host: 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com URL: https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 8A4F	2 KB 1 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js Requested by Host: 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com URL: https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:04:03 GMT content-encoding gzip x-content-type-options nosniff age 83 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1205 x-xss-protection 0 server cafe etag 18074202747124231361 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 28 Jan 2022 06:04:03 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8A4F	121 KB 38 KB	41ms 18ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com URL: https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37895 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1641990413359145" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 14 Jan 2022 06:05:26 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 8A4F	15 KB 6 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com URL: https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 05:39:32 GMT content-encoding gzip x-content-type-options nosniff age 1554 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6473 x-xss-protection 0 server cafe etag 5124071950003790117 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 28 Jan 2022 05:39:32 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 8A4F	0 0	15ms 15ms	Image text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJlzmhXe940x7ZUYtuX3FWJFLd39z_h0zByTj__tKhlFg42SLNWOpDnaAhYETwpgAGJSaVZIptCNmGVC273R1-dV95Cg Requested by Host: 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com URL: https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame EB6E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQUBfmU5UcBCQFkSSrpQbk&google_cver=1	43 B 1014 B	29ms 16ms	Image image/gif	2.21.141.232 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQUBfmU5UcBCQFkSSrpQbk&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQkt-DAhiI4q1wMAE&v=APEucNXmpiHnoknbSAKF1QPWUPLb6UCDuJYiP4zNrpP-dOeHEgw_RpoDyNGPghv9fFfluGLg4JFYAb-ggFXgCZrrrEuF0_65EFt2Nss_wdx_VGsRL8hKwlP10VArR_Y-KLEhjV17lHkewrZ_xFyupxoqynBpKOBrJbh-5KumRpyTmzqSoYm--BUwse2bM6bUlNGZ2px2J7uuip0PTzUdd8mLfIqbhb6aiw Protocol HTTP/1.1 Server 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-21-141-232.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:26 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 14 Jan 2022 06:05:26 GMT Redirect headers pragma no-cache date Fri, 14 Jan 2022 06:05:26 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQUBfmU5UcBCQFkSSrpQbk&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame EB6E Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YeESpuqnxLFs-6tRrxh1vQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQUBfmU5UcBCQFkSSrpQbk&google_cver=1	43 B 894 B	13ms 13ms	Image image/gif	2.21.141.232 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQUBfmU5UcBCQFkSSrpQbk&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQkt-DAhiI4q1wMAE&v=APEucNXmpiHnoknbSAKF1QPWUPLb6UCDuJYiP4zNrpP-dOeHEgw_RpoDyNGPghv9fFfluGLg4JFYAb-ggFXgCZrrrEuF0_65EFt2Nss_wdx_VGsRL8hKwlP10VArR_Y-KLEhjV17lHkewrZ_xFyupxoqynBpKOBrJbh-5KumRpyTmzqSoYm--BUwse2bM6bUlNGZ2px2J7uuip0PTzUdd8mLfIqbhb6aiw Protocol HTTP/1.1 Server 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-21-141-232.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:26 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 14 Jan 2022 06:05:26 GMT Redirect headers pragma no-cache date Fri, 14 Jan 2022 06:05:26 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQUBfmU5UcBCQFkSSrpQbk&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame EB6E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEEIs8qYurgX4VuBo334CTXk&google_cver=1	43 B 1002 B	28ms 24ms	Image image/gif	185.33.221.87 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEEIs8qYurgX4VuBo334CTXk&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQkt-DAhiI4q1wMAE&v=APEucNXmpiHnoknbSAKF1QPWUPLb6UCDuJYiP4zNrpP-dOeHEgw_RpoDyNGPghv9fFfluGLg4JFYAb-ggFXgCZrrrEuF0_65EFt2Nss_wdx_VGsRL8hKwlP10VArR_Y-KLEhjV17lHkewrZ_xFyupxoqynBpKOBrJbh-5KumRpyTmzqSoYm--BUwse2bM6bUlNGZ2px2J7uuip0PTzUdd8mLfIqbhb6aiw Protocol HTTP/1.1 Server 185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:26 GMT X-Proxy-Origin 193.27.14.24; 193.27.14.24; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid a9a3a20a-e9d3-474c-a4c6-1a60dd22b673 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 14 Jan 2022 06:05:26 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEEIs8qYurgX4VuBo334CTXk&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame EB6E Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg1NDI3OTgwMjY5ODUxMDY2NQ%3D%3D	170 B 188 B	17ms 17ms	Image image/png	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg1NDI3OTgwMjY5ODUxMDY2NQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQkt-DAhiI4q1wMAE&v=APEucNXmpiHnoknbSAKF1QPWUPLb6UCDuJYiP4zNrpP-dOeHEgw_RpoDyNGPghv9fFfluGLg4JFYAb-ggFXgCZrrrEuF0_65EFt2Nss_wdx_VGsRL8hKwlP10VArR_Y-KLEhjV17lHkewrZ_xFyupxoqynBpKOBrJbh-5KumRpyTmzqSoYm--BUwse2bM6bUlNGZ2px2J7uuip0PTzUdd8mLfIqbhb6aiw Protocol H3 Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:26 GMT X-Proxy-Origin 193.27.14.24; 193.27.14.24; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 80db0cc2-bad7-4e5d-a444-2cfff737aa07 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg1NDI3OTgwMjY5ODUxMDY2NQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 8A4F	24 KB 9 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxJi7IkYUG1_zvfqsmjnVKwMpUOgWtoth-WfnbGrci_tU6k2QYlI-_dv__NdOis0MiUl56GEMXJE7aJQhoypZbr_Wuz_LpQtiM9BoiZoqoFjVbxL1ahMvRe7b4N31PZZgkOVje-AG0K47-VNeeitPE79K0Og&dbm_d=AKAmf-C9hMUiy2sEmcivnLzN1RCsxv-yJCUhi16hwRkulfZwZGAvKA-p649ENWKwseihAbktrKXhXei_GJq1Se78uk_u4sFQix18t2Ur8N_FqPBtJp7fqGFtBQaTdMmOZZ9fLnHmsjbxJfMAQyjrWx811aYDha5K6LinA-PeyySPC7Ue-k4W9LtHlie4198s51q1EdJKHi0fYZ4YdjRuiMNoEUK5BeYT9ljRbEhBUuriRf_JMsdGK8_R2b9lqlyQd0mzSEF7noUNzd_ojNApYKYJBMbDAxl7k3XO5_s4xQLqReBMF9eolUdBxkCbOTeobCZPg1Lbi-2cIW7X3oBK7rj_q9nLfpGKAa9jarzxfmKmqNp3mgiaq5CKXRpd49Ubnf3S7iUe4p3zFSZM4lfN-wAODkx_xTkaaRjZ59Y7teoKTeWqozjqZnXx5WxcU1ZuMmkJYcDsKZv-BZKU6fSeEHEKtdg-fvG-Mf-_M5272olDGucKZizwylIgD4dYnt80YIrZvkJfDwZ1MCirr_QuDLZYu2vZPVHDznPw9p-YvJ6_12dHI4w8TgcRKysLrTOoxhYizpzDjUq0kq3YrnikmYxWbtSfCGFi4DMteXN-1D7tFI9oi5434Ye-Ei8UjagOgpeAHmVaFeTe9_HtcKKKkhuMl2xLA5Z10As1T6wg_kBKRZdGa547bxoWZ_AlIe9l0OCWRTSWSwZjq2ng66TTfskqnO-MpY6KSMDOo50sAmt8oo_cLH2ItvrgSNlPNSpJgQ9zUZ212slmUAw4_ygh95p3legie1RGshsMWmoIunSQOdoREkDUHTou9_7zaaC1blA0C9OTRHp6m-RLiMNhioyX5pKrxHSEHTpOpmsgEk4LxajDLJDMYbhcJwDcyin_l_LKWWPrNBzTpu00Ogxk-kPy1ma5V8uEGRxe97-mCV9_jAfCO_8-WT106Yn6NRqRYt--75c8MknkWq3tFymwePTYtGQP7upKKS-dGC2m_cbNQt58548L7iGpDga1T77tNqs7tE0GaJr0dYsy-vou0YeVNCfg7bOnu_tTZdr2J4JnOULUqi7LzXiZRb9d4NpcAjHauz2dvp7yC22ZbqZ2ch4uZhSmrG1r-AT4vil3QLYcXLaE2X6Y4cv0Ci1HgkwVkHFdnWX1IT4HK4Q6qn-fISlRX_8stLLXSDDKIbVwvWzATwWrS4451MwbZdr0YmqBpPXS4wBfPkafuKQNKLwfoK4skPbeEiXO4_SUqAp77uAAI8VcSc8Udo2fTxqyCYVKYts9YRbk_h4zSPomFR7zsjNAEaRM1t7ANHNv_jmGUJ90IE5O1S7M4iZIY3QTmJrWNPdwgRbJXpj_d7CtBeaVAcsLMMAmd3htJ0tHp_YrgvdlzIFnU0rm9960Up3XoMPbHpVpl_gaw09k8v5pvzvoDUtPmOUABZ6eHmG_GPdVUNJ-MN-b7wfWVJKs9KXzAKrjJTmmPrU4ws3RSvTb1KWvrS69aqAYURr81nFio4QnEJurc4HkXI_NGhPSus0OKq74DS2EqTsTiaOqEAiAm6OhTSG2-Qm8WEhbFkosGXZilXFIFG0R5zU1171KDuSNiXXFOVyRyeqH4xNzx9kgvUsU-o9DDrxVi1WmYtfP4fdJyk2-sNs4-2toijbrYPrttzbjWVR87290J1OoYdsQxafER1QMfI1QSWKkbMelrl32YcMFHMqMbOvmwfICM8sUD87qpI7bc2MjW5mw4b1d_c7yfdc2nh5E1e574HZYWRomoS_hnbrDeFoJtvubZwC9IUIbybedic6I1k6X2p19WtG3xhHelsu35kFMVVUpNnA1LKHZp8HSxzxqA9j2A-O4DeZeItjzx7vVFkGP1-JAck9AaWZQTvrdHSKm-D8uAlOcNkkd8tkKo1auVJVBZy9NQVbv-v170vT4XpC2LW7YAbtW5w1mwFYz5AlJ2uI5ctCovRYtz0TOZvapT_ruUUjjjFK5QE6opvAPL383s0zFJTogG5ryW4ZGY2WlL8a2Js_LEzZ45t8e43brq2Mxf56vdI5XaFwZIuFqFm_JcPQECRtiXMQaJM0mXP9tY_n39Vfy_7TuxS55LeWgf5F_w6_IdHBUM68hUr7lKdCRHgvKXllgPiApcbHkcA2QnhWeUCcn6RLQPffxF83C-sYWFcXl1m9Oz0qBkQYnkCyOFQzcOgmAW-OtbjnJiQqpRiExPmYO3qB_fsq_7fCqUWWwQ0Gj4cuAyTbgWpVczHA1aRS7PWcrpnYAr8gJJiy7VmIaYbP-yr6acw8djUG4gUHPaxIfxAe3p8AlIvi6162ywp5aUoRv4CBs1CqCK6Nfs_uuQJC5SisNgDk_YqM1Ic9clGZUVD7pvpfELe6QJRg-qbcx3uZ-vKDklXZocNGG7aIOGL_cPpPj8T2lkS3SQj1AaBuyBryiGIBBYdbSFK3K2y26A4n2-HqhZABvXdyVbtok8evNwDLKptgKZzuOXSCjUtFWOJfTUMLTm9hf47c3AkaZI_r7XZgTytQ97NbZ-_gq9CrOnJeueMq0eIO1RhbEE4_SN6SBpU0aMGEf1SMjYHtnCBQMRkTzMunC5Yu_gyZi1k74bBd0RpdwunOyCbWIQ4A45d3WGcPR8v14smDGbxQvXhG0trGzv08IyaPTTQz5k3PbaXeQljvhcJEkC4ETuCO8gpoly8xRmc48zl-JuO1VXc70Dv6_sAc18zwFlxSNWzOXceVOlAkrHU6uASQuCHa0KNJ2bvVzhBN57mLvSDegUbG2bJzwaISKbk13xBbw3Qh81caP4Wp2T0KFWCCUkqyEvoqJub9ySDgadWdQjBC7z--0fI8lu2Ji9jVMX1aP1ny9U0iC0fpFUWm6N1H5NgWg_EevLJeekRyhuLeN2ZFYiuSluqrFYHUh20Va1Yx61DSWV7YQKDF9245wWnuUwM4OHbvBOfmhop6TTaL656dKS_px3O9tEFKrDJkFBOhIMQ7onOR8f4mD_0xE5mj2Hi-HLeShYr_8VFO5qclEou-9qggtNM730TNAL8fb9MJQ7ujPtxrW_--tsKflRviO7hD1r5E2QaVDOY7Hf_hz-M0Gg3cQYj90xkKIoktGZmC-kkOGkpsNrObQbqjZXYW3K0KLbZYK0kr-grua1kNy&cid=CAASEuRo7_kgnIEjyV5ZAtR0CXKO-g&rfl=1%2Chttps%253A%252F%252Fwww.macobserver.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:08 GMT content-encoding gzip x-content-type-options nosniff age 18 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9544 x-xss-protection 0 server cafe etag 6261108306223674270 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 28 Jan 2022 06:05:08 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/ Frame 8A4F	8 KB 3 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxJi7IkYUG1_zvfqsmjnVKwMpUOgWtoth-WfnbGrci_tU6k2QYlI-_dv__NdOis0MiUl56GEMXJE7aJQhoypZbr_Wuz_LpQtiM9BoiZoqoFjVbxL1ahMvRe7b4N31PZZgkOVje-AG0K47-VNeeitPE79K0Og&dbm_d=AKAmf-C9hMUiy2sEmcivnLzN1RCsxv-yJCUhi16hwRkulfZwZGAvKA-p649ENWKwseihAbktrKXhXei_GJq1Se78uk_u4sFQix18t2Ur8N_FqPBtJp7fqGFtBQaTdMmOZZ9fLnHmsjbxJfMAQyjrWx811aYDha5K6LinA-PeyySPC7Ue-k4W9LtHlie4198s51q1EdJKHi0fYZ4YdjRuiMNoEUK5BeYT9ljRbEhBUuriRf_JMsdGK8_R2b9lqlyQd0mzSEF7noUNzd_ojNApYKYJBMbDAxl7k3XO5_s4xQLqReBMF9eolUdBxkCbOTeobCZPg1Lbi-2cIW7X3oBK7rj_q9nLfpGKAa9jarzxfmKmqNp3mgiaq5CKXRpd49Ubnf3S7iUe4p3zFSZM4lfN-wAODkx_xTkaaRjZ59Y7teoKTeWqozjqZnXx5WxcU1ZuMmkJYcDsKZv-BZKU6fSeEHEKtdg-fvG-Mf-_M5272olDGucKZizwylIgD4dYnt80YIrZvkJfDwZ1MCirr_QuDLZYu2vZPVHDznPw9p-YvJ6_12dHI4w8TgcRKysLrTOoxhYizpzDjUq0kq3YrnikmYxWbtSfCGFi4DMteXN-1D7tFI9oi5434Ye-Ei8UjagOgpeAHmVaFeTe9_HtcKKKkhuMl2xLA5Z10As1T6wg_kBKRZdGa547bxoWZ_AlIe9l0OCWRTSWSwZjq2ng66TTfskqnO-MpY6KSMDOo50sAmt8oo_cLH2ItvrgSNlPNSpJgQ9zUZ212slmUAw4_ygh95p3legie1RGshsMWmoIunSQOdoREkDUHTou9_7zaaC1blA0C9OTRHp6m-RLiMNhioyX5pKrxHSEHTpOpmsgEk4LxajDLJDMYbhcJwDcyin_l_LKWWPrNBzTpu00Ogxk-kPy1ma5V8uEGRxe97-mCV9_jAfCO_8-WT106Yn6NRqRYt--75c8MknkWq3tFymwePTYtGQP7upKKS-dGC2m_cbNQt58548L7iGpDga1T77tNqs7tE0GaJr0dYsy-vou0YeVNCfg7bOnu_tTZdr2J4JnOULUqi7LzXiZRb9d4NpcAjHauz2dvp7yC22ZbqZ2ch4uZhSmrG1r-AT4vil3QLYcXLaE2X6Y4cv0Ci1HgkwVkHFdnWX1IT4HK4Q6qn-fISlRX_8stLLXSDDKIbVwvWzATwWrS4451MwbZdr0YmqBpPXS4wBfPkafuKQNKLwfoK4skPbeEiXO4_SUqAp77uAAI8VcSc8Udo2fTxqyCYVKYts9YRbk_h4zSPomFR7zsjNAEaRM1t7ANHNv_jmGUJ90IE5O1S7M4iZIY3QTmJrWNPdwgRbJXpj_d7CtBeaVAcsLMMAmd3htJ0tHp_YrgvdlzIFnU0rm9960Up3XoMPbHpVpl_gaw09k8v5pvzvoDUtPmOUABZ6eHmG_GPdVUNJ-MN-b7wfWVJKs9KXzAKrjJTmmPrU4ws3RSvTb1KWvrS69aqAYURr81nFio4QnEJurc4HkXI_NGhPSus0OKq74DS2EqTsTiaOqEAiAm6OhTSG2-Qm8WEhbFkosGXZilXFIFG0R5zU1171KDuSNiXXFOVyRyeqH4xNzx9kgvUsU-o9DDrxVi1WmYtfP4fdJyk2-sNs4-2toijbrYPrttzbjWVR87290J1OoYdsQxafER1QMfI1QSWKkbMelrl32YcMFHMqMbOvmwfICM8sUD87qpI7bc2MjW5mw4b1d_c7yfdc2nh5E1e574HZYWRomoS_hnbrDeFoJtvubZwC9IUIbybedic6I1k6X2p19WtG3xhHelsu35kFMVVUpNnA1LKHZp8HSxzxqA9j2A-O4DeZeItjzx7vVFkGP1-JAck9AaWZQTvrdHSKm-D8uAlOcNkkd8tkKo1auVJVBZy9NQVbv-v170vT4XpC2LW7YAbtW5w1mwFYz5AlJ2uI5ctCovRYtz0TOZvapT_ruUUjjjFK5QE6opvAPL383s0zFJTogG5ryW4ZGY2WlL8a2Js_LEzZ45t8e43brq2Mxf56vdI5XaFwZIuFqFm_JcPQECRtiXMQaJM0mXP9tY_n39Vfy_7TuxS55LeWgf5F_w6_IdHBUM68hUr7lKdCRHgvKXllgPiApcbHkcA2QnhWeUCcn6RLQPffxF83C-sYWFcXl1m9Oz0qBkQYnkCyOFQzcOgmAW-OtbjnJiQqpRiExPmYO3qB_fsq_7fCqUWWwQ0Gj4cuAyTbgWpVczHA1aRS7PWcrpnYAr8gJJiy7VmIaYbP-yr6acw8djUG4gUHPaxIfxAe3p8AlIvi6162ywp5aUoRv4CBs1CqCK6Nfs_uuQJC5SisNgDk_YqM1Ic9clGZUVD7pvpfELe6QJRg-qbcx3uZ-vKDklXZocNGG7aIOGL_cPpPj8T2lkS3SQj1AaBuyBryiGIBBYdbSFK3K2y26A4n2-HqhZABvXdyVbtok8evNwDLKptgKZzuOXSCjUtFWOJfTUMLTm9hf47c3AkaZI_r7XZgTytQ97NbZ-_gq9CrOnJeueMq0eIO1RhbEE4_SN6SBpU0aMGEf1SMjYHtnCBQMRkTzMunC5Yu_gyZi1k74bBd0RpdwunOyCbWIQ4A45d3WGcPR8v14smDGbxQvXhG0trGzv08IyaPTTQz5k3PbaXeQljvhcJEkC4ETuCO8gpoly8xRmc48zl-JuO1VXc70Dv6_sAc18zwFlxSNWzOXceVOlAkrHU6uASQuCHa0KNJ2bvVzhBN57mLvSDegUbG2bJzwaISKbk13xBbw3Qh81caP4Wp2T0KFWCCUkqyEvoqJub9ySDgadWdQjBC7z--0fI8lu2Ji9jVMX1aP1ny9U0iC0fpFUWm6N1H5NgWg_EevLJeekRyhuLeN2ZFYiuSluqrFYHUh20Va1Yx61DSWV7YQKDF9245wWnuUwM4OHbvBOfmhop6TTaL656dKS_px3O9tEFKrDJkFBOhIMQ7onOR8f4mD_0xE5mj2Hi-HLeShYr_8VFO5qclEou-9qggtNM730TNAL8fb9MJQ7ujPtxrW_--tsKflRviO7hD1r5E2QaVDOY7Hf_hz-M0Gg3cQYj90xkKIoktGZmC-kkOGkpsNrObQbqjZXYW3K0KLbZYK0kr-grua1kNy&cid=CAASEuRo7_kgnIEjyV5ZAtR0CXKO-g&rfl=1%2Chttps%253A%252F%252Fwww.macobserver.