mcc.exchange Open in urlscan Pro
2606:4700:3037::6815:1b5a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Submission: On February 27 via api (February 27th 2022, 1:19:03 am UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 64 HTTP transactions. The main IP is 2606:4700:3037::6815:1b5a, located in United States and belongs to CLOUDFLARENET, US. The main domain is mcc.exchange.
TLS certificate: Issued by E1 on February 19th 2022. Valid for: 3 months.

This is the only time mcc.exchange was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	2606:4700:303... 2606:4700:3037::6815:1b5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:fb:... 2a02:26f0:fb:5a1::1833	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 1	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
64	12

28 2606:4700:3037::6815:1b5a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mcc.exchange	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:fb:5a1::1833 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

images.hindustantimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.21 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	mcc.exchange 1 redirects mcc.exchange	640 KB
16	google.com adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2400	102 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	222 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 37	10 KB
2	gstatic.com fonts.gstatic.com	44 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1536	3 KB
2	hindustantimes.com images.hindustantimes.com — Cisco Umbrella Rank: 46458	192 KB
1	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2530	650 B
1	google.ca adservice.google.ca — Cisco Umbrella Rank: 12901	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	646 B
64	10

	Domain	Requested by
28	mcc.exchange	1 redirects mcc.exchange
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	pagead2.googlesyndication.com	mcc.exchange pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	mcc.exchange
2	www.paypalobjects.com	mcc.exchange
2	images.hindustantimes.com	mcc.exchange
1	www.google.com	tpc.googlesyndication.com
1	www.paypal.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.ca	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
64	13

This site contains links to these domains. Also see Links.

Domain
www.bing.com
r.kraken.com
www.coinspot.com.au

Subject Issuer	Validity	Valid
*.mcc.exchange E1	`2022-02-19` - `2022-05-20`	3 months	crt.sh
www.hindustantimes.com DigiCert ECC Secure Server CA	`2022-02-17` - `2023-02-17`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Frame ID: A43B958782E98DCE82B828D11EF0AC93
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html
Frame ID: 9994403CD473D374BCED6E0FEB52451A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5186237273987351&output=html&adk=1812271804&adf=3025194257&lmt=1645924738&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmcc.exchange%2F2022%2F02%2F26%2Fcoinbase-needs-more-than-a-bitcoin-giveaway%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645924738033&bpp=2&bdt=828&idt=121&shv=r20220223&mjsv=m202202230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5973058194832&frm=20&pv=2&ga_vid=721290620.1645924738&ga_sid=1645924738&ga_hid=439192782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064037%2C31065251%2C31065346%2C31060566%2C44758226%2C31064019&oid=2&pvsid=3561971353307162&pem=148&tmod=588933508&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=134
Frame ID: 9F4C428A1A3401F058F7EE706F4C935D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 603064C866C78D43004029B9DA25223C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D07771EA588ABE6465372338B41C4442
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Coinbase needs more than a Bitcoin giveaway | MCC.EXCHANGE

Page URL History Show full URLs

https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway HTTP 301
https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

64
Requests

98 %
HTTPS

77 %
IPv6

10
Domains

13
Subdomains

12
IPs

2
Countries

1213 kB
Transfer

2289 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bing.com/news/apiclick.aspx?ref=FexRss&aid=&tid=A79361985C444122B069F79D33171F7C&url=https%3a%2f%2ftech.hindustantimes.com%2ftech%2fnews%2fcoinbase-needs-more-than-a-bitcoin-giveaway-71645764715273.html&c=12967125249075138202&mkt=en-us
Title: Source

Search URL Search Domain Scan URL

URL: https://r.kraken.com/c/2329831/696525/10583
Title: <img loading="lazy" src="https://mcc.exchange/wp-content/uploads/2021/09/Kraken-Logo.png" alt="Karaken" class="wp-image-215110" width="113" height="113"/>

Search URL Search Domain Scan URL

URL: https://www.coinspot.com.au/?affiliate=KE56R
Title: <img loading="lazy" src="https://mcc.exchange/wp-content/uploads/2021/09/Coinspot-Logo-225X225.jpg" alt="CoinSpot" class="wp-image-215120" width="113" height="113"/>

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway HTTP 301
https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://www.paypal.com/en_AU/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_AU/i/scr/pixel.gif

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Redirect Chain

https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway
https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/

149 KB
27 KB

319ms
319ms

Document
text/html

2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b11b5db4aeadd7805dea3091563ae8ac2f3cc0ebb3c9f6ed038b6da25902c0a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-type: text/html; charset=UTF-8
link: <https://mcc.exchange/wp-json/>; rel="https://api.w.org/", <https://mcc.exchange/wp-json/wp/v2/posts/269383>; rel="alternate"; type="application/json", <https://mcc.exchange/?p=269383>; rel=shortlink
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cC%2F3VudFLBVm6C1cmtC0YsjBs2dslOYCYzdsNkPB57Ww1QVHKPl0XVC4NA7fFZrUqS7ShY%2BJ4hcxPM4QKIKKVAbTljBZhXt9jLErWGdItLRnsA1p7l6SVZkBmjeI7JMJWzpW2aSzjt%2B%2F8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e3d950589bd695b-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sun, 27 Feb 2022 01:18:56 GMT
content-type: text/html; charset=UTF-8
location: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
x-redirect-by: WordPress
vary: User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHDiw4%2BW%2FwaJA8y%2FaDz7LhxB1XKB%2FTxOgzP%2F8traFqiswB6vvFUXJDGrSbXJkKhXf2JZwx5khR8OBSSPqFvuPQ9yIHAxPu8664IdeqME0N86E0NAPfcqhv1jT644ZKy8c5zVX91veqO50QU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e3d9502ceaf695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 style.min.css
mcc.exchange/wp-includes/css/dist/block-library/ 81 KB
12 KB 374ms
374ms Stylesheet
text/css 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/wp-includes/css/dist/block-library/style.min.css?ver=5.9.1
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Feb 2022 18:35:50 GMT
server: cloudflare
etag: W/"145a9-5d89f9e4f799f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udbOdWfWlA4I%2FdhSHMqQBINDXofvlaPD%2B4Exg6bPVrWycZotKlUY6KN6UrlAzf5s489PO7Z4kmpdNXOxiIDmpxtDUx8HgU01ETTVaZKtxcqge24JBEMIV4Hea5GSYFohJXAaM0tsLqaCSiU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3d9507a96b90ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.lazyloadxt.spinner.css
mcc.exchange/wp-content/plugins/a3-lazy-load/assets/css/ 311 B
735 B 302ms
302ms Stylesheet
text/css 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=5.9.1
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Feb 2022 03:12:13 GMT
server: cloudflare
etag: W/"137-5d82e21f69fb1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YOC%2FICku%2FIwDm7qoVUdy%2B1co3rAV6NrN3O7%2FadSAQ5BK%2BYLP8mvCckc3Bsy885LGrKH82IEfjly0qNzG53NM6kn1oQSzVJiFcYUtfqRDhkyHv6zbOg2IZYnWvV0rnfXmig%2FBGDnayHToi8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3d950819d290ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 a3_lazy_load.min.css
mcc.exchange/wp-content/uploads/sass/ 127 B
640 B 312ms
312ms Stylesheet
text/css 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/wp-content/uploads/sass/a3_lazy_load.min.css?ver=1645067688
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Feb 2022 03:14:48 GMT
server: cloudflare
etag: W/"7f-5d82e2b2ef98c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeGEyi9FrZnzfgW0OUOv7gigyhs%2Fv7YMGyhUF5eXPLP06TfyOpRCXSnKp08PMxRCb1FC4v6rDbbTY5EKv%2FsLS1vzeFcY2cImj8RgHnpQxyTqqYx5C8GYUmUW5%2BP%2Ba8CPicNo243HgkwPNXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3d950819d490ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 et-divi-customizer-global.min.css
mcc.exchange/wp-content/et-cache/global/ 4 KB
1 KB 310ms
310ms Stylesheet
text/css 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1645748382
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2c7ae1802a74557c1dd1356ee57a4a8b1cc9398ed1949249a2df2d051baaf93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 25 Feb 2022 00:19:42 GMT
server: cloudflare
etag: W/"1058-5d8cca7b32621-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cSopGD%2FAWJrEPV4diba03UqZqRldff0U9Ve%2Bi2QUSQYRqxCn5nnbWtGDYowDD3WFwAFonsOlGGvvqvibP59DOYgagLFc%2F0dcsmD3%2B%2BnUfaDnIqMMQ5aJhqQvGnWD2t8pgL8vz6rfjjNKgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3d950819d590ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 invisible.js Show response
mcc.exchange/cdn-cgi/challenge-platform/h/g/scripts/ 44 KB
16 KB 30ms
30ms Script
text/javascript 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad176763c363ca77472cd3887c89daa29ccc6a00b5c9421c0a9b14fe26507af0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjN3N6Skx3BEcE2OzhahCx5VhPrmt9BFKahWKKlLMlzXU0lzjszjEdlpI5mmh8b0x%2BJDBW2Ng7VkSy1PXeIxj48w3HLvXO0WpR8QRxfJZ2%2Bx9DxCMxFxyNnbmfJHgfg3Xa8Wca5opzcFE2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6e3d950819db90ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 MCC-Transparent.png
mcc.exchange/wp-content/uploads/2022/02/ 141 KB
142 KB 485ms
484ms Image
image/png 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcc.exchange/wp-content/uploads/2022/02/MCC-Transparent.png
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863564ec7eae8ddc8ae70903df03dd09ba8705eb64a408b72127857e30853982

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
cf-cache-status: MISS
last-modified: Sun, 13 Feb 2022 13:46:41 GMT
server: cloudflare
etag: "233d5-5d7e687a615f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b84TXGIJKLUvj%2BDlekTvXnzRfbiz%2FiaGhAWcUyShtoXF6d6%2BWTvABTeVYZfjPaqIIeJ1J%2Fwuvz%2B3u2RCGBcn9WaZ5iqNsNRT8YmxKRO%2B1wp%2Bo2NqC2g%2FLg6Tca0aVEiigDzeQpcnI1iy3eQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e3d950819dd90ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 144341

GET
H2 200 FINTECH-CRYPTO-COINBASE-GLOBAL-1_1645806366539_1645806380514.JPG
images.hindustantimes.com/tech/img/2022/02/25/1600x900/ 96 KB
96 KB 90ms
20ms Image
image/jpeg 2a02:26f0:fb:5a1::1833
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.hindustantimes.com/tech/img/2022/02/25/1600x900/FINTECH-CRYPTO-COINBASE-GLOBAL-1_1645806366539_1645806380514.JPG
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:fb:5a1::1833 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 07847e87c13587a37e8b597c6740f0f4c9cbb40c9fab7da73a6b3ecb4cb31983

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
last-modified: Fri, 25 Feb 2022 18:20:46 GMT
server: Akamai Image Manager
etag: "687d732a86347c0e6ee92ac04b270d6b"
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-transform, max-age=2480433
content-length: 97799
expires: Sun, 27 Mar 2022 18:19:30 GMT

GET
H3 200 lazy_placeholder.gif
mcc.exchange/wp-content/plugins/a3-lazy-load/assets/images/ 42 B
592 B 314ms
313ms Image
image/gif 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcc.exchange/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 17 Feb 2022 03:12:13 GMT
server: cloudflare
etag: "2a-5d82e21f6e9e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SieMZaIi9M3TvecA5BWKO3%2BYzKwOyu3oNCQrKChBasO4weL6XWR%2BXxjHFilVg01keRwM%2FZUfjapTT2YGTvp0O3mEVvH1QNSZgwG%2FOWBL7%2F3gcES2XJLh1dO5iGF7Ce9FZmoe2SPr5GXGd5E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e3d950819df90ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

GET
H2 200 btn_donateCC_LG.gif
www.paypalobjects.com/en_AU/i/btn/ 2 KB
2 KB 119ms
16ms Image
image/gif 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_AU/i/btn/btn_donateCC_LG.gif

Requested by

Host: mcc.exchange
URL: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c8c5d0f0dc55cf4a180bab12c0b321ff6c3bff175eb34d62220e368dc318e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=1934 idim=99x47 ifmt=gif ofsz=1933 odim=99x47 ofmt=gif
paypal-debug-id: 2c05f2ee9b949
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 1933
x-served-by: cache-sjc10046-SJC, cache-hhn4029-HHN
x-timer: S1645924737.401212,VS0,VE1
etag: "xgoOW0UIsKisnTWUEbnGACJtjaAQeScOgL8JMJf1ZM8"
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 13, 1

GET
H3 200 rocket-loader.min.js Show response
mcc.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 19ms
18ms Script
application/javascript 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mcc.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: mcc.exchange
URL: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Feb 2022 21:08:07 GMT
server: cloudflare
etag: W/"6216a237-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0EfcV0ghyMaI3tP%2FcHp69gU5lJaxmVODkVvBvU0nSjfffCMdr6ai30VokJWOLqW8YuxWPhI6DwHf%2FRwsLkToU%2BxxEGjOxz035bpt0%2BApnvffEOFA5%2FZ%2BJr3gBLva%2BMedlVVvMqzUNd0WEcw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3d950819e090ee-FRA
vary: Accept-Encoding
expires: Tue, 01 Mar 2022 01:18:57 GMT