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:03:20 GMT content-encoding gzip x-content-type-options nosniff age 126 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3159 x-xss-protection 0 server cafe etag 1394524276809619753 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 28 Jan 2022 06:03:20 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 8A4F	0 571 B	60ms 37ms	Ping image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_qw7lidD-RV4t-_XHfdAinjcz2GSL4emcmMeAVOnSMKIjt2_feSCTvnQUrISjisAb27WhWwPAmpIO6-lrF49ZT6P4zzec74zykoPl4av1kUmCnkkDgOYGmiMNlfmIOrqIRerKgZPpS1ugb7H9-Gahs8ZtEE0XH214epnplUnPrvIi6brrk0C14qgVkWjL38qv7xWX9XUPVxuWZK9IxM2r0iTSnt3uP7CUZCGad2O5W2bUDURp3kjnHonlB2l4j9hZQkLV9b8vuCtEx3IQ_o6zSFhjeo66qWBTTaY0O6Wp47OVfb9-HStBoxfVw-yyeQ3A2rHEho4DD2UPNdcZ7kL0UQp-RFhsI6WIYgNcGxAMvmNLA3B_hOT1AhzV9qcCxVG5O931UJ0H8hCI-RLse2twhz7mlB1_yZC3Xgko6Q9_ArIMG0NhmOsuu6q8K_aD-UV9t3tpi-b8Pjy51FO9GHopp4qpzmtHqmMPYt_18OKJSjkWLeged_EwM1G-mn7FqVcq2z2Pm4EjJACqwtYxuPYUK87l21_aBuYcgK4qnwHUuP2nyHj9xFnUXGGGDz18BaSdS3FAmOc0poWbVi59aWODFEElncp3LkU9sRQyHOCLcU9GcUfLde4vhwmqks15qC022RhiWH5LcoW5QcPPv3EtbRL3B8tcStBbbGWjQ_ICzlK-vGGqybknpEH_2gn8VA-SVrPpWYIVw_gh0njYPosdj6WW0eSmn0lnK2AkUsqx4WKEQhAMGUKMkRTwROdxKXFDUcrz5EW0pUaZd3aLPgMNHbgoKo8IwIV5AqIqOmra_w0jrS0yyVI5PqtWvQlmiBweuaAKUS_KGV-W7cb41KCz9LDw9fVlKIhporOqqBJ-UlaU7fcFIIl3lhmyYEZEU72v1c4IlLmB5dHrk2NSGVdSnO9jgqCKfdQ89d0slpQxKVXyfZsCkQraIxURfkOwfTmDFC0sI-xyVVRJGYJ3Kp_QQ5XId_10YlGJV22r2BXhbmV5qOMWWrN6GVUSor6WuJh7whH-_jQ7Wxp0LQ__kJK6FkbWGVakbRTn3_TGppU4_PRYq9mqW8ZBXRzLGnTvjPSat8560yexeCQ0fu2ZYQVVtgSu0bNuEofSR7wuGKlD97pQNMG8Zn5SBO0oZfFs0-H3_SRG58OGs7ydk3W53yIMzGjfQDKu45E56l-k7nuELu_ZVJYAm1OtBxoz0F0sRwJQ02VuTWJUmDsw5L_10AckUnZez3m0j3rymE5vtafazxdkfuyfbAxJZvM4mtdulf9JGAk0hO2AqfN2BnVcnBtZYtieoB42VN7fJxUHIYR5&sai=AMfl-YTyvsVDuCNfEZut6-fz6muk0khbn4wH_88HlYdZNYw9cMXr3fDcKq0JYyVBoQdx1ji-eKQx_fgewea9qC78wHkTQfX6nFQMsYtD6rQWeceiUsA9pwbxQZZlh808FOd1bp28yhTl9ZiXK22v6YQ5hmcLbFQ5b8csb58XukWFmo-sSTCgvBnyyw&sig=Cg0ArKJSzLUkbRTgq4dZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220112.72461&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxJi7IkYUG1_zvfqsmjnVKwMpUOgWtoth-WfnbGrci_tU6k2QYlI-_dv__NdOis0MiUl56GEMXJE7aJQhoypZbr_Wuz_LpQtiM9BoiZoqoFjVbxL1ahMvRe7b4N31PZZgkOVje-AG0K47-VNeeitPE79K0Og&dbm_d=AKAmf-C9hMUiy2sEmcivnLzN1RCsxv-yJCUhi16hwRkulfZwZGAvKA-p649ENWKwseihAbktrKXhXei_GJq1Se78uk_u4sFQix18t2Ur8N_FqPBtJp7fqGFtBQaTdMmOZZ9fLnHmsjbxJfMAQyjrWx811aYDha5K6LinA-PeyySPC7Ue-k4W9LtHlie4198s51q1EdJKHi0fYZ4YdjRuiMNoEUK5BeYT9ljRbEhBUuriRf_JMsdGK8_R2b9lqlyQd0mzSEF7noUNzd_ojNApYKYJBMbDAxl7k3XO5_s4xQLqReBMF9eolUdBxkCbOTeobCZPg1Lbi-2cIW7X3oBK7rj_q9nLfpGKAa9jarzxfmKmqNp3mgiaq5CKXRpd49Ubnf3S7iUe4p3zFSZM4lfN-wAODkx_xTkaaRjZ59Y7teoKTeWqozjqZnXx5WxcU1ZuMmkJYcDsKZv-BZKU6fSeEHEKtdg-fvG-Mf-_M5272olDGucKZizwylIgD4dYnt80YIrZvkJfDwZ1MCirr_QuDLZYu2vZPVHDznPw9p-YvJ6_12dHI4w8TgcRKysLrTOoxhYizpzDjUq0kq3YrnikmYxWbtSfCGFi4DMteXN-1D7tFI9oi5434Ye-Ei8UjagOgpeAHmVaFeTe9_HtcKKKkhuMl2xLA5Z10As1T6wg_kBKRZdGa547bxoWZ_AlIe9l0OCWRTSWSwZjq2ng66TTfskqnO-MpY6KSMDOo50sAmt8oo_cLH2ItvrgSNlPNSpJgQ9zUZ212slmUAw4_ygh95p3legie1RGshsMWmoIunSQOdoREkDUHTou9_7zaaC1blA0C9OTRHp6m-RLiMNhioyX5pKrxHSEHTpOpmsgEk4LxajDLJDMYbhcJwDcyin_l_LKWWPrNBzTpu00Ogxk-kPy1ma5V8uEGRxe97-mCV9_jAfCO_8-WT106Yn6NRqRYt--75c8MknkWq3tFymwePTYtGQP7upKKS-dGC2m_cbNQt58548L7iGpDga1T77tNqs7tE0GaJr0dYsy-vou0YeVNCfg7bOnu_tTZdr2J4JnOULUqi7LzXiZRb9d4NpcAjHauz2dvp7yC22ZbqZ2ch4uZhSmrG1r-AT4vil3QLYcXLaE2X6Y4cv0Ci1HgkwVkHFdnWX1IT4HK4Q6qn-fISlRX_8stLLXSDDKIbVwvWzATwWrS4451MwbZdr0YmqBpPXS4wBfPkafuKQNKLwfoK4skPbeEiXO4_SUqAp77uAAI8VcSc8Udo2fTxqyCYVKYts9YRbk_h4zSPomFR7zsjNAEaRM1t7ANHNv_jmGUJ90IE5O1S7M4iZIY3QTmJrWNPdwgRbJXpj_d7CtBeaVAcsLMMAmd3htJ0tHp_YrgvdlzIFnU0rm9960Up3XoMPbHpVpl_gaw09k8v5pvzvoDUtPmOUABZ6eHmG_GPdVUNJ-MN-b7wfWVJKs9KXzAKrjJTmmPrU4ws3RSvTb1KWvrS69aqAYURr81nFio4QnEJurc4HkXI_NGhPSus0OKq74DS2EqTsTiaOqEAiAm6OhTSG2-Qm8WEhbFkosGXZilXFIFG0R5zU1171KDuSNiXXFOVyRyeqH4xNzx9kgvUsU-o9DDrxVi1WmYtfP4fdJyk2-sNs4-2toijbrYPrttzbjWVR87290J1OoYdsQxafER1QMfI1QSWKkbMelrl32YcMFHMqMbOvmwfICM8sUD87qpI7bc2MjW5mw4b1d_c7yfdc2nh5E1e574HZYWRomoS_hnbrDeFoJtvubZwC9IUIbybedic6I1k6X2p19WtG3xhHelsu35kFMVVUpNnA1LKHZp8HSxzxqA9j2A-O4DeZeItjzx7vVFkGP1-JAck9AaWZQTvrdHSKm-D8uAlOcNkkd8tkKo1auVJVBZy9NQVbv-v170vT4XpC2LW7YAbtW5w1mwFYz5AlJ2uI5ctCovRYtz0TOZvapT_ruUUjjjFK5QE6opvAPL383s0zFJTogG5ryW4ZGY2WlL8a2Js_LEzZ45t8e43brq2Mxf56vdI5XaFwZIuFqFm_JcPQECRtiXMQaJM0mXP9tY_n39Vfy_7TuxS55LeWgf5F_w6_IdHBUM68hUr7lKdCRHgvKXllgPiApcbHkcA2QnhWeUCcn6RLQPffxF83C-sYWFcXl1m9Oz0qBkQYnkCyOFQzcOgmAW-OtbjnJiQqpRiExPmYO3qB_fsq_7fCqUWWwQ0Gj4cuAyTbgWpVczHA1aRS7PWcrpnYAr8gJJiy7VmIaYbP-yr6acw8djUG4gUHPaxIfxAe3p8AlIvi6162ywp5aUoRv4CBs1CqCK6Nfs_uuQJC5SisNgDk_YqM1Ic9clGZUVD7pvpfELe6QJRg-qbcx3uZ-vKDklXZocNGG7aIOGL_cPpPj8T2lkS3SQj1AaBuyBryiGIBBYdbSFK3K2y26A4n2-HqhZABvXdyVbtok8evNwDLKptgKZzuOXSCjUtFWOJfTUMLTm9hf47c3AkaZI_r7XZgTytQ97NbZ-_gq9CrOnJeueMq0eIO1RhbEE4_SN6SBpU0aMGEf1SMjYHtnCBQMRkTzMunC5Yu_gyZi1k74bBd0RpdwunOyCbWIQ4A45d3WGcPR8v14smDGbxQvXhG0trGzv08IyaPTTQz5k3PbaXeQljvhcJEkC4ETuCO8gpoly8xRmc48zl-JuO1VXc70Dv6_sAc18zwFlxSNWzOXceVOlAkrHU6uASQuCHa0KNJ2bvVzhBN57mLvSDegUbG2bJzwaISKbk13xBbw3Qh81caP4Wp2T0KFWCCUkqyEvoqJub9ySDgadWdQjBC7z--0fI8lu2Ji9jVMX1aP1ny9U0iC0fpFUWm6N1H5NgWg_EevLJeekRyhuLeN2ZFYiuSluqrFYHUh20Va1Yx61DSWV7YQKDF9245wWnuUwM4OHbvBOfmhop6TTaL656dKS_px3O9tEFKrDJkFBOhIMQ7onOR8f4mD_0xE5mj2Hi-HLeShYr_8VFO5qclEou-9qggtNM730TNAL8fb9MJQ7ujPtxrW_--tsKflRviO7hD1r5E2QaVDOY7Hf_hz-M0Gg3cQYj90xkKIoktGZmC-kkOGkpsNrObQbqjZXYW3K0KLbZYK0kr-grua1kNy&cid=CAASEuRo7_kgnIEjyV5ZAtR0CXKO-g&rfl=1%2Chttps%253A%252F%252Fwww.macobserver.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 14 Jan 2022 06:05:26 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 8A4F	41 KB 15 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxJi7IkYUG1_zvfqsmjnVKwMpUOgWtoth-WfnbGrci_tU6k2QYlI-_dv__NdOis0MiUl56GEMXJE7aJQhoypZbr_Wuz_LpQtiM9BoiZoqoFjVbxL1ahMvRe7b4N31PZZgkOVje-AG0K47-VNeeitPE79K0Og&dbm_d=AKAmf-C9hMUiy2sEmcivnLzN1RCsxv-yJCUhi16hwRkulfZwZGAvKA-p649ENWKwseihAbktrKXhXei_GJq1Se78uk_u4sFQix18t2Ur8N_FqPBtJp7fqGFtBQaTdMmOZZ9fLnHmsjbxJfMAQyjrWx811aYDha5K6LinA-PeyySPC7Ue-k4W9LtHlie4198s51q1EdJKHi0fYZ4YdjRuiMNoEUK5BeYT9ljRbEhBUuriRf_JMsdGK8_R2b9lqlyQd0mzSEF7noUNzd_ojNApYKYJBMbDAxl7k3XO5_s4xQLqReBMF9eolUdBxkCbOTeobCZPg1Lbi-2cIW7X3oBK7rj_q9nLfpGKAa9jarzxfmKmqNp3mgiaq5CKXRpd49Ubnf3S7iUe4p3zFSZM4lfN-wAODkx_xTkaaRjZ59Y7teoKTeWqozjqZnXx5WxcU1ZuMmkJYcDsKZv-BZKU6fSeEHEKtdg-fvG-Mf-_M5272olDGucKZizwylIgD4dYnt80YIrZvkJfDwZ1MCirr_QuDLZYu2vZPVHDznPw9p-YvJ6_12dHI4w8TgcRKysLrTOoxhYizpzDjUq0kq3YrnikmYxWbtSfCGFi4DMteXN-1D7tFI9oi5434Ye-Ei8UjagOgpeAHmVaFeTe9_HtcKKKkhuMl2xLA5Z10As1T6wg_kBKRZdGa547bxoWZ_AlIe9l0OCWRTSWSwZjq2ng66TTfskqnO-MpY6KSMDOo50sAmt8oo_cLH2ItvrgSNlPNSpJgQ9zUZ212slmUAw4_ygh95p3legie1RGshsMWmoIunSQOdoREkDUHTou9_7zaaC1blA0C9OTRHp6m-RLiMNhioyX5pKrxHSEHTpOpmsgEk4LxajDLJDMYbhcJwDcyin_l_LKWWPrNBzTpu00Ogxk-kPy1ma5V8uEGRxe97-mCV9_jAfCO_8-WT106Yn6NRqRYt--75c8MknkWq3tFymwePTYtGQP7upKKS-dGC2m_cbNQt58548L7iGpDga1T77tNqs7tE0GaJr0dYsy-vou0YeVNCfg7bOnu_tTZdr2J4JnOULUqi7LzXiZRb9d4NpcAjHauz2dvp7yC22ZbqZ2ch4uZhSmrG1r-AT4vil3QLYcXLaE2X6Y4cv0Ci1HgkwVkHFdnWX1IT4HK4Q6qn-fISlRX_8stLLXSDDKIbVwvWzATwWrS4451MwbZdr0YmqBpPXS4wBfPkafuKQNKLwfoK4skPbeEiXO4_SUqAp77uAAI8VcSc8Udo2fTxqyCYVKYts9YRbk_h4zSPomFR7zsjNAEaRM1t7ANHNv_jmGUJ90IE5O1S7M4iZIY3QTmJrWNPdwgRbJXpj_d7CtBeaVAcsLMMAmd3htJ0tHp_YrgvdlzIFnU0rm9960Up3XoMPbHpVpl_gaw09k8v5pvzvoDUtPmOUABZ6eHmG_GPdVUNJ-MN-b7wfWVJKs9KXzAKrjJTmmPrU4ws3RSvTb1KWvrS69aqAYURr81nFio4QnEJurc4HkXI_NGhPSus0OKq74DS2EqTsTiaOqEAiAm6OhTSG2-Qm8WEhbFkosGXZilXFIFG0R5zU1171KDuSNiXXFOVyRyeqH4xNzx9kgvUsU-o9DDrxVi1WmYtfP4fdJyk2-sNs4-2toijbrYPrttzbjWVR87290J1OoYdsQxafER1QMfI1QSWKkbMelrl32YcMFHMqMbOvmwfICM8sUD87qpI7bc2MjW5mw4b1d_c7yfdc2nh5E1e574HZYWRomoS_hnbrDeFoJtvubZwC9IUIbybedic6I1k6X2p19WtG3xhHelsu35kFMVVUpNnA1LKHZp8HSxzxqA9j2A-O4DeZeItjzx7vVFkGP1-JAck9AaWZQTvrdHSKm-D8uAlOcNkkd8tkKo1auVJVBZy9NQVbv-v170vT4XpC2LW7YAbtW5w1mwFYz5AlJ2uI5ctCovRYtz0TOZvapT_ruUUjjjFK5QE6opvAPL383s0zFJTogG5ryW4ZGY2WlL8a2Js_LEzZ45t8e43brq2Mxf56vdI5XaFwZIuFqFm_JcPQECRtiXMQaJM0mXP9tY_n39Vfy_7TuxS55LeWgf5F_w6_IdHBUM68hUr7lKdCRHgvKXllgPiApcbHkcA2QnhWeUCcn6RLQPffxF83C-sYWFcXl1m9Oz0qBkQYnkCyOFQzcOgmAW-OtbjnJiQqpRiExPmYO3qB_fsq_7fCqUWWwQ0Gj4cuAyTbgWpVczHA1aRS7PWcrpnYAr8gJJiy7VmIaYbP-yr6acw8djUG4gUHPaxIfxAe3p8AlIvi6162ywp5aUoRv4CBs1CqCK6Nfs_uuQJC5SisNgDk_YqM1Ic9clGZUVD7pvpfELe6QJRg-qbcx3uZ-vKDklXZocNGG7aIOGL_cPpPj8T2lkS3SQj1AaBuyBryiGIBBYdbSFK3K2y26A4n2-HqhZABvXdyVbtok8evNwDLKptgKZzuOXSCjUtFWOJfTUMLTm9hf47c3AkaZI_r7XZgTytQ97NbZ-_gq9CrOnJeueMq0eIO1RhbEE4_SN6SBpU0aMGEf1SMjYHtnCBQMRkTzMunC5Yu_gyZi1k74bBd0RpdwunOyCbWIQ4A45d3WGcPR8v14smDGbxQvXhG0trGzv08IyaPTTQz5k3PbaXeQljvhcJEkC4ETuCO8gpoly8xRmc48zl-JuO1VXc70Dv6_sAc18zwFlxSNWzOXceVOlAkrHU6uASQuCHa0KNJ2bvVzhBN57mLvSDegUbG2bJzwaISKbk13xBbw3Qh81caP4Wp2T0KFWCCUkqyEvoqJub9ySDgadWdQjBC7z--0fI8lu2Ji9jVMX1aP1ny9U0iC0fpFUWm6N1H5NgWg_EevLJeekRyhuLeN2ZFYiuSluqrFYHUh20Va1Yx61DSWV7YQKDF9245wWnuUwM4OHbvBOfmhop6TTaL656dKS_px3O9tEFKrDJkFBOhIMQ7onOR8f4mD_0xE5mj2Hi-HLeShYr_8VFO5qclEou-9qggtNM730TNAL8fb9MJQ7ujPtxrW_--tsKflRviO7hD1r5E2QaVDOY7Hf_hz-M0Gg3cQYj90xkKIoktGZmC-kkOGkpsNrObQbqjZXYW3K0KLbZYK0kr-grua1kNy&cid=CAASEuRo7_kgnIEjyV5ZAtR0CXKO-g&rfl=1%2Chttps%253A%252F%252Fwww.macobserver.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 14:06:28 GMT content-encoding gzip x-content-type-options nosniff age 57538 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Jan 2023 14:06:28 GMT
GET H2	200	15415592593835312196 s0.2mdn.net/simgad/ Frame 8A4F	45 KB 46 KB	48ms 8ms	Image image/jpeg	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/15415592593835312196 Requested by Host: 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com URL: https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fdcab2a2dc4034d463d393432fc82b60e4d6d005dc932aabfbfea16990d21ea1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sun, 09 Jan 2022 06:07:44 GMT x-content-type-options nosniff age 431862 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46093 x-xss-protection 0 last-modified Tue, 06 Apr 2021 18:13:40 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 09 Jan 2023 06:07:44 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame CAD4	1 KB 749 B	7ms 6ms	Document text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com URL: https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 date Fri, 14 Jan 2022 05:53:44 GMT expires Sat, 15 Jan 2022 05:53:44 GMT cache-control public, max-age=86400 age 702 etag 48472445140208031 content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 8A4F	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ad008b15125deab77b1e3578fcf83be041e939281d18e310ef99cea93c525043 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 8A4F	0 23 B	46ms 31ms	Ping