GET
H3 200 common.js Show response
mcc.exchange/wp-content/themes/Divi/core/admin/js/ 1 KB
1 KB 283ms
283ms Script
application/javascript 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.7
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Feb 2022 08:00:12 GMT
server: cloudflare
etag: W/"53f-5d7f5ce5657ab-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7nZOQbpcr%2BEExT8SjefPHX3%2Fwflj1mLgwKDwrxMrnRihmdJIDW19LdclUvaAOjs20P2UQetIKrPquZmj4WMJgvRustKe1JzXeoF46KwOV1%2FyjYYaxeUuswnEMGwCpEFtDiGt0YyJI1Ga%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3d950a1b6e90ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.lazyloadxt.extend.js Show response
mcc.exchange/wp-content/plugins/a3-lazy-load/assets/js/ 1 KB
923 B 290ms
290ms Script
application/javascript 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.4.9
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a819d7548b9c102d7776cb645212ca1e324ac2de2170598699061e29bc6cbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 17 Feb 2022 03:12:13 GMT
server: cloudflare
etag: W/"415-5d82e21f70159-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNtdxbPod4pVAms4POowfPYOZjS7d3A0z18gDmjX6sRcFQOYNv4Fw9jLw%2Fy3IDsYeQBcSTqFGIk%2FqwAr8GRnwPshKHxPp58KK7%2Butcq%2FZQ4B2xAPfaok2aOR%2Fv2APZCWK1xvnl8AOqRCIwM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3d950a1b6f90ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.lazyloadxt.srcset.min.js Show response
mcc.exchange/wp-content/plugins/a3-lazy-load/assets/js/ 2 KB
1 KB 326ms
326ms Script
application/javascript 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.4.9
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Feb 2022 03:12:13 GMT
server: cloudflare
etag: W/"625-5d82e21f70d11-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNoYTi5Y%2FyFFaSHxlMjXT5l98Ys6s7l7pEFiE9Bc5t0HScKcaU%2FZ2NDS7xn4B7yF9SJ%2B6r3c1xzpTj7fTOfQnp3CXoqs6kZE5gT9EHdWK3AUaS0N9lJw8Z1IDu0FlXnvEVW%2FnWOgowgLgb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3d950a1b7090ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.lazyloadxt.extra.min.js Show response
mcc.exchange/wp-content/plugins/a3-lazy-load/assets/js/ 3 KB
2 KB 306ms
305ms Script
application/javascript 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.4.9
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Feb 2022 03:12:13 GMT
server: cloudflare
etag: W/"bc7-5d82e21f70541-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1W%2F4S0us66v0OSXkVx8pklLZLF2gfvapASOzrni7PUTdVmJaL6Ro%2BTf%2F56jCPQ1nZ0Kn25UnHPtG6tygtew%2BQxaIdIMd4nV2AZ0QfyzbBxzBwly%2F7SyRwS0yDzHOG9xG2yFwAPEIkDOWKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3d950a1b7390ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.fitvids.js Show response
mcc.exchange/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 3 KB
2 KB 415ms
414ms Script
application/javascript 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.14.7
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Feb 2022 08:00:13 GMT
server: cloudflare
etag: W/"d15-5d7f5ce62bf73-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UE%2BODNwYdcI%2BEsdgyCJ%2FdTC0jLIBojxetPfcKN%2BG6EWunfG3Msq%2Bg4X7dIAQK9yP%2BbjFN9luM8KUV1OOQS4t1PiE8SMvV1B9KhdOZad1ugPS3WVXyERDGAITrKjTA6CqLsZl7qMObdEEJLw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3d950a1b7490ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 scripts.min.js Show response
mcc.exchange/wp-content/themes/Divi/js/ 266 KB
60 KB 593ms
592ms Script
application/javascript 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/wp-content/themes/Divi/js/scripts.min.js?ver=4.14.7
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79f960e88ce4fb72928d7261f8ae177be9149a78c585b4be72e6f29799b19ec9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Feb 2022 08:00:14 GMT
server: cloudflare
etag: W/"429e9-5d7f5ce72347b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDjIy2rVK9w279489xVOwPnOTDpR0X%2Fd7zwoIAQAlptEP%2FGxKtW80syyLsb2YqCoJtJ1XhYgb8VSqX4%2B38cwb%2BRntwaCEVe5SdzIpRWMKYySOz6%2F3T0rC0i4PITNJPVSW%2BXcyswjEyCCh8I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3d950a1b7a90ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
mcc.exchange/wp-includes/js/jquery/ 11 KB
5 KB 334ms
333ms Script
application/javascript 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Jan 2021 15:48:51 GMT
server: cloudflare
etag: W/"2bd8-5b92ea88cfec0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0z6i0%2BK%2B%2BmYR4z5b%2BGYdOnc368dKCsJ7V6lM7aBt%2FMIsr%2BBlmcHBkI8yALsnvMLgozerMJdR4U5uxUCulDOXabg5nsWhxVICnFyll0G%2FXYxwGQ%2FO4tGWzsCFMmeOYIWP5kM1UJdTfC7skIo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3d950a1b7b90ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
mcc.exchange/wp-includes/js/jquery/ 87 KB
32 KB 404ms
403ms Script
application/javascript 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 21 Jul 2021 08:50:11 GMT
server: cloudflare
etag: W/"15db1-5c79e421536c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrJoKvguvgpZF0yQ%2BHuZCMocO1RNIWZxRzSXTdkt2VVsFFDU51N8wSGwwTA2esUh5R3gNwuht%2FZUAffFWi6z%2B1H2NE%2FaMwMY7htxbm39ZAXy1Pb0bPUiLgGq%2F%2FpS7Wfy3cAKvjakdPcwhJU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3d950a1b7d90ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 comment-reply.min.js Show response
mcc.exchange/wp-includes/js/ 3 KB
2 KB 300ms
300ms Script
application/javascript 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/wp-includes/js/comment-reply.min.js?ver=5.9.1
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 06:36:00 GMT
server: cloudflare
etag: W/"ba3-5d6766a3df8e9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IP3rKX0UCZzZDPG4Aws%2FsbCbuevoLceAxg5iFcW%2BG1mDX1ItnTSrQK61HoIKn3nB7Qn2rMXoB9C%2BZBDLgjlugcutaViakdBTL44Z4ZUTyJjteBYxK20XVgir%2FjIdW%2BkOkewCJ1G8OAqUQeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3d950a1b7e90ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 79ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5186237273987351

Requested by

Host: mcc.exchange
URL: https://mcc.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7790e74e8c62fd24bd4c9f9d159139273cf5dbe28ca1134c286489f11b62fa2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcc.exchange/
Origin: https://mcc.exchange
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53885
x-xss-protection: 0
server: cafe
etag: 6811886453546111940
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 27 Feb 2022 01:18:57 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 22 KB
22 KB 59ms
17ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2

Requested by

Host: mcc.exchange
URL: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6849c2f6dd45325e6d5761c53db3dd6ecf99158e9cf1eb3b4e35f7e4025cb5c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcc.exchange/
Origin: https://mcc.exchange
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 03:00:35 GMT
x-content-type-options: nosniff
age: 339502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22096
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:47 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 03:00:35 GMT

GET
H3 200 loading.gif
mcc.exchange/wp-content/plugins/a3-lazy-load/assets/css/ 2 KB
2 KB 401ms
401ms Image
image/gif 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcc.exchange/wp-content/plugins/a3-lazy-load/assets/css/loading.gif
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=5.9.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=5.9.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:58 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Feb 2022 03:12:13 GMT
server: cloudflare
etag: "69a-5d82e21f69fb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpp%2FFMvdCm%2FyR4fbVbRBxaTWCQbQQpnxN2zJwPYWsTvpH7qi4yX2URLyR6dF61Nd002RbtDRkNqWS%2FSgtNHfeGr8%2FICgqnHE1qotDvnkOPfMm%2BKkMh28MXj6T1VQCMCdIqZFxlgOC8%2BLric%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e3d950a1b8190ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1690

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 22 KB
22 KB 68ms
30ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2

Requested by

Host: mcc.exchange
URL: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7996a13ba28f47d09f223e3ab1971511b8390b708862b5f05be497d644845538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcc.exchange/
Origin: https://mcc.exchange
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 02:58:32 GMT
x-content-type-options: nosniff
age: 339625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22096
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:47 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 02:58:32 GMT

GET
H3 200 modules.ttf
mcc.exchange/wp-content/themes/Divi/core/admin/fonts/modules/base/ 6 KB
7 KB 319ms
319ms Font
application/x-font-ttf 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.ttf
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c51f9fb51890524ad066fb1b4b69d7dc2bd923e182eb4df6d880ea593d2ce4e

Request headers

Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Origin: https://mcc.exchange
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
cf-cache-status: MISS
last-modified: Mon, 14 Feb 2022 08:00:12 GMT
server: cloudflare
etag: W/"1854-5d7f5ce5580d3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxYMfjhtPDa73ph7s%2Ba9bJJDQbSGiRPCEtPNhppI8CFj0HezaIoXYKFMIB%2F%2Bn8%2B5p4mxXB5GAKb60hKiRYNebL2VPoPb7JR%2BrjYmJM0Wm3i4T7eXo53HElBoW4ekVIWpaIxBR2LEew25XRE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3d950a2b8590ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
mcc.exchange/cdn-cgi/challenge-platform/h/g/scripts/ 19 KB
7 KB 28ms
28ms Other
text/javascript 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3e1433ca4c2978f18594eaf7d4338f1bccaf088b4f3c51f14b64071ab5923b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DiZiibVUAWJxqYsTAShkO0xFVbycvkcOVRKZmgvMAiBnnq78kzqaa%2FBHZKSD5emKkzJLYy3M%2BMokkSVKYo8wG0%2FgNKvlKvm%2FsTzkQp69CSCF2WNj84pHqGY5sPR239eUOUFhODzu0E75ko%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6e3d950a3ba890ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 6e3d950589bd695b Show response
mcc.exchange/cdn-cgi/challenge-platform/h/g/cv/result/ 2 B
689 B 39ms
39ms XHR
text/plain 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcc.exchange/cdn-cgi/challenge-platform/h/g/cv/result/6e3d950589bd695b
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Feb 2022 01:18:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e3d950bbcdb90ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8H5JJAL2Z55Mg32fO0g8UmAZHdBwj6xBi4gxbu6sLoiwpv0tLLeBQfCCCl11jfqLhIkyVN3Z3NWl168AxHqkaSQX%2FaYll0Vfv7P7T7lE3IFziOtYeK%2Beg6iU4MJFv9ClVcalsDfGrUEp3k%3D"}],"group":"cf-nel","max_age":604800}

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202230101/ 291 KB
105 KB 70ms
46ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202230101/show_ads_impl_fy2019.js?bust=31065346

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5186237273987351

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b796eae5f9e99e26029677605d2bd85b20b10128540c02c42634f24f67c8fe93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107190
x-xss-protection: 0
server: cafe
etag: 1627588237054556879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Feb 2022 01:18:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/ Frame 9994 10 KB
5 KB 58ms
16ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5186237273987351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sat, 26 Feb 2022 04:58:03 GMT
expires: Sat, 12 Mar 2022 04:58:03 GMT
cache-control: public, max-age=1209600
age: 73255
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
646 B 66ms
23ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mcc.exchange&callback=_gfp_s_&client=ca-pub-5186237273987351

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202230101/show_ads_impl_fy2019.js?bust=31065346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e4e5e103a4446c8becd87e38e7306133c1ac5069c7c2a11bdb236e596a11ef99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 69ms
26ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=mcc.exchange

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202230101/show_ads_impl_fy2019.js?bust=31065346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Feb 2022 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 67ms
25ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mcc.exchange

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202230101/show_ads_impl_fy2019.js?bust=31065346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Feb 2022 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9F4C 21 KB
5 KB 258ms
233ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5186237273987351&output=html&adk=1812271804&adf=3025194257&lmt=1645924738&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmcc.exchange%2F2022%2F02%2F26%2Fcoinbase-needs-more-than-a-bitcoin-giveaway%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645924738033&bpp=2&bdt=828&idt=121&shv=r20220223&mjsv=m202202230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5973058194832&frm=20&pv=2&ga_vid=721290620.1645924738&ga_sid=1645924738&ga_hid=439192782&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064037%2C31065251%2C31065346%2C31060566%2C44758226%2C31064019&oid=2&pvsid=3561971353307162&pem=148&tmod=588933508&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202230101/show_ads_impl_fy2019.js?bust=31065346

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e39344a0037a6d97ab4d2d56b7e3d2647ea833453f5a846a53daec49f08bdfb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 27 Feb 2022 01:18:58 GMT
server: cafe
content-length: 5068
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 27 Feb 2022 01:18:58 GMT
cache-control: private

GET
H3 200 MCC-Transparent.png
mcc.exchange/wp-content/uploads/2022/02/ 141 KB
142 KB 22ms
22ms Image
image/png 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcc.exchange/wp-content/uploads/2022/02/MCC-Transparent.png
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/wp-content/themes/Divi/js/scripts.min.js?ver=4.14.7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863564ec7eae8ddc8ae70903df03dd09ba8705eb64a408b72127857e30853982

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 144341
last-modified: Sun, 13 Feb 2022 13:46:41 GMT
server: cloudflare
etag: "233d5-5d7e687a615f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKps5g5qc%2FgLqwEDy1AUeWMLwV9GF%2FL2Y4Y305m6j%2BDHL3aYDs6kUfq9Dfq7Rd9Kh1SqSw3BL45WBWHZ3yp%2B8U1fhhqwa88d2vGldlawNee%2BQ9G5ASbCc6BMcOrbhRoHKMPIsKxREoSD1OA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 6e3d950e0ed290ee-FRA

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 57ms
33ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220223&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202230101/show_ads_impl_fy2019.js?bust=31065346

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d74b97b7b3a543e1629d9ebdef5afe06853812cefcfdf40e325d93c1383d5235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Feb 2022 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9738
x-xss-protection: 0

GET
H2 200 FINTECH-CRYPTO-COINBASE-GLOBAL-1_1645806366539_1645806380514.JPG
images.hindustantimes.com/tech/img/2022/02/25/1600x900/ 96 KB
96 KB 19ms
19ms Image
image/jpeg 2a02:26f0:fb:5a1::1833
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.hindustantimes.com/tech/img/2022/02/25/1600x900/FINTECH-CRYPTO-COINBASE-GLOBAL-1_1645806366539_1645806380514.JPG
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.4.9
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:fb:5a1::1833 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 07847e87c13587a37e8b597c6740f0f4c9cbb40c9fab7da73a6b3ecb4cb31983

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:58 GMT
last-modified: Fri, 25 Feb 2022 18:20:46 GMT
server: Akamai Image Manager
etag: "687d732a86347c0e6ee92ac04b270d6b"
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-transform, max-age=2480432
content-length: 97799
expires: Sun, 27 Mar 2022 18:19:30 GMT

GET
H2

200

pixel.gif
www.paypalobjects.com/en_AU/i/scr/
Redirect Chain

https://www.paypal.com/en_AU/i/scr/pixel.gif
https://www.paypalobjects.com/en_AU/i/scr/pixel.gif

42 B
280 B

15ms
15ms

Image
image/gif

151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_AU/i/scr/pixel.gif

Protocol

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id: 73faa7bc8153
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 42
x-served-by: cache-sjc10061-SJC, cache-hhn4029-HHN
x-timer: S1645924738.470535,VS0,VE0
etag: "dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
x-cache-hits: 3, 2

Redirect headers

date: Sun, 27 Feb 2022 01:18:58 GMT
via: 1.1 varnish
x-timer: S1645924738.300408,VS0,VE140
x-served-by: cache-hhn4070-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
location: https://www.paypalobjects.com/en_AU/i/scr/pixel.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f2600873187d0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-cache-hits: 0

GET
H3 200 bitcoin-logo-e1635347905658.png
mcc.exchange/wp-content/uploads/2021/10/ 5 KB
6 KB 116ms
116ms Image
image/png 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcc.exchange/wp-content/uploads/2021/10/bitcoin-logo-e1635347905658.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc96a31cc31a935ced2d2adc4d0d2a59b0e8abc199e2f17c22b787f64f8533d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:58 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Oct 2021 15:18:25 GMT
server: cloudflare
etag: "1552-5cf571afc5f4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4KAw6kEOKlV9iIyQCqHEOWsDRYQWJvBeEAZr5ADF%2Fs8w4P6fDTGnt9qXyaJy3r5GV12Dpg1xsdyWZuoP%2BN1Ist5BAMtYfk%2BbUXiRAnF8sKM0Uu5qhAgSZzmB%2By8bFKup4%2B4yEcYMFLa5Go%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e3d950e2ee390ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5458

GET
H3 200 Kraken-Logo.png
mcc.exchange/wp-content/uploads/2021/09/ 4 KB
4 KB 296ms
295ms Image
image/png 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcc.exchange/wp-content/uploads/2021/09/Kraken-Logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1475743ccaecf08a941ae27aee6895750ddb489422daeae1321c5ca62a3db89c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:58 GMT
cf-cache-status: MISS
last-modified: Tue, 28 Sep 2021 16:14:02 GMT
server: cloudflare
etag: "f3c-5cd10807f94c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ce96Tm01zxVdSygjApEmG16Q3kAkv9qWz7B78awKCTn%2FRFyW8d%2FaKlWw3vT6a3weStcUQF1rwlXH8gHEz6dfdAO%2Fuo0kGzomNYfBKiYbkKPOAHBzCKQlhwwO9OEtscweq0gzC8QvHALV95c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e3d950e2ee490ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3900