image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_qw7lidD-RV4t-_XHfdAinjcz2GSL4emcmMeAVOnSMKIjt2_feSCTvnQUrISjisAb27WhWwPAmpIO6-lrF49ZT6P4zzec74zykoPl4av1kUmCnkkDgOYGmiMNlfmIOrqIRerKgZPpS1ugb7H9-Gahs8ZtEE0XH214epnplUnPrvIi6brrk0C14qgVkWjL38qv7xWX9XUPVxuWZK9IxM2r0iTSnt3uP7CUZCGad2O5W2bUDURp3kjnHonlB2l4j9hZQkLV9b8vuCtEx3IQ_o6zSFhjeo66qWBTTaY0O6Wp47OVfb9-HStBoxfVw-yyeQ3A2rHEho4DD2UPNdcZ7kL0UQp-RFhsI6WIYgNcGxAMvmNLA3B_hOT1AhzV9qcCxVG5O931UJ0H8hCI-RLse2twhz7mlB1_yZC3Xgko6Q9_ArIMG0NhmOsuu6q8K_aD-UV9t3tpi-b8Pjy51FO9GHopp4qpzmtHqmMPYt_18OKJSjkWLeged_EwM1G-mn7FqVcq2z2Pm4EjJACqwtYxuPYUK87l21_aBuYcgK4qnwHUuP2nyHj9xFnUXGGGDz18BaSdS3FAmOc0poWbVi59aWODFEElncp3LkU9sRQyHOCLcU9GcUfLde4vhwmqks15qC022RhiWH5LcoW5QcPPv3EtbRL3B8tcStBbbGWjQ_ICzlK-vGGqybknpEH_2gn8VA-SVrPpWYIVw_gh0njYPosdj6WW0eSmn0lnK2AkUsqx4WKEQhAMGUKMkRTwROdxKXFDUcrz5EW0pUaZd3aLPgMNHbgoKo8IwIV5AqIqOmra_w0jrS0yyVI5PqtWvQlmiBweuaAKUS_KGV-W7cb41KCz9LDw9fVlKIhporOqqBJ-UlaU7fcFIIl3lhmyYEZEU72v1c4IlLmB5dHrk2NSGVdSnO9jgqCKfdQ89d0slpQxKVXyfZsCkQraIxURfkOwfTmDFC0sI-xyVVRJGYJ3Kp_QQ5XId_10YlGJV22r2BXhbmV5qOMWWrN6GVUSor6WuJh7whH-_jQ7Wxp0LQ__kJK6FkbWGVakbRTn3_TGppU4_PRYq9mqW8ZBXRzLGnTvjPSat8560yexeCQ0fu2ZYQVVtgSu0bNuEofSR7wuGKlD97pQNMG8Zn5SBO0oZfFs0-H3_SRG58OGs7ydk3W53yIMzGjfQDKu45E56l-k7nuELu_ZVJYAm1OtBxoz0F0sRwJQ02VuTWJUmDsw5L_10AckUnZez3m0j3rymE5vtafazxdkfuyfbAxJZvM4mtdulf9JGAk0hO2AqfN2BnVcnBtZYtieoB42VN7fJxUHIYR5&sai=AMfl-YTyvsVDuCNfEZut6-fz6muk0khbn4wH_88HlYdZNYw9cMXr3fDcKq0JYyVBoQdx1ji-eKQx_fgewea9qC78wHkTQfX6nFQMsYtD6rQWeceiUsA9pwbxQZZlh808FOd1bp28yhTl9ZiXK22v6YQ5hmcLbFQ5b8csb58XukWFmo-sSTCgvBnyyw&sig=Cg0ArKJSzLUkbRTgq4dZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=76&vt=11&dtpt=75&dett=2&cstd=0&cisv=r20220112.72461&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxJi7IkYUG1_zvfqsmjnVKwMpUOgWtoth-WfnbGrci_tU6k2QYlI-_dv__NdOis0MiUl56GEMXJE7aJQhoypZbr_Wuz_LpQtiM9BoiZoqoFjVbxL1ahMvRe7b4N31PZZgkOVje-AG0K47-VNeeitPE79K0Og&dbm_d=AKAmf-C9hMUiy2sEmcivnLzN1RCsxv-yJCUhi16hwRkulfZwZGAvKA-p649ENWKwseihAbktrKXhXei_GJq1Se78uk_u4sFQix18t2Ur8N_FqPBtJp7fqGFtBQaTdMmOZZ9fLnHmsjbxJfMAQyjrWx811aYDha5K6LinA-PeyySPC7Ue-k4W9LtHlie4198s51q1EdJKHi0fYZ4YdjRuiMNoEUK5BeYT9ljRbEhBUuriRf_JMsdGK8_R2b9lqlyQd0mzSEF7noUNzd_ojNApYKYJBMbDAxl7k3XO5_s4xQLqReBMF9eolUdBxkCbOTeobCZPg1Lbi-2cIW7X3oBK7rj_q9nLfpGKAa9jarzxfmKmqNp3mgiaq5CKXRpd49Ubnf3S7iUe4p3zFSZM4lfN-wAODkx_xTkaaRjZ59Y7teoKTeWqozjqZnXx5WxcU1ZuMmkJYcDsKZv-BZKU6fSeEHEKtdg-fvG-Mf-_M5272olDGucKZizwylIgD4dYnt80YIrZvkJfDwZ1MCirr_QuDLZYu2vZPVHDznPw9p-YvJ6_12dHI4w8TgcRKysLrTOoxhYizpzDjUq0kq3YrnikmYxWbtSfCGFi4DMteXN-1D7tFI9oi5434Ye-Ei8UjagOgpeAHmVaFeTe9_HtcKKKkhuMl2xLA5Z10As1T6wg_kBKRZdGa547bxoWZ_AlIe9l0OCWRTSWSwZjq2ng66TTfskqnO-MpY6KSMDOo50sAmt8oo_cLH2ItvrgSNlPNSpJgQ9zUZ212slmUAw4_ygh95p3legie1RGshsMWmoIunSQOdoREkDUHTou9_7zaaC1blA0C9OTRHp6m-RLiMNhioyX5pKrxHSEHTpOpmsgEk4LxajDLJDMYbhcJwDcyin_l_LKWWPrNBzTpu00Ogxk-kPy1ma5V8uEGRxe97-mCV9_jAfCO_8-WT106Yn6NRqRYt--75c8MknkWq3tFymwePTYtGQP7upKKS-dGC2m_cbNQt58548L7iGpDga1T77tNqs7tE0GaJr0dYsy-vou0YeVNCfg7bOnu_tTZdr2J4JnOULUqi7LzXiZRb9d4NpcAjHauz2dvp7yC22ZbqZ2ch4uZhSmrG1r-AT4vil3QLYcXLaE2X6Y4cv0Ci1HgkwVkHFdnWX1IT4HK4Q6qn-fISlRX_8stLLXSDDKIbVwvWzATwWrS4451MwbZdr0YmqBpPXS4wBfPkafuKQNKLwfoK4skPbeEiXO4_SUqAp77uAAI8VcSc8Udo2fTxqyCYVKYts9YRbk_h4zSPomFR7zsjNAEaRM1t7ANHNv_jmGUJ90IE5O1S7M4iZIY3QTmJrWNPdwgRbJXpj_d7CtBeaVAcsLMMAmd3htJ0tHp_YrgvdlzIFnU0rm9960Up3XoMPbHpVpl_gaw09k8v5pvzvoDUtPmOUABZ6eHmG_GPdVUNJ-MN-b7wfWVJKs9KXzAKrjJTmmPrU4ws3RSvTb1KWvrS69aqAYURr81nFio4QnEJurc4HkXI_NGhPSus0OKq74DS2EqTsTiaOqEAiAm6OhTSG2-Qm8WEhbFkosGXZilXFIFG0R5zU1171KDuSNiXXFOVyRyeqH4xNzx9kgvUsU-o9DDrxVi1WmYtfP4fdJyk2-sNs4-2toijbrYPrttzbjWVR87290J1OoYdsQxafER1QMfI1QSWKkbMelrl32YcMFHMqMbOvmwfICM8sUD87qpI7bc2MjW5mw4b1d_c7yfdc2nh5E1e574HZYWRomoS_hnbrDeFoJtvubZwC9IUIbybedic6I1k6X2p19WtG3xhHelsu35kFMVVUpNnA1LKHZp8HSxzxqA9j2A-O4DeZeItjzx7vVFkGP1-JAck9AaWZQTvrdHSKm-D8uAlOcNkkd8tkKo1auVJVBZy9NQVbv-v170vT4XpC2LW7YAbtW5w1mwFYz5AlJ2uI5ctCovRYtz0TOZvapT_ruUUjjjFK5QE6opvAPL383s0zFJTogG5ryW4ZGY2WlL8a2Js_LEzZ45t8e43brq2Mxf56vdI5XaFwZIuFqFm_JcPQECRtiXMQaJM0mXP9tY_n39Vfy_7TuxS55LeWgf5F_w6_IdHBUM68hUr7lKdCRHgvKXllgPiApcbHkcA2QnhWeUCcn6RLQPffxF83C-sYWFcXl1m9Oz0qBkQYnkCyOFQzcOgmAW-OtbjnJiQqpRiExPmYO3qB_fsq_7fCqUWWwQ0Gj4cuAyTbgWpVczHA1aRS7PWcrpnYAr8gJJiy7VmIaYbP-yr6acw8djUG4gUHPaxIfxAe3p8AlIvi6162ywp5aUoRv4CBs1CqCK6Nfs_uuQJC5SisNgDk_YqM1Ic9clGZUVD7pvpfELe6QJRg-qbcx3uZ-vKDklXZocNGG7aIOGL_cPpPj8T2lkS3SQj1AaBuyBryiGIBBYdbSFK3K2y26A4n2-HqhZABvXdyVbtok8evNwDLKptgKZzuOXSCjUtFWOJfTUMLTm9hf47c3AkaZI_r7XZgTytQ97NbZ-_gq9CrOnJeueMq0eIO1RhbEE4_SN6SBpU0aMGEf1SMjYHtnCBQMRkTzMunC5Yu_gyZi1k74bBd0RpdwunOyCbWIQ4A45d3WGcPR8v14smDGbxQvXhG0trGzv08IyaPTTQz5k3PbaXeQljvhcJEkC4ETuCO8gpoly8xRmc48zl-JuO1VXc70Dv6_sAc18zwFlxSNWzOXceVOlAkrHU6uASQuCHa0KNJ2bvVzhBN57mLvSDegUbG2bJzwaISKbk13xBbw3Qh81caP4Wp2T0KFWCCUkqyEvoqJub9ySDgadWdQjBC7z--0fI8lu2Ji9jVMX1aP1ny9U0iC0fpFUWm6N1H5NgWg_EevLJeekRyhuLeN2ZFYiuSluqrFYHUh20Va1Yx61DSWV7YQKDF9245wWnuUwM4OHbvBOfmhop6TTaL656dKS_px3O9tEFKrDJkFBOhIMQ7onOR8f4mD_0xE5mj2Hi-HLeShYr_8VFO5qclEou-9qggtNM730TNAL8fb9MJQ7ujPtxrW_--tsKflRviO7hD1r5E2QaVDOY7Hf_hz-M0Gg3cQYj90xkKIoktGZmC-kkOGkpsNrObQbqjZXYW3K0KLbZYK0kr-grua1kNy&cid=CAASEuRo7_kgnIEjyV5ZAtR0CXKO-g&rfl=1%2Chttps%253A%252F%252Fwww.macobserver.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 14 Jan 2022 06:05:26 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame E6F6	22 KB 8 KB	8ms 8ms	Document text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ Response headers cross-origin-resource-policy cross-origin accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Thu, 13 Jan 2022 14:06:54 GMT expires Fri, 13 Jan 2023 14:06:54 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 57512 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame CAD4 Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESELz5BTxMKDWKZnMvdQzRTCU&google_cver=1&google_push=AYg5qPKXUUWjgqXKXxepRxj0pmz7GG-rakAXK1MGnJ4Qh8LILJ5-UG6OwURFt9AfU-P5E4ZDJ9uKC956koyxNcftwF1hsmAkbLo https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Njk4NTUyMTE1NzM0MjI5MzQ3Mg==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIPUve2E-QrokDXyB_BcEOw&google_cver=1	43 B 407 B	35ms 18ms	Image image/gif	2001:678:cb4:bbbb::11
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIPUve2E-QrokDXyB_BcEOw&google_cver=1 Requested by Host: 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com URL: https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Server 2001:678:cb4:bbbb::11 -, , ASN (), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:26 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-type image/gif content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Fri, 14 Jan 2022 06:05:26 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIPUve2E-QrokDXyB_BcEOw&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame CAD4 Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEPMV6sTLzb1Q4vhCck2u9tY&google_cver=1&google_push=AYg5qPIQw2Gyf-897rjSufskO9Ex_HfLXa3yZxZJsJH8mrUgkh7giEHuJRmFzyAB3ishsZe6XfDz9SbQK8THu68C... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ObGvbo3bSwKu-F4pFop1WQ2&google_push=AYg5qPIQw2Gyf-897rjSufskO9Ex_HfLXa3yZxZJsJH8mrUgkh7giEHuJRmFzyAB3ishsZe6XfDz9SbQK8THu68CgY7OVDoR2bRC	170 B 188 B	18ms 17ms	Image image/png	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ObGvbo3bSwKu-F4pFop1WQ2&google_push=AYg5qPIQw2Gyf-897rjSufskO9Ex_HfLXa3yZxZJsJH8mrUgkh7giEHuJRmFzyAB3ishsZe6XfDz9SbQK8THu68CgY7OVDoR2bRC Requested by Host: 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com URL: https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 14 Jan 2022 06:05:26 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.15.12 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ObGvbo3bSwKu-F4pFop1WQ2&google_push=AYg5qPIQw2Gyf-897rjSufskO9Ex_HfLXa3yZxZJsJH8mrUgkh7giEHuJRmFzyAB3ishsZe6XfDz9SbQK8THu68CgY7OVDoR2bRC x-host tde-deliveryengine-production-78c5c78457-kmdpp alt-svc clear content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame CAD4 Redirect Chain https://a.c.appier.net/gcm?google_gid=CAESEPMyav-CULM3MFo5C3OMlKs&google_cver=1&google_push=AYg5qPJpEniFiSBjK1Prm-oH9f0RwqtLTiW1EjnKVpagiqLyxP2oWl5miQPEkpn2327mO-iMx8-70_1me7BOGVOU8KqS6GbLIXM https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bXJ3amhWVkNBSk9kNEI2RXB4TGhZUQ%3D%3D&google_push=AYg5qPJpEniFiSBjK1Prm-oH9f0RwqtLTiW1EjnKVpagiqLyxP2oWl5miQPEkpn2327mO-iMx8-70_1me7BOG...	170 B 188 B	16ms 16ms	Image image/png	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bXJ3amhWVkNBSk9kNEI2RXB4TGhZUQ%3D%3D&google_push=AYg5qPJpEniFiSBjK1Prm-oH9f0RwqtLTiW1EjnKVpagiqLyxP2oWl5miQPEkpn2327mO-iMx8-70_1me7BOGVOU8KqS6GbLIXM Protocol H3 Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bXJ3amhWVkNBSk9kNEI2RXB4TGhZUQ%3D%3D&google_push=AYg5qPJpEniFiSBjK1Prm-oH9f0RwqtLTiW1EjnKVpagiqLyxP2oWl5miQPEkpn2327mO-iMx8-70_1me7BOGVOU8KqS6GbLIXM date Fri, 14 Jan 2022 06:05:27 GMT cache-control no-store server nginx content-type text/html; charset=utf-8 content-length 242 p3p CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
GET H3	200	pixel cm.g.doubleclick.net/ Frame CAD4 Redirect Chain https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEMCOL32xzRVuNsuU8qsT2y0&google_cver=1&google_push=AYg5qPIgPu19vBC4yEIEO_FWfCham8byHDJtda6b-QkQ9dPix2ja_NNlINg5owcE1W2fBKjUsFaVsyK_sGmlBZRdv1kB... https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPIgPu19vBC4yEIEO_FWfCham8byHDJtda6b-QkQ9dPix2ja_NNlINg5owcE1W2fBKjUsFaVsyK_sGmlBZRdv1kBgMqoRKY	170 B 188 B	17ms 17ms	Image image/png	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPIgPu19vBC4yEIEO_FWfCham8byHDJtda6b-QkQ9dPix2ja_NNlINg5owcE1W2fBKjUsFaVsyK_sGmlBZRdv1kBgMqoRKY Requested by Host: 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com URL: https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 14 Jan 2022 06:05:26 GMT Server nginx P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Location //cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPIgPu19vBC4yEIEO_FWfCham8byHDJtda6b-QkQ9dPix2ja_NNlINg5owcE1W2fBKjUsFaVsyK_sGmlBZRdv1kBgMqoRKY Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0
GET H/1.1	200 OK	us sync.go.sonobi.com/ Frame CAD4	0 478 B	68ms 14ms	Image text/plain	178.162.133.149
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJG53Wn3hS4sw3kRc6erKg9OHOWiZ-ahVovXvcTDRstf06NBW6NMzE_fyq-sqLlVwAwo022NYlEVnEL4fSphHG8BElSr-52%26google_hm%3D%5BUID%5D&google_gid=CAESEBvCm9wn-ppPa56nFpKALU0&google_cver=1 Requested by Host: 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com URL: https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 -, , ASN (), Reverse DNS Software sonobi-go / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:26 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type text/plain; charset=utf8 Content-Length 0 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame CAD4 Redirect Chain https://cs.media.net/cksync?type=g&google_gid=CAESEMP2ChPYd05ebuXcO729eMI&google_cver=1&google_push=AYg5qPJRSj7j9OmnL_Kcwk1vK6VMDysEKG80jk9CONGtUzU57CyExO2eRdnbNIN1LHf5UQ5ybmCAGA_EJrrr4Rh7J3Tp8kR0AD1z https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1MTQxOTI2NzU3Njg2NDAwMFYxMA%3d%3d&mn_hm=Mjg1MTQxOTI2NzU3Njg2NDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJRSj7j9OmnL_Kcwk1vK6VMDys...	170 B 188 B	17ms 17ms	Image image/png	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1MTQxOTI2NzU3Njg2NDAwMFYxMA%3d%3d&mn_hm=Mjg1MTQxOTI2NzU3Njg2NDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJRSj7j9OmnL_Kcwk1vK6VMDysEKG80jk9CONGtUzU57CyExO2eRdnbNIN1LHf5UQ5ybmCAGA_EJrrr4Rh7J3Tp8kR0AD1z&gdpr=&gdpr_consent= Requested by Host: 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com URL: https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:26 GMT Server Apache P3P CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA Location https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1MTQxOTI2NzU3Njg2NDAwMFYxMA%3d%3d&mn_hm=Mjg1MTQxOTI2NzU3Njg2NDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJRSj7j9OmnL_Kcwk1vK6VMDysEKG80jk9CONGtUzU57CyExO2eRdnbNIN1LHf5UQ5ybmCAGA_EJrrr4Rh7J3Tp8kR0AD1z&gdpr=&gdpr_consent= Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html Content-Length 154 X-MNET-HL2 E Expires Fri, 14 Jan 2022 06:05:26 GMT
GET H2	204	/ cc.adingo.jp/adx/push/ Frame CAD4	0 44 B	746ms 236ms	Image text/plain	52.198.4.47