GET
H3 200 Coinspot-Logo-225X225.jpg
mcc.exchange/wp-content/uploads/2021/09/ 20 KB
20 KB 374ms
374ms Image
image/jpeg 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcc.exchange/wp-content/uploads/2021/09/Coinspot-Logo-225X225.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5f91c35fe8bb83abed5a84e06cc0e7cf674e581d315d684914f9799bec75b76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:58 GMT
cf-cache-status: MISS
last-modified: Tue, 28 Sep 2021 16:45:20 GMT
server: cloudflare
etag: "4e27-5cd10f06bfcf5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31VYLTiFh5SLSnRGVWC%2F0Gkx5da38NE3ZTCExcgjBrgu2f2O8HMj8elUUdmqJjWc4iWRqr%2Bm2m%2BFLjdDD3Sp040ENTo%2BiIDFUaRUkU4zFZCBnOoV0VQyCUo52x9AlmH28Ho4dr97VHAmvV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e3d950e2ee590ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20007

GET
H3 200 MCC-Transparent.png
mcc.exchange/wp-content/uploads/2022/02/ 141 KB
142 KB 32ms
32ms Image
image/png 2606:4700:3037::6815:1b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcc.exchange/wp-content/uploads/2022/02/MCC-Transparent.png
Requested by: Host: mcc.exchange
URL: https://mcc.exchange/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863564ec7eae8ddc8ae70903df03dd09ba8705eb64a408b72127857e30853982

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/2022/02/26/coinbase-needs-more-than-a-bitcoin-giveaway/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 144341
last-modified: Sun, 13 Feb 2022 13:46:41 GMT
server: cloudflare
etag: "233d5-5d7e687a615f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNxWb1p9YDUUiDPEL56Aoc3wQgvcp6Uv4SFoiJPc3VnHdjGOQlM3TPQxdO%2BlcaxBKn46KIFjZZNplHF%2FOj%2BKPvmM%2BvDcOxO0A%2BVl3Du%2Fjk0liiqk19r2az0oSs243zeDV%2BIYlOoML%2BLk0Vk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 6e3d950e5f4290ee-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 69ms
27ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202230101/show_ads_impl_fy2019.js?bust=31065346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Feb 2022 01:18:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6030 13 KB
5 KB 42ms
16ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Feb 2022 16:09:03 GMT
expires: Sun, 26 Feb 2023 16:09:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 32995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D077 783 B
1 KB 78ms
34ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

32c165e5f381a5f941c428a0c092ee47c98d029ad7111b2788f998a627934eaf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D7PdwSLZ2/8UADId7hN/Dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 27 Feb 2022 01:18:58 GMT
date: Sun, 27 Feb 2022 01:18:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-D7PdwSLZ2/8UADId7hN/Dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ca-pub-5186237273987351 Show response
fundingchoicesmessages.google.com/i/ 89 KB
32 KB 85ms
42ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5186237273987351?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202230101/show_ads_impl_fy2019.js?bust=31065346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf3b4fee23c429229c7dff18f79aeb3f843c26d312ddee8ea8ec22e71ec369c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uF/PSRWF2VyMDW+Ctq8ESg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-uF/PSRWF2VyMDW+Ctq8ESg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-uF/PSRWF2VyMDW+Ctq8ESg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-uF/PSRWF2VyMDW+Ctq8ESg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options: SAMEORIGIN
date: Sun, 27 Feb 2022 01:18:58 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-5186237273987351&warn=12%2C13&w=1600&h=1200&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20220222_093520&sat=1645880062392&afm=2%2C0&as_count=0&d_count=0&ng_count=0&am_count=0&atf_count=0&mdns=0&alldns=0&allp=27&fd=(0%2C8%2C0)%2C(1%2C1%2C0)%2C(2%2C0%2C0)&pgh=2877&su=mcc.exchange&pvc=3561971353307162&r=0.1&eid=42531398%2C44750774%2C31064037%2C31065251%2C31065346%2C31060566%2C44758226%2C31064019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Feb 2022 01:18:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 -4sYiv7uFugH1PgVeRb0F7gL3N27obdizTixLSM-gPg.js Show response
pagead2.googlesyndication.com/bg/ Frame 6030 35 KB
14 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-4sYiv7uFugH1PgVeRb0F7gL3N27obdizTixLSM-gPg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb8b188afeee16e807d4f8157916f417b80bdcddbba1b762cd38b12d233e80f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 16:24:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13827
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Feb 2023 16:24:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D077 0
0 68ms
68ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220223&jk=3561971353307162&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6030 0
9 B 16ms
16ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3DWzYA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 01:18:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 AGSKWxWPtsDq4_x8SEm58ABw0Ru1pnbTyxlHywwav9VpdT0y6WGWi0vaI7FQTlbVtdVgp_nXnCKpF0wW6AAbBB9NDeA= Show response
fundingchoicesmessages.google.com/el/ 0
25 B 55ms
30ms XHR
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPtsDq4_x8SEm58ABw0Ru1pnbTyxlHywwav9VpdT0y6WGWi0vaI7FQTlbVtdVgp_nXnCKpF0wW6AAbBB9NDeA=?pvid=880CADE4-3052-4996-9739-141E8A7C47C9&anonid=D4607AC2-1500-4C19-96F0-9B89CD495AF0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.oCH7OEp009U.es5.O/d=1/rs=AJlcJMx1TQHWGiZLCmw9gE8DlzJe1V9wOQ/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aYlmAM4nYp8X/BtHu63Y4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-aYlmAM4nYp8X/BtHu63Y4g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mcc.exchange/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Feb 2022 01:18:58 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mcc.exchange
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aYlmAM4nYp8X/BtHu63Y4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-aYlmAM4nYp8X/BtHu63Y4g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVIvlxujZJ3h-Br6JNCxa8sgdqTlh4c8il8m8sxeYBc3OWIAF5OHROi5fi2wiQk5SruwBNl-PIGk5R54KPbcKc= Show response
fundingchoicesmessages.google.com/f/ 62 KB
23 KB 91ms
65ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVIvlxujZJ3h-Br6JNCxa8sgdqTlh4c8il8m8sxeYBc3OWIAF5OHROi5fi2wiQk5SruwBNl-PIGk5R54KPbcKc=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQ1OTI0NzM4LDU5OTAwMDAwMF0sIjg4MENBREU0LTMwNTItNDk5Ni05NzM5LTE0MUU4QTdDNDdDOSIsIkQ0NjA3QUMyLTE1MDAtNEMxOS05NkYwLTlCODlDRDQ5NUFGMCIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL21jYy5leGNoYW5nZS8yMDIyLzAyLzI2L2NvaW5iYXNlLW5lZWRzLW1vcmUtdGhhbi1hLWJpdGNvaW4tZ2l2ZWF3YXkvIixudWxsLFtdXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1d3b876ea89f9ed5ee4f4bdef3ac9e39319773f025a951161d9230cace90a09

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-72G/uPshVTNbSWFNugI5Fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-72G/uPshVTNbSWFNugI5Fw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Feb 2022 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-72G/uPshVTNbSWFNugI5Fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-72G/uPshVTNbSWFNugI5Fw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220223&jk=3561971353307162&bg=!8_Cl8LTNAAas2QJZrNk7ACkAdvg8WjA-2g4HLn3p6Z5UkLP_aBFCXMbLavDQlr31WSbarYFiqLOnmQIAAABxUgAAAAJoAQcKAKqq-ItPHnKrUpf2QFekMUWfgTOINaciF59vxyjeuQ8ZTpCA5LnJlRKv5acEPq1o8-xjYa-HwULlel8JKx9Y5rq7T5QjbxIUT0jYaWz6vT2ixLgiKuW7AqYX83XTe8UoTypKJkSr62lfxZFSk7CFUEQFKh9AaLMdL0EOXx8Y3mJGmCUGToH2tLtQfjrh3ChvMK8isj1A4Qi-bTpHOR4aeI5SoZg2RXd-NresrJkCtB8qB55jdtNG5qYegpyPMNcTByxx-ZMqd2BWGU8xw1o2wuhol7lloqPvLxOqtKeNFBAZfDhP1DcA1vmuk7z4Bmp_U3KzhOLPfOQTt959hwgAkF1j2cyZoiG9tCZVcG9riwWZuVxOARgWTi8gG2XJ_Ud8pi4O1vjD_Mnr2nsSRJdm9E68mHqU7NqIDsERwIY3BvtsmbVwAhRQwUMNjb_kuIeKAWJTGx6HuzeCU8WY_EAoDa292Sjy6KBzwpcsWjjB1N-COhQ5VDbEOuasU_EPyTaGNrj7ZJGm742o2Kzi_Rk3k90GUap3OI21ZPeAAPS1hN1E3wxkAUjfBOcz_uz7-mEmXEEp565elQ5jHlzzGZHkYugZhszz2u9Oe7TcQBj3IXN8tS1N9DJn_svLRdMpHgM6I_rpfah6wzfZ2KhxnukR2f6S47jB_kZRNb4bCeI4ikMjulIWxeJ23k6aKiy3tK3DruZCYm3phWfZXrPc6iMPEbu5FGzU9j6kE4gfs04T9-da2G1wpuDjRzsNB7yYIIF9t-u-Pw6DHx9nk33R9g1b_ZY8Lm9ObfaSmWUCORo-O3l7VEAb399-cdocIeJLQm3xlPm8KzGq9ugq3V4EpeAL8MDEgUVUu4udDPc5j04S2Gk7f6lGh-sN7eUuDJmWbKIKpOVjp4jyXTf5dsFqOImmlADigG7S8BqOAckdgCqX1QwWMeoDhPDFd5SXb_4NwdSj8Edw6qiFHqRNgptd-yQwtpETzq_7bZ_EF8bS6C8xh8JZsxbNsJdulhHFgW1QgJgcRxwJ1FXppy8V0dJWhw2u4pgqeybL5duRBrMw2AiZbzSLyGwizkcZEim6TPRtrk5InRPUCatjVyl-A54bnGhqvHrCHPaAQqe31IjGDeus52WgwvXa6ClASDRfHbdbqR5r-Bqx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Feb 2022 01:18:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 video-ads-management. Show response
fundingchoicesmessages.google.com/f/AGSKWxVD3FYigjHrxDhmd1HwCy2Q57GQ3ZsNSrSWPXbq9FwLBqNY5IS4-aooZINMdI8FQECjzgHW0fNkzNE6LiIeu7JA4l642-SZLaAsxt3ZtPxp22eW8V2mUk-NfNgld4ZZ_VITWJPH_T-ToA4jMd9uLXgzHMTGR... 54 B
105 B 32ms
32ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVD3FYigjHrxDhmd1HwCy2Q57GQ3ZsNSrSWPXbq9FwLBqNY5IS4-aooZINMdI8FQECjzgHW0fNkzNE6LiIeu7JA4l642-SZLaAsxt3ZtPxp22eW8V2mUk-NfNgld4ZZ_VITWJPH_T-ToA4jMd9uLXgzHMTGRCxmggbh5NsKdeMRvLnncnTnRH5YPO91LMIt6bgbZXQT61X8mB_fWjuuQFIWYyliEVWDbtpS1dwbKeVy7nA=/_.com/adv__rightad1./ad/extra_-120x600c./video-ads-management.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.cz4YzNLI3CA.es5.O/d=1/rs=AJlcJMxL1O4iNo49HkCttkMH9ZAbEteYBg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2eeab1b914711a725715cfb03c690d8f665cbe1ab42dadc5128b15f3fb054b28

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pPko2VpAdLWKABp+Q1ZcKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-pPko2VpAdLWKABp+Q1ZcKw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Feb 2022 01:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pPko2VpAdLWKABp+Q1ZcKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-pPko2VpAdLWKABp+Q1ZcKw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 81 KB
30 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.cz4YzNLI3CA.es5.O/d=1/rs=AJlcJMxL1O4iNo49HkCttkMH9ZAbEteYBg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

136239aa8c0b3a34950c35d9be02c97b70934367b50f55e5325a19780d326377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 00:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30315
x-xss-protection: 0
server: cafe
etag: 679527701882516052
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 27 Feb 2022 01:27:48 GMT

POST
H3 204 AGSKWxVO6iDvQKQ-peceMSvpiLBUKgcVxL_iB5wbdAey0W-s_al91Cn1AUyKMI_Re96WfZhpw25e4qwGFty_yOZslJNBmOzWGgfzPR2MAmmYGK4HO1Ny5kuPXlHTVznnk2dH7-mdEwzhcBsvkWihDQTnccxp6kKY6RqsxSMJzP7zi5-Xo_d86yoLuaYOVoLK Show response
fundingchoicesmessages.google.com/el/ 0
25 B 36ms
36ms XHR
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVO6iDvQKQ-peceMSvpiLBUKgcVxL_iB5wbdAey0W-s_al91Cn1AUyKMI_Re96WfZhpw25e4qwGFty_yOZslJNBmOzWGgfzPR2MAmmYGK4HO1Ny5kuPXlHTVznnk2dH7-mdEwzhcBsvkWihDQTnccxp6kKY6RqsxSMJzP7zi5-Xo_d86yoLuaYOVoLK