General Check archive.org Show headers Download Go to Show image Full URL https://cc.adingo.jp/adx/push/?google_gid=CAESEJJO7fymnzlhRMOf2TE8Mbo&google_cver=1&google_push=AYg5qPKGuEUIrZdqp62fubtG1BKk47gpUskJR0MQr4JqzjhVpJnFvmD6YeL46GjDo8t0OC2HRK89ksVVgjkwadNYW3Ps0UhbBL0 Requested by Host: 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com URL: https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.198.4.47 -, , ASN (), Reverse DNS Software awselb/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:26 GMT server awselb/2.0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame CAD4	0 12 B	15ms 15ms	Image text/html	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3NYh9eXO8Jbud8egh78PqZKDrZ1DMBvrSpNnSQsf6PtCrpabpYmAGEVxP0SiDQWYT9nlw Requested by Host: 23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com URL: https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:26 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js Show response pagead2.googlesyndication.com/bg/ Frame E6F6	35 KB 13 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a02681ae1cc21a54f99afb9cf43cf89c42ab91bc9381aa64e96ffb4cf46e9f80 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 16:46:26 GMT content-encoding br x-content-type-options nosniff age 47940 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13579 x-xss-protection 0 last-modified Thu, 06 Jan 2022 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 13 Jan 2023 16:46:26 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E6F6	0 20 B	30ms 29ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQuV_phLhYdGVB5aIgAe0gJiIDAAAAAA4AeAEAg&bg=!LS6lLmrNAAaocxMpqHM7ACkAdvg8WpN04dWgQP5XBRybBzfwN-UlTWhgC3lBwXZm_awOU_V5hA2cBgIAAABjUgAAAANoAQeZAx_hXKSLDcuFAp6bup3nISfFKv1DysaZ8Qbtc0j2mEBspTGPhKNmWhLAWeUGMbBHoB1_72oDdGjUYDNctZn2BKgkIHCxncnLn7McnpfvSJWh0bstTAO6MWd-B4g47fa_Fejg1osvXZ9Bh-6ABTZ9hTBlR1ZemXKlxqyQe9gw3ypGDeLGuRnKGuitpHsJ0-efZCcyN2sXtLJWpSmItnzG5VWwcW-R3nGSXi3FKjJPLLTA8156eizxNxDWhDndvwvvUSgr6Y9C8JfMHXk7B0KGHvwsnMzqyQ8sgaumNsJ7C2KuV_CvwkYXXFCSqDHqThZyxCKTpf5GulF5zOyTxoExdZSrQyv0N63Uw2EYVT6dyGdOQvamVXFsrBMM7zwKAhwC4QMIP90puqcy4VxWZf4LQYqfPyJG7ydVslEF0sssHtTG7UNlc0kcxim5zE6XQ_i_I55hzQfuPzSMiBFQmM2WRyC7XEshwpbhSfC7N0z2uxVfRmO1nSb7taLS795whrCrGcgyG6DtsLqPYoUO0cz0e5QJJ8JoEUbFWkS1lr8WfxrBssA3RErqWV7sBkOELe2CTOQM2WAMXwgdqE1Spm_808B0n-xZ_dy7-j22uriwDbklrqo8aKWSctI1aL9LC6wI6cflrnqz12bLxIWY6AJj-W77xd591MDNTlcq4SF7nF6jtc9K_udqmTLCZJL4TxfBCWXNPqWXK5kpmbiWMIJHS4dUXW5nP7p_4KdvFEkYWySSRsIg6XecVhBxQ9WJXkbKHA7Q8SLBl74BLJUANSNO3WqPyEKCfGPqfMb65K6H1gqF9M3G176Ljq_SXWhfr-NFiICeDNclzlnN5JaH28jkVgAmyG3PF6MvNPmZ-ASF7M8NU45Xv0UUgko8WMMrmnuCd-6fy4Hb8GGSH4CdOr3qKO7mTAYiMhFpisy_ZgQpfq85Mw5bE5crjiYpizM5d_COmxQz5pR_PGgTh7a4p8RGxw0yfE9Tict2b2n0E6Rj0NlnyEWKpY2uFidmA08Qs75z7BvahxRMbEySrbFT_twIeT1nvHrq-zb_C6CD9uCwg7SD Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jquery-migrate.min.js Show response www.macobserver.com/wp-includes/js/jquery/	11 KB 4 KB	18ms 17ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-includes/js/jquery/jquery-migrate.min.js?screx=1&sxcb=1a&ver=3.3.2 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash cc129262a38049aa808d5bf97d37ca214e33a558d2d8869d7638d53e78108166 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:26 GMT content-encoding br x-origin-cache-control display staticcontent_sol x-ezoic-cdn Hit ds;mm;da7a9fcbd91ad485f7429887111672a1;2-317836-5;82fdbef5-25a7-48d2-5cd5-257f03f204b5 x-middleton-display staticcontent_sol x-middleton-response 200 content-length 4085 response 200 last-modified Fri, 14 Jan 2022 00:11:24 GMT server nginx etag "2bd8-5b60edbd529ed-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type application/javascript cache-control public, max-age=31536000 x-ez-minify-js 0.16% 11738 / 11757
GET H2	200	widgets.js Show response www.macobserver.com/ezossp/unknown/platform.twitter.com/	102 KB 28 KB	42ms 41ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/ezossp/unknown/platform.twitter.com/widgets.js?screx=1&sxcb=1a&ver=5.8.3 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash ac6e18aede2c2a5e90ca4c0ec13b86510b0cd95bf1687bfe7b88b3f491935450 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:26 GMT content-encoding br etag "b607db789ce85f01d2c97329a89acfde+gzip-gzip" age 165 x-ezoic-cdn Hit ds;mm;c4fd5b4bc75859f32aff7b91a33ac78f;2-317836-5;5e3b3064-8ecd-4110-4d2a-91ae16877dce x-cache HIT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-middleton-display staticcontent_sol access-control-allow-methods GET x-middleton-response 200 last-modified Fri, 14 Jan 2022 03:48:28 GMT server nginx x-origin-cache-control public, max-age=1800 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin x-tw-cdn VZ content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=1800
GET H2	200	jquery.fancybox.min.js Show response www.macobserver.com/wp-content/plugins/observer-plugin/javascript/vendor/fancybox/	67 KB 21 KB	34ms 33ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/observer-plugin/javascript/vendor/fancybox/jquery.fancybox.min.js?screx=1&sxcb=1a&ver=3.5.7 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 92aca7be60e920d9ed6c262967ac52a71de05a14aa5bc454665a5d4f6f40e4bb Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:26 GMT content-encoding br etag "10a9d-5cfc5b17364e3-gzip-gzip" response 200 last-modified Fri, 14 Jan 2022 03:48:28 GMT server nginx display staticcontent_sol x-origin-cache-control x-ezoic-cdn Hit ds;mm;6246e60d7e6fa4d4afa3ae814a9e1aa2;2-317836-5;1e2a0c27-5d9e-41f6-52ac-ad13c675a9d6 content-type application/javascript x-middleton-display staticcontent_sol cache-control public, max-age=31536000 x-ez-minify-js 0.44% 68399 / 68702 x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin
GET H2	200	observer.min.js Show response www.macobserver.com/wp-content/plugins/observer-plugin/javascript/	3 KB 1 KB	18ms 17ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/observer-plugin/javascript/observer.min.js?screx=1&sxcb=1a&ver=1.0 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 178dda9e8c2264e15ab2b450b862cbeda04780c1a222fc44d53f8c353aeee759 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:26 GMT content-encoding br x-origin-cache-control display staticcontent_sol x-ezoic-cdn Hit ds;mm;608650b75e514e0acbef6b94e3423cd7;2-317836-5;e0243020-6b0b-4341-483f-88d1f48f66a2 x-middleton-display staticcontent_sol x-middleton-response 200 content-length 1083 response 200 last-modified Thu, 13 Jan 2022 09:11:17 GMT server nginx etag "c90-5cfc5b173709b-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type application/javascript cache-control public, max-age=31536000 x-ez-minify-js 0.00% 3233 / 3233
GET H2	200	wp-mediaelement.min.js Show response www.macobserver.com/wp-includes/js/mediaelement/	906 B 560 B	19ms 19ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?screx=1&sxcb=1a&ver=5.8.3 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:26 GMT content-encoding br x-origin-cache-control display staticcontent_sol x-ezoic-cdn Hit ds;mm;611b07a1cdded8128101625477c56c4e;2-317836-5;2d56f9fc-5dc1-47f8-7c83-e3223dbb2984 x-middleton-display staticcontent_sol x-middleton-response 200 content-length 393 response 200 last-modified Fri, 14 Jan 2022 03:48:28 GMT server nginx etag "38a-5bafd388be6ca-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type application/javascript cache-control public, max-age=31536000 x-ez-minify-js 0.00% 906 / 906
GET H2	200	wp-emoji-release.min.js Show response www.macobserver.com/wp-includes/js/	18 KB 5 KB	19ms 19ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 5c3c4b20f3096c37f00d79fe0c4234f888926728ba3eddd94c8d6395266741f7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:26 GMT content-encoding br etag "4705-5c791e3938366-gzip-gzip" response 200 last-modified Fri, 14 Jan 2022 03:12:23 GMT server nginx display staticcontent_sol x-origin-cache-control x-ezoic-cdn Hit ds;mm;a60f4187f6a9d74f7d5aaafb410e4859;2-317836-5;579b7fb7-c341-4d47-7245-6cc03d34edb7 content-type application/javascript x-middleton-display staticcontent_sol cache-control public, max-age=31536000 x-ez-minify-js 0.48% 18094 / 18181 x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin
GET H2	200	related-posts.min.js Show response www.macobserver.com/wp-content/plugins/jetpack/_inc/build/related-posts/	6 KB 2 KB	16ms 16ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?screx=1&sxcb=1a&ver=20210930 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash c2fe75f86f48ab252149f5ee1d9aa2a753c4c086f6d87f0f0aa88805974015e1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:26 GMT content-encoding br x-origin-cache-control display staticcontent_sol x-ezoic-cdn Hit ds;mm;74b8140b30fd03cfdda9047d491bf9c3;2-317836-5;b2a41c98-c87d-4cc3-5c27-41cd74fac851 x-middleton-display staticcontent_sol x-middleton-response 200 content-length 1731 response 200 last-modified Fri, 14 Jan 2022 00:11:24 GMT server nginx etag "1670-5d29316154b06-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type application/javascript cache-control public, max-age=31536000 x-ez-minify-js 1.95% 5632 / 5744
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	78 KB 26 KB	23ms 22ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software sffe / Resource Hash 09f5c42f77200ab2b9f12234ab66327e8539dd66f645f02a63354bb6ced103fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:26 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26924 x-xss-protection 0 server sffe etag "1101 / 233 of 1000 / last-modified: 1642115158" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 14 Jan 2022 06:05:26 GMT
GET H2	200	/ Show response www.macobserver.com/news/transcredit-leaks-800000/	3 KB 1 KB	29ms 28ms	XHR application/json	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/news/transcredit-leaks-800000/?relatedposts=1 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?screx=1&sxcb=1a&ver=20210930 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / PHP/7.4.22 Resource Hash d7e5dd5f4d0b24aefb789d3d863ee8909865cc80c32d5823ee8b690d6f4f6792 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.macobserver.com/news/transcredit-leaks-800000/ x-requested-with XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:26 GMT content-encoding br x-content-type-options nosniff x-sol pub_site display staticcontent_sol x-powered-by PHP/7.4.22 x-ezoic-cdn Hit ds;mm;adcb6ee982939a4185b04c28aafccc7f;2-317836-5;22754934-bedd-4f14-4cad-9d7067776ebd x-middleton-display staticcontent_sol x-middleton-response 200 content-length 1039 response 200 server nginx x-origin-cache-control vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type application/json; charset=utf-8 cache-control public, max-age=2592000
GET H2	200	jquery.min.js Show response www.macobserver.com/wp-includes/js/jquery/	92 KB 30 KB	38ms 37ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-includes/js/jquery/jquery.min.js?screx=1&sxcb=1a&ver=3.6.0 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 4694b38beb61e9b20e4e0c9a1172b8e4ae7037f7097ac272270294f211dc8ba0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:26 GMT content-encoding br etag "15db1-5c791e393874e-gzip-gzip" response 200 last-modified Fri, 14 Jan 2022 03:48:28 GMT server nginx display staticcontent_sol x-origin-cache-control x-ezoic-cdn Hit ds;mm;a256cde75bdb1e011abc4f572a9d9b92;2-317836-5;3b7f6cef-44f6-49fa-5b7c-4b53eb33a8d2 content-type application/javascript x-middleton-display staticcontent_sol cache-control public, max-age=31536000 x-ez-minify-js 0.14% 93750 / 93877 x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	18ms 17ms	Script application/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.macobserver.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 14 Jan 2022 06:05:26 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	17ms 17ms	Script application/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.macobserver.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 14 Jan 2022 06:05:26 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	345 B 174 B	386ms 385ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2066825233645634&correlator=2413836769965497&output=ldjh&impl=fifs&eid=31060889&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1254144%2Cmacobserver_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=2&rcs=2&prev_scp=a%3D%257C3%257C%26iid1%3D8961983148080399%26eid%3D8961983148080399%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dmacobserver_com-medrectangle-2-8961983148080399%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D15%26bvm%3D0%26bvr%3D5%26shp%3D1%26ftsn%3D3%26br1%3D100%26br2%3D180%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C14%2C0%2C4%2C0%2C193%2C20%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C20%2C17%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D180%26reqt%3D1642140325131&eri=1&cookie=ID%3D9718d19c6294c089%3AT%3D1642140322%3AS%3DALNI_Mb5ybKn_jTBLk2TYCa3ixcuZOZpiA&bc=31&abxe=1&lmt=1642140326&dt=1642140326139&dlt=1642140320810&idt=285&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=2077988210&ucis=5&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2102813519.1642140321&ga_sid=1642140322&ga_hid=365389118&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash d4ea2656d5165cfb19b7a20969660520389bd64e3054839761b8b8c20065f8e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 145 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.macobserver.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	data-leak.jpg i1.wp.com/www.macobserver.com/wp-content/uploads/2018/06/	22 KB 22 KB	24ms 7ms	Image image/webp	192.0.77.2