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.cz4YzNLI3CA.es5.O/d=1/rs=AJlcJMxL1O4iNo49HkCttkMH9ZAbEteYBg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vPgBKKXmnV6vM1bf0Y0dLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-vPgBKKXmnV6vM1bf0Y0dLA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mcc.exchange/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Feb 2022 01:19:00 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mcc.exchange
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vPgBKKXmnV6vM1bf0Y0dLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-vPgBKKXmnV6vM1bf0Y0dLA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVO6iDvQKQ-peceMSvpiLBUKgcVxL_iB5wbdAey0W-s_al91Cn1AUyKMI_Re96WfZhpw25e4qwGFty_yOZslJNBmOzWGgfzPR2MAmmYGK4HO1Ny5kuPXlHTVznnk2dH7-mdEwzhcBsvkWihDQTnccxp6kKY6RqsxSMJzP7zi5-Xo_d86yoLuaYOVoLK Show response
fundingchoicesmessages.google.com/el/ 0
26 B 41ms
41ms XHR
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.cz4YzNLI3CA.es5.O/d=1/rs=AJlcJMxL1O4iNo49HkCttkMH9ZAbEteYBg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-w3xk3jSHF/oB/txbHgDosQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-w3xk3jSHF/oB/txbHgDosQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mcc.exchange/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Feb 2022 01:19:00 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mcc.exchange
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-w3xk3jSHF/oB/txbHgDosQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-w3xk3jSHF/oB/txbHgDosQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVO6iDvQKQ-peceMSvpiLBUKgcVxL_iB5wbdAey0W-s_al91Cn1AUyKMI_Re96WfZhpw25e4qwGFty_yOZslJNBmOzWGgfzPR2MAmmYGK4HO1Ny5kuPXlHTVznnk2dH7-mdEwzhcBsvkWihDQTnccxp6kKY6RqsxSMJzP7zi5-Xo_d86yoLuaYOVoLK Show response
fundingchoicesmessages.google.com/el/ 0
26 B 61ms
61ms XHR
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.cz4YzNLI3CA.es5.O/d=1/rs=AJlcJMxL1O4iNo49HkCttkMH9ZAbEteYBg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/RSQDgeLnIl515n0Pi+mwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-/RSQDgeLnIl515n0Pi+mwQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mcc.exchange/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Feb 2022 01:19:00 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mcc.exchange
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-/RSQDgeLnIl515n0Pi+mwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-/RSQDgeLnIl515n0Pi+mwQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVDpeSyQRqdZw19wsX7L36x3dUw28BAzE0OpfXrKczhZh932AsKZp9tUbQhDVboEcgJLPbKxoCHy4qOUIuPLD8S7eU5Ruv_CEUt232t0q2VjiUeoXTo51MrWJV4ZFyjJv67VTsTwWib9ULRR25QTXKmm0Sp4sNkAF5znhwPNdZFTqq9Bpvi0Q7qg33v Show response
fundingchoicesmessages.google.com/f/ 40 KB
15 KB 69ms
68ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVDpeSyQRqdZw19wsX7L36x3dUw28BAzE0OpfXrKczhZh932AsKZp9tUbQhDVboEcgJLPbKxoCHy4qOUIuPLD8S7eU5Ruv_CEUt232t0q2VjiUeoXTo51MrWJV4ZFyjJv67VTsTwWib9ULRR25QTXKmm0Sp4sNkAF5znhwPNdZFTqq9Bpvi0Q7qg33v?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQ1OTI0NzQwLDM0MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbWNjLmV4Y2hhbmdlLzIwMjIvMDIvMjYvY29pbmJhc2UtbmVlZHMtbW9yZS10aGFuLWEtYml0Y29pbi1naXZlYXdheS8iLG51bGwsW11d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.cz4YzNLI3CA.es5.O/d=1/rs=AJlcJMxL1O4iNo49HkCttkMH9ZAbEteYBg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a3c70545ff0fac83011de2c8c6c9046c58c171e31e993fee3b17bb93e3d0f2f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lgLOX75owgy+Otj8+0us2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-lgLOX75owgy+Otj8+0us2w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Feb 2022 01:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-lgLOX75owgy+Otj8+0us2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-lgLOX75owgy+Otj8+0us2w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVO6iDvQKQ-peceMSvpiLBUKgcVxL_iB5wbdAey0W-s_al91Cn1AUyKMI_Re96WfZhpw25e4qwGFty_yOZslJNBmOzWGgfzPR2MAmmYGK4HO1Ny5kuPXlHTVznnk2dH7-mdEwzhcBsvkWihDQTnccxp6kKY6RqsxSMJzP7zi5-Xo_d86yoLuaYOVoLK Show response
fundingchoicesmessages.google.com/el/ 0
25 B 64ms
63ms XHR
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.cz4YzNLI3CA.es5.O/d=1/rs=AJlcJMxL1O4iNo49HkCttkMH9ZAbEteYBg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aaIpOxxKYBsMPwekhVD+YA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-aaIpOxxKYBsMPwekhVD+YA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mcc.exchange/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Feb 2022 01:19:00 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mcc.exchange
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-aaIpOxxKYBsMPwekhVD+YA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-aaIpOxxKYBsMPwekhVD+YA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXdrrkfyH4xOk3ppyQicQ9eMw9bWFTsu-orJoCdJAKQBjvLcrcSWHqlDwOxmcsqqBl_LS-ca2Xj9w5aWwCA35BSpTevyyNij-Z8PGgZGeJn5w9wPp3fbvpCDs814HyYiftkBYGSsPABRGN7yW0XXTbFOFitQubsrOwyL8SgmIF6z8DB6QIsbSFrPMTO Show response
fundingchoicesmessages.google.com/f/ 43 KB
16 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXdrrkfyH4xOk3ppyQicQ9eMw9bWFTsu-orJoCdJAKQBjvLcrcSWHqlDwOxmcsqqBl_LS-ca2Xj9w5aWwCA35BSpTevyyNij-Z8PGgZGeJn5w9wPp3fbvpCDs814HyYiftkBYGSsPABRGN7yW0XXTbFOFitQubsrOwyL8SgmIF6z8DB6QIsbSFrPMTO?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQ1OTI0NzQwLDQyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9tY2MuZXhjaGFuZ2UvMjAyMi8wMi8yNi9jb2luYmFzZS1uZWVkcy1tb3JlLXRoYW4tYS1iaXRjb2luLWdpdmVhd2F5LyIsbnVsbCxbXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2SignalJs.de._SulpOB-Fmc.es5.O/d=1/rs=AJlcJMyKt2qIQCQUQJzDErIp1D5GgVhg2A/m=iabtcfv2signalscript

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a2db78e19cd9d6202e22bf7f3a30b3e9746a0ea29abae0e75ff9c55a1119729

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Omsc3nZ8BgF3A8ThLo6VRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Omsc3nZ8BgF3A8ThLo6VRQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Feb 2022 01:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-Omsc3nZ8BgF3A8ThLo6VRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Omsc3nZ8BgF3A8ThLo6VRQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVoCwEDcXfMtBgzKPMDuW6_3ezzhLqyEja94Ti_mCL3AsGlgUGNXIjtpQam17BIcrydcJOrE-k5SzxDPFIIT0uWOU3LqwHzCn6ucjnnTXBo3wldMOWqcSfvmaAala9oxcKbG_WxoUnYQjY45KLITGuTYNy1pDE2kSLmKmqFyNewlhTOO17M3OiEOA44 Show response
fundingchoicesmessages.google.com/el/ 0
25 B 29ms
29ms XHR
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVoCwEDcXfMtBgzKPMDuW6_3ezzhLqyEja94Ti_mCL3AsGlgUGNXIjtpQam17BIcrydcJOrE-k5SzxDPFIIT0uWOU3LqwHzCn6ucjnnTXBo3wldMOWqcSfvmaAala9oxcKbG_WxoUnYQjY45KLITGuTYNy1pDE2kSLmKmqFyNewlhTOO17M3OiEOA44

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.lTR4EWpk6t8.es5.O/d=1/rs=AJlcJMyt9z906rUBzWQCyLC-g6VZbXmadg/m=iabccpawebsignalscript

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tL9a5MMm5Mpwu9OfqjQrDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-tL9a5MMm5Mpwu9OfqjQrDQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mcc.exchange/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Feb 2022 01:19:00 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mcc.exchange
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-tL9a5MMm5Mpwu9OfqjQrDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-tL9a5MMm5Mpwu9OfqjQrDQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXTDEB8iH_Mb3ZnstuS4-P0HAXt5I8jPyo8LnAIY0DJZSDQJ9f43_jY9Uy7JxKjhrw4cXLw9uSLgI41R7GmrOHbX9LQJ0Sv4qG-y9IpbeM1yER6zJsVoNIcNQ-hOLp7l_tNevRLzVWhZX36qXngQwlUJ1FvOlXvCuQKcDfkYB3ale0fZ30pQEFDAbhG Show response
fundingchoicesmessages.google.com/f/ 38 KB
14 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXTDEB8iH_Mb3ZnstuS4-P0HAXt5I8jPyo8LnAIY0DJZSDQJ9f43_jY9Uy7JxKjhrw4cXLw9uSLgI41R7GmrOHbX9LQJ0Sv4qG-y9IpbeM1yER6zJsVoNIcNQ-hOLp7l_tNevRLzVWhZX36qXngQwlUJ1FvOlXvCuQKcDfkYB3ale0fZ30pQEFDAbhG?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQ1OTI0NzQwLDQ4NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5LDEwXSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9tY2MuZXhjaGFuZ2UvMjAyMi8wMi8yNi9jb2luYmFzZS1uZWVkcy1tb3JlLXRoYW4tYS1iaXRjb2luLWdpdmVhd2F5LyIsbnVsbCxbXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f68bac3cbbc364c19981c7b0a4ed7c1d8d1c89b40034c2cc366f94984c02fdae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dSC9MbP1WIV5CXXLWr2Msg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-dSC9MbP1WIV5CXXLWr2Msg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcc.exchange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Feb 2022 01:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-dSC9MbP1WIV5CXXLWr2Msg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-dSC9MbP1WIV5CXXLWr2Msg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXhFEfQkp4VH5ko-SCL8PLc3tUPXBEkFuCLpv9H27wvCgsKQ9HUV1QyNhfGy_1N5vuRfSRYDmptothpc11f9Xpsj42UPJlrA9pBL5uhmPjiXmlFq8AyaYSayQq3n8BrMxX8zbAoX_w5Vjy77DeumGdUfZMoBFfaUzrDb9KUFyVnqo6AeQ7nES2qo9P1 Show response
fundingchoicesmessages.google.com/el/ 0
25 B 29ms
28ms XHR
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXhFEfQkp4VH5ko-SCL8PLc3tUPXBEkFuCLpv9H27wvCgsKQ9HUV1QyNhfGy_1N5vuRfSRYDmptothpc11f9Xpsj42UPJlrA9pBL5uhmPjiXmlFq8AyaYSayQq3n8BrMxX8zbAoX_w5Vjy77DeumGdUfZMoBFfaUzrDb9KUFyVnqo6AeQ7nES2qo9P1