General Check archive.org Show headers Download Go to Show image Full URL https://i1.wp.com/www.macobserver.com/wp-content/uploads/2018/06/data-leak.jpg?resize=350%2C200&ssl=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 -, , ASN (), Reverse DNS Software nginx / Resource Hash 993e66f4a6f1019e89e526046ccd86545a7889c30688e8d683a650466872fda7 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-nc HIT hhn 4 date Fri, 14 Jan 2022 06:05:26 GMT x-content-type-options nosniff last-modified Fri, 07 Jan 2022 07:57:15 GMT server nginx etag "1b9244579ba559a4" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.macobserver.com/wp-content/uploads/2018/06/data-leak.jpg>; rel="canonical" content-length 22140 expires Sun, 07 Jan 2024 19:57:15 GMT
GET H2	200	att-data-hack.jpg i0.wp.com/www.macobserver.com/wp-content/uploads/2021/08/	5 KB 6 KB	43ms 14ms	Image image/webp	192.0.77.2
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.macobserver.com/wp-content/uploads/2021/08/att-data-hack.jpg?resize=350%2C200&ssl=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 -, , ASN (), Reverse DNS Software nginx / Resource Hash fb4568575eef4a4bc3b429414f76de966fbcc664094966607f53f233a327dc35 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-nc HIT ams 4 date Fri, 14 Jan 2022 06:05:26 GMT x-content-type-options nosniff last-modified Wed, 12 Jan 2022 00:06:29 GMT server nginx etag "be138391746563fc" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.macobserver.com/wp-content/uploads/2021/08/att-data-hack.jpg>; rel="canonical" content-length 5442 expires Fri, 12 Jan 2024 12:06:29 GMT
GET H2	200	workfeatured-data-breach-leak-hack.png i1.wp.com/www.macobserver.com/wp-content/uploads/2019/02/	77 KB 77 KB	31ms 14ms	Image image/webp	192.0.77.2
General Check archive.org Show headers Download Go to Show image Full URL https://i1.wp.com/www.macobserver.com/wp-content/uploads/2019/02/workfeatured-data-breach-leak-hack.png?resize=350%2C200&ssl=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 -, , ASN (), Reverse DNS Software nginx / Resource Hash 821e7ffce675a56ca2eabe98561361438a74f6d88c702d62bb79ce42bb61133d Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-nc HIT hhn 3 date Fri, 14 Jan 2022 06:05:26 GMT x-content-type-options nosniff last-modified Wed, 12 Jan 2022 07:01:30 GMT server nginx etag "828fa88eb2b0c4fa" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.macobserver.com/wp-content/uploads/2019/02/workfeatured-data-breach-leak-hack.png>; rel="canonical" content-length 78908 expires Fri, 12 Jan 2024 19:01:30 GMT
GET H3	200	ads securepubads.g.doubleclick.net/gampad/	337 B 165 B	389ms 389ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2066825233645634&correlator=437260010543939&output=ldjh&impl=fifs&eid=31060889&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1254144%2Cmacobserver_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=2&prev_scp=a%3D%257C3%257C%26iid1%3D1897857644082790%26eid%3D1897857644082790%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dmacobserver_com-box-2-1897857644082790%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D0%26bvm%3D2%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D200%26br2%3D140%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D220%26reqt%3D1642140325152&eri=1&cookie=ID%3D9718d19c6294c089%3AT%3D1642140322%3AS%3DALNI_Mb5ybKn_jTBLk2TYCa3ixcuZOZpiA&bc=31&abxe=1&lmt=1642140326&dt=1642140326163&dlt=1642140320810&idt=285&frm=20&biw=1600&bih=1200&oid=2&adxs=962&adys=300&adks=3431401827&ucis=4&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&vis=1&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2102813519.1642140321&ga_sid=1642140322&ga_hid=365389118&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 136 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.macobserver.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads securepubads.g.doubleclick.net/gampad/	337 B 165 B	450ms 450ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2066825233645634&correlator=2655261539962054&output=ldjh&impl=fifs&eid=31060889&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1254144%2Cmacobserver_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=2&prev_scp=a%3D%257C1%257C%26iid1%3D1897857644082790%26eid%3D1897857644082790%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dmacobserver_com-box-2-1897857644082790%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D0%26bvm%3D2%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D200%26br2%3D140%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D220%26reqt%3D1642140325154&eri=1&cookie=ID%3D9718d19c6294c089%3AT%3D1642140322%3AS%3DALNI_Mb5ybKn_jTBLk2TYCa3ixcuZOZpiA&bc=31&abxe=1&lmt=1642140326&dt=1642140326170&dlt=1642140320810&idt=285&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=300&adks=32735598&ucis=2&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&vis=1&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2102813519.1642140321&ga_sid=1642140322&ga_hid=365389118&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 136 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.macobserver.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	337 B 165 B	353ms 353ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2066825233645634&correlator=1821655034175827&output=ldjh&impl=fifs&eid=31060889&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1254144%2Cmacobserver_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=2&prev_scp=a%3D%257C1%257C%26iid1%3D3936532464050530%26eid%3D3936532464050530%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D10%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dmacobserver_com-box-1-3936532464050530%26eb_br%3Dbf9a045b836005b6c23b7b0749249612%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D3%26acptad%3D1%26br1%3D26%26br2%3D220%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C17%2C19%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D70%26reqt%3D1642140325161&eri=1&cookie=ID%3D9718d19c6294c089%3AT%3D1642140322%3AS%3DALNI_Mb5ybKn_jTBLk2TYCa3ixcuZOZpiA&bc=31&abxe=1&lmt=1642140326&dt=1642140326177&dlt=1642140320810&idt=285&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1235169102&ucis=1&ifi=14&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2102813519.1642140321&ga_sid=1642140322&ga_hid=365389118&ga_fc=true&fws=644&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 4f090377e9a86ee87580847e1fe66310645932bf25a44351ca32811e44a28173 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 136 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.macobserver.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	link-timestamp-public.js Show response www.macobserver.com/wp-content/plugins/link-timestamp/public/js/	5 KB 2 KB	20ms 20ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/link-timestamp/public/js/link-timestamp-public.js?screx=1&sxcb=1a&ver=2.3.2 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash bf427c12e4afee6334784737169246a007af2dded38e0983ebf7de3b82df7bd8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:26 GMT content-encoding br x-origin-cache-control display staticcontent_sol x-ezoic-cdn Hit ds;mm;3a5636206a5f34b7e07de8edf820594a;2-317836-5;d30ec2b0-0997-4a49-76f9-5bc7f24b78d0 x-middleton-display staticcontent_sol x-middleton-response 200 content-length 1299 response 200 last-modified Thu, 13 Jan 2022 09:11:17 GMT server nginx etag "17f0-5cc7272a162b0-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type application/javascript cache-control public, max-age=31536000 x-ez-minify-js 27.30% 4613 / 6345
GET H2	200	vimeoplayer.js Show response www.macobserver.com/wp-content/plugins/link-timestamp/public/js/	16 KB 5 KB	23ms 23ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/link-timestamp/public/js/vimeoplayer.js?screx=1&sxcb=1a&ver=5.8.3 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash cbf6f938fa245288f3b503ca41390a04d32e562b1c0aae536d29800436383086 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:26 GMT content-encoding br etag "40ba-5cc7272a162b0-gzip-gzip" response 200 last-modified Fri, 14 Jan 2022 03:12:22 GMT server nginx display staticcontent_sol x-origin-cache-control x-ezoic-cdn Hit ds;mm;18901c0d60c23f72f793750f31c41ce3;2-317836-5;71627f81-e7bc-4cdd-7d2c-55528db0ccdf content-type application/javascript x-middleton-display staticcontent_sol cache-control public, max-age=31536000 x-ez-minify-js 0.07% 16762 / 16774 x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin
POST H2	200	cookie_sync Show response pb-server.ezoic.com/	581 B 805 B	222ms 9ms	XHR application/json	18.196.33.99
General Check archive.org Show headers Download Go to Full URL https://pb-server.ezoic.com/cookie_sync Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.196.33.99 -, , ASN (), Reverse DNS Software / Resource Hash 93ae66599ab930c14226e3fcfb41291bb871b304321b4713997b18650cb72e21 Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:27 GMT vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://www.macobserver.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 581 expires 0
POST H2	200	auction pb-server.ezoic.com/openrtb2/	163 B 375 B	360ms 150ms	XHR application/json	18.196.33.99
General Check archive.org Show headers Download Go to Full URL https://pb-server.ezoic.com/openrtb2/auction Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.196.33.99 -, , ASN (), Reverse DNS Software / Resource Hash Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:27 GMT vary Origin content-type application/json access-control-allow-origin https://www.macobserver.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 163 expires 0
POST		ortb bid.contextweb.com/header/	0 0
POST H/1.1	200 OK	bid ap.lijit.com/rtb/	94 B 749 B	300ms 94ms	XHR application/json	72.251.249.14
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.0.0 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 72.251.249.14 -, , ASN (), Reverse DNS Software / Resource Hash Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Date Fri, 14 Jan 2022 06:05:27 GMT Content-Encoding gzip Vary Accept-Encoding, User-Agent Access-Control-Allow-Methods GET, POST, DELETE, PUT Content-Type application/json Access-Control-Allow-Origin https://www.macobserver.com Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap1ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 98
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 854 B	15ms 15ms	XHR application/json	185.33.221.87 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:26 GMT X-Proxy-Origin 193.27.14.24; 193.27.14.24; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid a8f5b21e-dbc2-44a1-85bc-c2feebdc9c08 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.macobserver.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	hb hb.undertone.com/	0 452 B	501ms 294ms	XHR text/plain	18.66.248.80
General Check archive.org Show headers Download Go to Full URL https://hb.undertone.com/hb?pid=4009&domain=macobserver.com Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.80 -, , ASN (), Reverse DNS Software istio-envoy / Resource Hash Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:27 GMT via 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront) server istio-envoy x-amz-cf-pop DUS51-P1 x-cache Miss from cloudfront p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV" access-control-allow-origin https://www.macobserver.com cache-control private, max-age=0, no-cache access-control-allow-credentials true x-envoy-upstream-service-time 1 x-amz-cf-id zIAiBglMQUabEXjbpFW1o4g7BfmlClNmHwjFH6F10TiQimGDT5EUqw== expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	fastlane.json fastlane.rubiconproject.com/a/api/	241 B 1 KB	282ms 76ms	XHR application/json	2602:803:c004:200::143
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,7edf3e09a35d92663cb9fbba8e3a5813,1,,,&eid_quantcast.com=P0-1491245777-1642140321154%5E1&rf=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=36c33ceb-9b34-4dcd-9411-e764148c1b4f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.002199586838204315 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::143 -, , ASN (), Reverse DNS Software nginx/1.16.0 / Resource Hash Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:27 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.macobserver.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json fastlane.rubiconproject.com/a/api/	241 B 1 KB	285ms 80ms	XHR application/json	2602:803:c004:200::143
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,7edf3e09a35d92663cb9fbba8e3a5813,1,,,&eid_quantcast.com=P0-1491245777-1642140321154%5E1&rf=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=481b3729-9fb5-415b-a1e2-d24b6b3be3cb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.35066336933862163 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::143 -, , ASN (), Reverse DNS Software nginx/1.16.0 / Resource Hash Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:27 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.macobserver.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json fastlane.rubiconproject.com/a/api/	241 B 1 KB	271ms 66ms	XHR application/json	2602:803:c004:200::143
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,7edf3e09a35d92663cb9fbba8e3a5813,1,,,&eid_quantcast.com=P0-1491245777-1642140321154%5E1&rf=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=874d993d-25a0-43bc-8c00-beef0ddedd96&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5336637281783891 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::143 -, , ASN (), Reverse DNS Software nginx/1.16.0 / Resource Hash Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:27 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.macobserver.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json fastlane.rubiconproject.com/a/api/	241 B 1 KB	266ms 62ms	XHR application/json	2602:803:c004:200::143
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,7edf3e09a35d92663cb9fbba8e3a5813,1,,,&eid_quantcast.com=P0-1491245777-1642140321154%5E1&rf=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=57f39e15-5b49-4104-b97d-0daa8b4ad3fc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.008951166211400574 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::143 -, , ASN (), Reverse DNS Software nginx/1.16.0 / Resource Hash Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:27 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.macobserver.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json fastlane.rubiconproject.com/a/api/	241 B 1 KB	437ms 233ms	XHR application/json	2602:803:c004:200::143
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,7edf3e09a35d92663cb9fbba8e3a5813,1,,,&eid_quantcast.com=P0-1491245777-1642140321154%5E1&rf=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=3285ef1c-0eb4-4170-a05a-0cf70b121a82&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6202507112688327 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::143 -, , ASN (), Reverse DNS Software nginx/1.16.0 / Resource Hash Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:27 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.macobserver.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json fastlane.rubiconproject.com/a/api/	241 B 1 KB	272ms 68ms	XHR application/json	2602:803:c004:200::143
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,7edf3e09a35d92663cb9fbba8e3a5813,1,,,&eid_quantcast.com=P0-1491245777-1642140321154%5E1&rf=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=1b3c3426-c3b7-4435-bbed-cd226d98e438&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0752495004592002 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::143 -, , ASN (), Reverse DNS Software nginx/1.16.0 / Resource Hash Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:27 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.macobserver.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json fastlane.rubiconproject.com/a/api/	241 B 1 KB	343ms 76ms	XHR application/json	2602:803:c004:200::143
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,7edf3e09a35d92663cb9fbba8e3a5813,1,,,&eid_quantcast.com=P0-1491245777-1642140321154%5E1&rf=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=cc21e5ad-cf57-4513-940f-af6fedc68cfd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7785482287230574 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::143 -, , ASN (), Reverse DNS Software nginx/1.16.0 / Resource Hash Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:27 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.macobserver.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json fastlane.rubiconproject.com/a/api/	4 KB 3 KB	344ms 73ms	XHR application/json	2602:803:c004:200::143
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&rp_schain=1.0,1!ezoic.ai,7edf3e09a35d92663cb9fbba8e3a5813,1,,,&eid_quantcast.com=P0-1491245777-1642140321154%5E1&rf=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=b8664cf0-77c6-4ce6-b9b5-a305eb4daa57&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.04445761122336811 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::143 -, , ASN (), Reverse DNS Software nginx/1.16.0 / Resource Hash Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:27 GMT Content-Encoding gzip Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.macobserver.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 1912 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json fastlane.rubiconproject.com/a/api/	240 B 1 KB	355ms 81ms	XHR application/json	2602:803:c004:200::143
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&rp_schain=1.0,1!ezoic.ai,7edf3e09a35d92663cb9fbba8e3a5813,1,,,&eid_quantcast.com=P0-1491245777-1642140321154%5E1&rf=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=293cef1e-e793-4cee-af4b-8246c0cd7063&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4787641422577895 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::143 -, , ASN (), Reverse DNS Software nginx/1.16.0 / Resource Hash Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:27 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.macobserver.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 240 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json fastlane.rubiconproject.com/a/api/	241 B 1 KB	353ms 73ms	XHR application/json	2602:803:c004:200::143
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,7edf3e09a35d92663cb9fbba8e3a5813,1,,,&eid_quantcast.com=P0-1491245777-1642140321154%5E1&rf=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=64774222-9f5c-4fcf-a68c-3be2377437cd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4090685962171057 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::143 -, , ASN (), Reverse DNS Software nginx/1.16.0 / Resource Hash Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:27 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.macobserver.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json fastlane.rubiconproject.com/a/api/	241 B 1 KB	361ms 78ms	XHR application/json	2602:803:c004:200::143
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,7edf3e09a35d92663cb9fbba8e3a5813,1,,,&eid_quantcast.com=P0-1491245777-1642140321154%5E1&rf=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=977aac5f-1602-450a-9ad6-57929f65c239&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.03335107612891175 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::143 -, , ASN (), Reverse DNS Software nginx/1.16.0 / Resource Hash Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:27 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.macobserver.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 366 B	211ms 17ms	XHR application/json	51.89.9.251
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 -, , ASN (), Reverse DNS Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://www.macobserver.com cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
GET H2	204	prebid Show response ads.yieldmo.com/exchange/	0 228 B	224ms 36ms	XHR text/plain	52.49.194.251
General Check archive.org Show headers Download Go to Full URL https://ads.yieldmo.com/exchange/prebid?pbav=6.0.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-macobserver_com-medrectangle-4-0%22%2C%22callback_id%22%3A%22955307c2354be71%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-macobserver_com-medrectangle-4-0_1%22%2C%22callback_id%22%3A%22964d4bf8fbdadc4%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-macobserver_com-medrectangle-4-0_2%22%2C%22callback_id%22%3A%2297c27d29b862388%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-macobserver_com-box-2-0%22%2C%22callback_id%22%3A%22985cc6fba7e0da9%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-macobserver_com-box-2-0_1%22%2C%22callback_id%22%3A%2299a7de2672cb764%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-macobserver_com-box-2-0_2%22%2C%22callback_id%22%3A%2210081eceef5e89d%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-macobserver_com-box-4-0%22%2C%22callback_id%22%3A%2210101be1c4f198fe%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-macobserver_com-medrectangle-2-0%22%2C%22callback_id%22%3A%22102cf9f5c9f9bdc1%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-macobserver_com-medrectangle-1-0%22%2C%22callback_id%22%3A%221037e545960eafd2%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-macobserver_com-large-mobile-banner-1-0%22%2C%22callback_id%22%3A%22104439647e4ba35c%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-macobserver_com-box-1-0%22%2C%22callback_id%22%3A%22105f689719696e3c%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%5D&page_url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&bust=1642140326293&pr=&scrd=1&dnt=false&description=Jeremiah%20Fowler%20together%20with%20the%20Website%20Planet%20research%20team%20found%20an%20unsecured%20Transcredit%20data%20leak%20of%C2%A0822%2C789%20records.&title=TransCredit%20Data%20Leak%20Over%20800%2C000%20Records%20of%20Credit%20Reports%20-%20The%20Mac%20Observer&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%227edf3e09a35d92663cb9fbba8e3a5813%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22quantcast.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22P0-1491245777-1642140321154%22%2C%22atype%22%3A1%7D%5D%7D%5D Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.194.251 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.macobserver.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.macobserver.com pragma no-cache date Fri, 14 Jan 2022 06:05:27 GMT access-control-allow-credentials true x-robots-tag none,NOINDEX,NOFOLLOW access-control-allow-methods POST, GET, OPTIONS access-control-request-headers Cache-Control, Pragma