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.ZY9L_Hkyn1k.es5.O/d=1/rs=AJlcJMyvQjtR0E06i2VvX5Ss3FNNEHsDZg/m=cookie_refresh

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bOefnRo0Pj67h7Smjh9W+g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bOefnRo0Pj67h7Smjh9W+g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mcc.exchange/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Feb 2022 01:19:00 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mcc.exchange
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bOefnRo0Pj67h7Smjh9W+g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bOefnRo0Pj67h7Smjh9W+g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVoCwEDcXfMtBgzKPMDuW6_3ezzhLqyEja94Ti_mCL3AsGlgUGNXIjtpQam17BIcrydcJOrE-k5SzxDPFIIT0uWOU3LqwHzCn6ucjnnTXBo3wldMOWqcSfvmaAala9oxcKbG_WxoUnYQjY45KLITGuTYNy1pDE2kSLmKmqFyNewlhTOO17M3OiEOA44 Show response
fundingchoicesmessages.google.com/el/ 0
25 B 64ms
64ms XHR
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FiFT3gXuFPfMRDEBjBJH2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-FiFT3gXuFPfMRDEBjBJH2A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mcc.exchange/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Feb 2022 01:19:00 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mcc.exchange
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-FiFT3gXuFPfMRDEBjBJH2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-FiFT3gXuFPfMRDEBjBJH2A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mcc.exchange/	1970-01-20 01:12:06	Name: __cf_bm Value: ZucowWvwNBKHugZMx8KbaiHYm7tSPpbDRXLXBj5WMZs-1645924737-0-Abpqctl+GSWsWXQcXRdaRfC7YfdNOXXaDR8dikWCfgdWBzOqotcbxsQxpoQSiFXJD7Tr7p8veYph09NVjSjbV1lXJ1K8nnN8gZldAqZZVk8ku6I4I7FmTMPHTNXNcXFkyg==
.mcc.exchange/	1970-01-20 10:33:40	Name: __gads Value: ID=bc541390b21fe157-220beb5e4dcd00ae:T=1645924738:RT=1645924738:S=ALNI_MbfXmCCfZpwKLFzIPcbbt9ynqxZ7g
.doubleclick.net/	1970-01-20 01:12:05	Name: test_cookie Value: CheckForPermission
.paypal.com/	1970-01-21 03:28:52	Name: ts Value: vreXpYrS%3D1740619138%26vteXpYrS%3D1645926538%26vr%3D38c2654517f0ad045ec6b581fc4c1046%26vt%3D38c2654517f0ad045ec6b581fc4c1045%26vtyp%3Dnew
.paypal.com/	1970-01-21 03:28:52	Name: ts_c Value: vr%3D38c2654517f0ad045ec6b581fc4c1046%26vt%3D38c2654517f0ad045ec6b581fc4c1045
.mcc.exchange/	1970-01-20 09:57:40	Name: FCNEC Value: [["AKsRol8TBvpqi-6u2WpgYhky18mIYZ3gX3cD-WISJB6_Fm9TBpThi93_OJ3efksd67axHqaB9SvmF-QcD70Z3gFtmUUc56JVe_YLzsSiC0UU7gtX6QwvVhldKSWR6czMMmvj7yoltnwbg2LKNYg-qvcFPpJ28xbe1w=="],null,[]]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
images.hindustantimes.com
mcc.exchange
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.paypal.com
www.paypalobjects.com
142.250.181.226
151.101.1.21
151.101.130.133
2606:4700:3037::6815:1b5a
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:831::2002
2a02:26f0:fb:5a1::1833
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07847e87c13587a37e8b597c6740f0f4c9cbb40c9fab7da73a6b3ecb4cb31983
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0c8c5d0f0dc55cf4a180bab12c0b321ff6c3bff175eb34d62220e368dc318e9b
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
136239aa8c0b3a34950c35d9be02c97b70934367b50f55e5325a19780d326377
1475743ccaecf08a941ae27aee6895750ddb489422daeae1321c5ca62a3db89c
1a3c70545ff0fac83011de2c8c6c9046c58c171e31e993fee3b17bb93e3d0f2f
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949
2eeab1b914711a725715cfb03c690d8f665cbe1ab42dadc5128b15f3fb054b28
32c165e5f381a5f941c428a0c092ee47c98d029ad7111b2788f998a627934eaf
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6849c2f6dd45325e6d5761c53db3dd6ecf99158e9cf1eb3b4e35f7e4025cb5c0
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
7790e74e8c62fd24bd4c9f9d159139273cf5dbe28ca1134c286489f11b62fa2b
7996a13ba28f47d09f223e3ab1971511b8390b708862b5f05be497d644845538
79f960e88ce4fb72928d7261f8ae177be9149a78c585b4be72e6f29799b19ec9
7b11b5db4aeadd7805dea3091563ae8ac2f3cc0ebb3c9f6ed038b6da25902c0a
7c51f9fb51890524ad066fb1b4b69d7dc2bd923e182eb4df6d880ea593d2ce4e
863564ec7eae8ddc8ae70903df03dd09ba8705eb64a408b72127857e30853982
8a2db78e19cd9d6202e22bf7f3a30b3e9746a0ea29abae0e75ff9c55a1119729
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a1d3b876ea89f9ed5ee4f4bdef3ac9e39319773f025a951161d9230cace90a09
a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8a819d7548b9c102d7776cb645212ca1e324ac2de2170598699061e29bc6cbf
ad176763c363ca77472cd3887c89daa29ccc6a00b5c9421c0a9b14fe26507af0
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec
b796eae5f9e99e26029677605d2bd85b20b10128540c02c42634f24f67c8fe93
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c5f91c35fe8bb83abed5a84e06cc0e7cf674e581d315d684914f9799bec75b76
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf3b4fee23c429229c7dff18f79aeb3f843c26d312ddee8ea8ec22e71ec369c8
d2c7ae1802a74557c1dd1356ee57a4a8b1cc9398ed1949249a2df2d051baaf93
d74b97b7b3a543e1629d9ebdef5afe06853812cefcfdf40e325d93c1383d5235
d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55
dc96a31cc31a935ced2d2adc4d0d2a59b0e8abc199e2f17c22b787f64f8533d4
e39344a0037a6d97ab4d2d56b7e3d2647ea833453f5a846a53daec49f08bdfb7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e5e103a4446c8becd87e38e7306133c1ac5069c7c2a11bdb236e596a11ef99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3e1433ca4c2978f18594eaf7d4338f1bccaf088b4f3c51f14b64071ab5923b3
f68bac3cbbc364c19981c7b0a4ed7c1d8d1c89b40034c2cc366f94984c02fdae
fb8b188afeee16e807d4f8157916f417b80bdcddbba1b762cd38b12d233e80f8

mcc.exchange Open in urlscan Pro 2606:4700:3037::6815:1b5a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

98 %HTTPS

77 %IPv6

10 Domains

13 Subdomains

12 IPs

2 Countries

1213 kBTransfer

2289 kBSize

6 Cookies

3 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mcc.exchange Open in urlscan Pro
2606:4700:3037::6815:1b5a Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

98 %
HTTPS

77 %
IPv6

10
Domains

13
Subdomains

12
IPs

2
Countries

1213 kB
Transfer

2289 kB
Size

6
Cookies

64 HTTP transactions
0 data transactions