GET H2	200	army.gif Show response www.macobserver.com/porpoiseant/	0 42 B	15ms 14ms	XHR text/plain	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5Nzg1NzY0NDA4Mjc5MCIsImRvbWFpbl9pZCI6IjMxNzgzNiIsInVuaXQiOiJkaXYtZ3B0LWFkLW1hY29ic2VydmVyX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY0MjE0MDMyMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzAyZDllZGMtZTk2MC00M2FmLTU5NDUtMjdlZmQwZTI3ZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjI5In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODk3ODU3NjQ0MDgyNzkwIiwiZG9tYWluX2lkIjoiMzE3ODM2IiwidW5pdCI6ImRpdi1ncHQtYWQtbWFjb2JzZXJ2ZXJfY29tLWJveC0yLTBfMSIsInRfZXBvY2giOjE2NDIxNDAzMjEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMwMmQ5ZWRjLWU5NjAtNDNhZi01OTQ1LTI3ZWZkMGUyN2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyOSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5Nzg1NzY0NDA4Mjc5MCIsImRvbWFpbl9pZCI6IjMxNzgzNiIsInVuaXQiOiJkaXYtZ3B0LWFkLW1hY29ic2VydmVyX2NvbS1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjQyMTQwMzIxLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMDJkOWVkYy1lOTYwLTQzYWYtNTk0NS0yN2VmZDBlMjdmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMjkifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg5NjE5ODMxNDgwODAzOTkiLCJkb21haW5faWQiOiIzMTc4MzYiLCJ1bml0IjoiZGl2LWdwdC1hZC1tYWNvYnNlcnZlcl9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NDIxNDAzMjEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMwMmQ5ZWRjLWU5NjAtNDNhZi01OTQ1LTI3ZWZkMGUyN2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyOSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 13 Jan 2022 06:05:35 GMT
GET H2	200	army.gif Show response www.macobserver.com/porpoiseant/	0 134 B	11ms 10ms	XHR text/plain	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzkzNjUzMjQ2NDA1MDUzMCIsImRvbWFpbl9pZCI6IjMxNzgzNiIsInVuaXQiOiJkaXYtZ3B0LWFkLW1hY29ic2VydmVyX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTY0MjE0MDMyMSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzAyZDllZGMtZTk2MC00M2FmLTU5NDUtMjdlZmQwZTI3ZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiLTEifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6Ii0xIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5Nzg1NzY0NDA4Mjc5MCIsImRvbWFpbl9pZCI6IjMxNzgzNiIsInVuaXQiOiJkaXYtZ3B0LWFkLW1hY29ic2VydmVyX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY0MjE0MDMyMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzAyZDllZGMtZTk2MC00M2FmLTU5NDUtMjdlZmQwZTI3ZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMzE1In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIzMDAifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODk3ODU3NjQ0MDgyNzkwIiwiZG9tYWluX2lkIjoiMzE3ODM2IiwidW5pdCI6ImRpdi1ncHQtYWQtbWFjb2JzZXJ2ZXJfY29tLWJveC0yLTBfMSIsInRfZXBvY2giOjE2NDIxNDAzMjEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMwMmQ5ZWRjLWU5NjAtNDNhZi01OTQ1LTI3ZWZkMGUyN2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjYzOSJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMzAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5Nzg1NzY0NDA4Mjc5MCIsImRvbWFpbl9pZCI6IjMxNzgzNiIsInVuaXQiOiJkaXYtZ3B0LWFkLW1hY29ic2VydmVyX2NvbS1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjQyMTQwMzIxLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMDJkOWVkYy1lOTYwLTQzYWYtNTk0NS0yN2VmZDBlMjdmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI5NjIifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjMwMCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg5NjE5ODMxNDgwODAzOTkiLCJkb21haW5faWQiOiIzMTc4MzYiLCJ1bml0IjoiZGl2LWdwdC1hZC1tYWNvYnNlcnZlcl9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NDIxNDAzMjEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMwMmQ5ZWRjLWU5NjAtNDNhZi01OTQ1LTI3ZWZkMGUyN2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDQifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 13 Jan 2022 06:05:27 GMT
GET H2	200	youtube_iframe_api.js Show response www.macobserver.com/wp-content/plugins/link-timestamp/public/js/	679 B 490 B	23ms 23ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/link-timestamp/public/js/youtube_iframe_api.js?screx=1&sxcb=1a&ver=5.8.3 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 33a16c50f4ff986f923cd5448f0dd3bfa8e57250d9b05462a018e5434b6a412d Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT content-encoding br x-origin-cache-control display staticcontent_sol x-ezoic-cdn Hit ds;mm;47f1c242a10e6860b5ac0e7b036bae1b;2-317836-5;8bf742e4-f709-490b-7f8d-90976d576e81 x-middleton-display staticcontent_sol x-middleton-response 200 content-length 346 response 200 last-modified Fri, 14 Jan 2022 03:12:23 GMT server nginx etag "2e8-5cc7272a162b0-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type application/javascript cache-control public, max-age=31536000 x-ez-minify-js 8.74% 679 / 744
GET H2	200	www-widgetapi.js Show response s.ytimg.com/yts/jsbin/www-widgetapi-vfl1Omgyb/	24 KB 9 KB	64ms 6ms	Script text/javascript	2a00:1450:4001:82a::200e
General Check archive.org Show headers Download Go to Full URL https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl1Omgyb/www-widgetapi.js Requested by Host: www.macobserver.com URL: https://www.macobserver.com/wp-content/plugins/link-timestamp/public/js/youtube_iframe_api.js?screx=1&sxcb=1a&ver=5.8.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e -, , ASN (), Reverse DNS Software sffe / Resource Hash ffd9fa4c6fc1a96416536df517fa5edf7bebe6274cd0ea9a129e2b0860d7cae5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 03:40:10 GMT content-encoding gzip x-content-type-options nosniff age 181517 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8936 x-xss-protection 0 last-modified Wed, 23 Nov 2016 02:37:27 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=691200 accept-ranges bytes timing-allow-origin https://www.youtube.com cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 20 Jan 2022 03:40:10 GMT
GET H/1.1	200 OK	7e4a0112ddb2063022c76b3a4.js Show response chimpstatic.com/mcjs-connected/js/users/b7cd865e88cc0f8c9c81fc2f7/	50 B 511 B	53ms 14ms	Script application/javascript	104.117.198.163
General Check archive.org Show headers Download Go to Full URL https://chimpstatic.com/mcjs-connected/js/users/b7cd865e88cc0f8c9c81fc2f7/7e4a0112ddb2063022c76b3a4.js Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.117.198.163 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 14 Jan 2022 06:05:27 GMT Last-Modified Mon, 28 Jan 2019 18:29:24 GMT Server AmazonS3 x-amz-request-id FGKJ0JPVRZMZPMQ7 ETag "104d46a3208b40e8ded389332f5a78a3" Content-Type application/javascript Cache-Control max-age=1656 Connection keep-alive Accept-Ranges bytes Content-Length 50 x-amz-id-2 l4TkFGB9zkMw/muYZu7Fms4uB+CAqLiRIwDN0gH9UKYQ9BtGaQ4RgTh2q0G6QOd1+I641stE/Xs= Expires Fri, 14 Jan 2022 06:33:03 GMT
GET H/1.1	200 OK	matomo.js matomo.macobserver.com/	23 KB 0	405ms 101ms	Script application/x-javascript	108.62.116.113
General Check archive.org Show headers Download Go to Full URL https://matomo.macobserver.com/matomo.js Requested by Host: www.macobserver.com URL: https://www.macobserver.com/news/transcredit-leaks-800000/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.62.116.113 -, , ASN (), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / TMO-Modified W3TC/0.13.2 Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 14 Jan 2022 06:05:27 GMT Content-Encoding gzip X-Powered-By TMO-Modified W3TC/0.13.2 Connection Keep-Alive Content-Length 20767 Pragma public Referrer-Policy Last-Modified Tue, 28 Dec 2021 15:53:08 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "f93c-5d436d1543e07-gzip" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control max-age=604800, public Accept-Ranges bytes Keep-Alive timeout=5, max=100 Expires Fri, 21 Jan 2022 06:05:27 GMT
GET H2	200	jquery.blockUI.min.js Show response www.macobserver.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/	9 KB 3 KB	29ms 26ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?screx=1&sxcb=1a&ver=2.7.0-wc.6.0.0 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 01a53461c18a697fe3ea054147d328b17cb499414ce62801f16d82fb63becf46 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT content-encoding br x-origin-cache-control display staticcontent_sol x-ezoic-cdn Hit ds;mm;bfea520affaa5dec4e8c01897d7ad4a4;2-317836-5;dbae79c0-caca-4501-44ea-6441c127bf9f x-middleton-display staticcontent_sol x-middleton-response 200 content-length 3317 response 200 last-modified Fri, 14 Jan 2022 03:57:23 GMT server nginx etag "253d-5d436e505f96c-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type application/javascript cache-control public, max-age=31536000 x-ez-minify-js 0.20% 9718 / 9737
GET H2	200	setuid pb-server.ezoic.com/ Redirect Chain https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D https://pb-server.ezoic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=YeESpuqnxLFs-6tRrxh1vQAA%261198	86 B 451 B	7ms 7ms	Image image/png	18.196.33.99
General Check archive.org Show headers Download Go to Show image Full URL https://pb-server.ezoic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=YeESpuqnxLFs-6tRrxh1vQAA%261198 Protocol H2 Server 18.196.33.99 -, , ASN (), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:27 GMT cache-control no-cache, no-store, must-revalidate content-type image/png content-length 86 vary Origin expires 0 Redirect headers Pragma no-cache Date Fri, 14 Jan 2022 06:05:27 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://pb-server.ezoic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=YeESpuqnxLFs-6tRrxh1vQAA%261198 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 304 Expires Fri, 14 Jan 2022 06:05:27 GMT
GET H2	200	js.cookie.min.js Show response www.macobserver.com/wp-content/plugins/woocommerce/assets/js/js-cookie/	2 KB 1 KB	27ms 25ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?screx=1&sxcb=1a&ver=2.1.4-wc.6.0.0 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash cb57464a659c32a8187b239530348007601866a26ced4ea922286bfb368a1f1c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT content-encoding br x-origin-cache-control display staticcontent_sol x-ezoic-cdn Hit ds;mm;d38d55216c6e3df7eac076d7813388d1;2-317836-5;40e0fa25-fa84-4aea-757a-816589dc8255 x-middleton-display staticcontent_sol x-middleton-response 200 content-length 913 response 200 last-modified Fri, 14 Jan 2022 03:57:21 GMT server nginx etag "72a-5d436e505d25c-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type application/javascript cache-control public, max-age=31536000 x-ez-minify-js 0.38% 1844 / 1851
GET H2	200	woocommerce.min.js www.macobserver.com/wp-content/plugins/woocommerce/assets/js/frontend/	2 KB 904 B	26ms 25ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?screx=1&sxcb=1a&ver=6.0.0 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT content-encoding br x-origin-cache-control display staticcontent_sol x-ezoic-cdn Hit ds;mm;21cbf896b8d4ccf55cdcf594f5ada7dc;2-317836-5;546230c3-b800-455e-44b8-cd574285781c x-middleton-display staticcontent_sol x-middleton-response 200 content-length 735 response 200 last-modified Thu, 13 Jan 2022 09:11:17 GMT server nginx etag "85b-5d436e505e5e4-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type application/javascript cache-control public, max-age=31536000 x-ez-minify-js 0.13% 2260 / 2263
GET H2	200	army.gif www.macobserver.com/porpoiseant/	0 42 B	12ms 8ms	XHR text/plain	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5Nzg1NzY0NDA4Mjc5MCIsImRvbWFpbl9pZCI6IjMxNzgzNiIsInVuaXQiOiJkaXYtZ3B0LWFkLW1hY29ic2VydmVyX2NvbS1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjQyMTQwMzIxLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMDJkOWVkYy1lOTYwLTQzYWYtNTk0NS0yN2VmZDBlMjdmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE4OTc4NTc2NDQwODI3OTAiLCJkb21haW5faWQiOiIzMTc4MzYiLCJ1bml0IjoiZGl2LWdwdC1hZC1tYWNvYnNlcnZlcl9jb20tYm94LTItMF8xIiwidF9lcG9jaCI6MTY0MjE0MDMyMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzAyZDllZGMtZTk2MC00M2FmLTU5NDUtMjdlZmQwZTI3ZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODk3ODU3NjQ0MDgyNzkwIiwiZG9tYWluX2lkIjoiMzE3ODM2IiwidW5pdCI6ImRpdi1ncHQtYWQtbWFjb2JzZXJ2ZXJfY29tLWJveC0yLTBfMSIsInRfZXBvY2giOjE2NDIxNDAzMjEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMwMmQ5ZWRjLWU5NjAtNDNhZi01OTQ1LTI3ZWZkMGUyN2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNjMifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 13 Jan 2022 06:05:25 GMT
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame 8822	14 KB 5 KB	73ms 29ms	Document text/html	2.18.233.180
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,oftmedia,onetag,pubmatic,pulsepoint,rubicon,sovrn,spotx,undertone,unruly,yieldmo&cb=195-0-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 -, , ASN (), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ Response headers last-modified Tue, 15 Jun 2021 06:08:03 GMT etag "1300708-3945-5c4c7cc02bd56" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5054 content-type text/html; charset=UTF-8 cache-control max-age=59461 expires Fri, 14 Jan 2022 22:36:28 GMT date Fri, 14 Jan 2022 06:05:27 GMT vary Accept-Encoding
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 8A4F	42 B 64 B	56ms 41ms	Fetch image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhMa6ZQlLgqzNgkah5dyJoLWhRcmv6Xjby-iLuYd2HSA0voHs8GlzOjf_f1u7b2PXLK2WndLT2LMmW2HtPmghAjNnMmD3sSPKWv1mIf6-r99Cos1jLaQ&sai=AMfl-YTSzvXin7MtIUzp2Q92o3f5_OnvNJMXcA3cHbMm-4afot3Nf1jikVV9mzoJCp8vzzMvMQo4n1GaE_MWbsKpo1NR0bneMajvN8o8TSAu73azrfb_LtF0-0yvy7w5&sig=Cg0ArKJSzK57CbMut1OBEAE&cid=CAASEuRo7_kgnIEjyV5ZAtR0CXKO-g&id=lidar2&mcvt=1000&p=300,650,554,950&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3431401826&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642140325054&rpt=497&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://23b28ba5185adee2438f9824cc4a48a6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jan 2022 06:05:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	wpdiscuz-combo.min.js www.macobserver.com/wp-content/plugins/wpdiscuz/assets/js/	316 KB 65 KB	128ms 128ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/wpdiscuz/assets/js/wpdiscuz-combo.min.js?screx=1&sxcb=1a&ver=7.3.9 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT content-encoding br etag "4d792-5d203a31cac6f-gzip-gzip" response 200 last-modified Fri, 14 Jan 2022 02:58:21 GMT server nginx display staticcontent_sol x-origin-cache-control x-ezoic-cdn Hit ds;mm;9cd51be43495b6e0c8b249ac4f6835e3;2-317836-5;9a01f748-03a9-4e42-512b-db5ab72ddf63 content-type application/javascript x-middleton-display staticcontent_sol cache-control public, max-age=31536000 x-ez-minify-js 0.11% 323092 / 323458 x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,User-Agent,Origin
GET H3	200	integrator.js adservice.google.de/adsid/	107 B 122 B	25ms 24ms	Script application/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.macobserver.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 14 Jan 2022 06:05:27 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js adservice.google.com/adsid/	107 B 122 B	24ms 24ms	Script application/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.macobserver.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 14 Jan 2022 06:05:27 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET		ads securepubads.g.doubleclick.net/gampad/	0 0
GET		ads securepubads.g.doubleclick.net/gampad/	0 0
GET		ads securepubads.g.doubleclick.net/gampad/	0 0
GET		ads securepubads.g.doubleclick.net/gampad/	0 0
GET H2	200	PugMaster image6.pubmatic.com/AdServer/ Frame 8822	0 42 B	69ms 25ms	Script text/plain	185.64.190.78
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55864561&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.78 -, , ASN (), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT content-length 0
GET H2	200	army.gif www.macobserver.com/porpoiseant/	0 42 B	11ms 10ms	XHR text/plain	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5Nzg1NzY0NDA4Mjc5MCIsImRvbWFpbl9pZCI6IjMxNzgzNiIsInVuaXQiOiJkaXYtZ3B0LWFkLW1hY29ic2VydmVyX2NvbS1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjQyMTQwMzIxLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMDJkOWVkYy1lOTYwLTQzYWYtNTk0NS0yN2VmZDBlMjdmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 13 Jan 2022 06:05:30 GMT
GET H2	200	flag.min.js www.macobserver.com/wp-content/plugins/wpdiscuz-report-flagging/assets/js/	2 KB 752 B	21ms 17ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/wpdiscuz-report-flagging/assets/js/flag.min.js?screx=1&sxcb=1a&ver=7.0.7 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT content-encoding br x-origin-cache-control display staticcontent_sol x-ezoic-cdn Hit ds;mm;bca82e89ee1c6c581263db65a0fedff9;2-317836-5;93a929e3-9ba0-4859-4985-60f75d56e9b7 x-middleton-display staticcontent_sol x-middleton-response 200 content-length 582 response 200 last-modified Fri, 14 Jan 2022 00:11:25 GMT server nginx etag "618-5cbf65835d013-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type application/javascript cache-control public, max-age=31536000 x-ez-minify-js 0.18% 1679 / 1682
GET H2	200	quill.mention.min.js www.macobserver.com/wp-content/plugins/wpdiscuz-user-comment-mentioning/js/third-party/quill-mention/	12 KB 4 KB	21ms 21ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/wpdiscuz-user-comment-mentioning/js/third-party/quill-mention/quill.mention.min.js?screx=1&sxcb=1a&ver=1.0.0 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT content-encoding br x-origin-cache-control display staticcontent_sol x-ezoic-cdn Hit ds;mm;c571bab8d1cca984ceb858a0ed1f73bb;2-317836-5;bdf44f67-9b65-4643-4648-daab7fda8e3a x-middleton-display staticcontent_sol x-middleton-response 200 content-length 3397 response 200 last-modified Fri, 14 Jan 2022 02:12:25 GMT server nginx etag "2e88-5d203a3848a47-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type application/javascript cache-control public, max-age=31536000 x-ez-minify-js 0.00% 11912 / 11912
GET H2	200	wpdiscuz-ucm.js www.macobserver.com/wp-content/plugins/wpdiscuz-user-comment-mentioning/js/	6 KB 2 KB	18ms 18ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.macobserver.com/wp-content/plugins/wpdiscuz-user-comment-mentioning/js/wpdiscuz-ucm.js?screx=1&sxcb=1a&ver=1.0.0 Requested by Host: www.macobserver.com URL: https://www.macobserver.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y34-23y53-1y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x34x53x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.macobserver.com/news/transcredit-leaks-800000/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 06:05:27 GMT content-encoding br x-origin-cache-control display staticcontent_sol x-ezoic-cdn Hit ds;mm;5b5579caac897ac8157d261eff1c87c7;2-317836-5;b9702755-9563-4fa8-61ef-3d75853200fb x-middleton-display staticcontent_sol x-middleton-response 200 content-length 1553 response 200 last-modified Fri, 14 Jan 2022 00:11:25 GMT server nginx etag "2259-5d203a384865f-gzip-gzip" vary Accept-Encoding, Accept-Encoding,User-Agent,Origin content-type application/javascript cache-control public, max-age=31536000 x-ez-minify-js 34.72% 5901 / 9039
GET		mailchimp-woocommerce-public.min.js www.macobserver.com/wp-content/plugins/mailchimp-for-woocommerce/public/js/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

c.amazon-adsystem.com

URL

https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.macobserver.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4

Domain

bid.contextweb.com

URL

https://bid.contextweb.com/header/ortb?src=prebid

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2066825233645634&correlator=3010515873557789&output=ldjh&impl=fifs&eid=31060889&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1254144%2Cmacobserver_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=1&rcs=3&prev_scp=a%3D%257C3%257C%26iid1%3D8961983148080399%26eid%3D8961983148080399%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dmacobserver_com-medrectangle-2-8961983148080399%26eb_br%3D947f1d5169cc7d0f997560e34838fb04%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D15%26bvm%3D0%26bvr%3D5%26shp%3D1%26ftsn%3D3%26br1%3D42%26br2%3D180%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C14%2C0%2C4%2C0%2C193%2C20%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C20%2C17%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D100%26reqt%3D1642140326673%26hb_bidder%3Drubicon%26hb_adid%3D1087abc671f851a9%26hb_format%3Dbanner%26hb_ssid%3D10063%26hb_opt%3D0.15%26hb_rt%3Dclient&eri=1&cookie=ID%3D9718d19c6294c089%3AT%3D1642140322%3AS%3DALNI_Mb5ybKn_jTBLk2TYCa3ixcuZOZpiA&bc=31&abxe=1&lmt=1642140326&dt=1642140326686&dlt=1642140320810&idt=285&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=2077988210&ucis=5&ifi=15&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2102813519.1642140321&ga_sid=1642140322&ga_hid=365389118&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2066825233645634&correlator=1205644279247613&output=ldjh&impl=fifs&eid=31060889&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1254144%2Cmacobserver_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=3&prev_scp=a%3D%257C3%257C%26iid1%3D1897857644082790%26eid%3D1897857644082790%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dmacobserver_com-box-2-1897857644082790%26eb_br%3D9ae587f95e95c876b7b76fd4c72a3838%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D0%26bvm%3D2%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D180%26br2%3D140%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D200%26reqt%3D1642140326697&eri=1&cookie=ID%3D9718d19c6294c089%3AT%3D1642140322%3AS%3DALNI_Mb5ybKn_jTBLk2TYCa3ixcuZOZpiA&bc=31&abxe=1&lmt=1642140326&dt=1642140326705&dlt=1642140320810&idt=285&frm=20&biw=1600&bih=1200&oid=2&adxs=962&adys=300&adks=3431401827&ucis=4&ifi=16&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&vis=1&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2102813519.1642140321&ga_sid=1642140322&ga_hid=365389118&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2066825233645634&correlator=2713493634752812&output=ldjh&impl=fifs&eid=31060889&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1254144%2Cmacobserver_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=3&prev_scp=a%3D%257C1%257C%26iid1%3D1897857644082790%26eid%3D1897857644082790%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dmacobserver_com-box-2-1897857644082790%26eb_br%3D9ae587f95e95c876b7b76fd4c72a3838%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D0%26bvm%3D2%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D180%26br2%3D140%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D200%26reqt%3D1642140326709&eri=1&cookie=ID%3D9718d19c6294c089%3AT%3D1642140322%3AS%3DALNI_Mb5ybKn_jTBLk2TYCa3ixcuZOZpiA&bc=31&abxe=1&lmt=1642140326&dt=1642140326721&dlt=1642140320810&idt=285&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=300&adks=32735598&ucis=2&ifi=17&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&vis=1&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2102813519.1642140321&ga_sid=1642140322&ga_hid=365389118&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2066825233645634&correlator=105949452826599&output=ldjh&impl=fifs&eid=31060889&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1254144%2Cmacobserver_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=3&prev_scp=a%3D%257C1%257C%26iid1%3D3936532464050530%26eid%3D3936532464050530%26t%3D134%26d%3D317836%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D10%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dmacobserver_com-box-1-3936532464050530%26eb_br%3Db6c98a8bb15764f1c4ee331dcb724178%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D3%26acptad%3D1%26br1%3D2%26br2%3D220%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C17%2C19%2C20%2C17%2C19%2C20%2C17%2C18%2C19%2C20%2C1428%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D26%26reqt%3D1642140326725&eri=1&cookie=ID%3D9718d19c6294c089%3AT%3D1642140322%3AS%3DALNI_Mb5ybKn_jTBLk2TYCa3ixcuZOZpiA&bc=31&abxe=1&lmt=1642140326&dt=1642140326743&dlt=1642140320810&idt=285&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1235169102&ucis=1&ifi=18&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.macobserver.com%2Fnews%2Ftranscredit-leaks-800000%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2102813519.1642140321&ga_sid=1642140322&ga_hid=365389118&ga_fc=true&fws=644&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Domain

www.macobserver.com

URL

https://www.macobserver.com/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?screx=1&sxcb=1a&ver=2.5.4