mcorewards.com Open in urlscan Pro
76.76.21.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mcorewards.com/
Submission: On September 02 via api (September 2nd 2024, 1:23:47 pm UTC) from US — Scanned from CA

Summary HTTP 80 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 16 IPs in 1 countries across 14 domains to perform 80 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is mcorewards.com.
TLS certificate: Issued by R11 on September 1st 2024. Valid for: 3 months.

This is the only time mcorewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
2	161.35.249.139 161.35.249.139	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	142.251.40.136 142.251.40.136	15169 (GOOGLE) (GOOGLE)
5	142.251.40.131 142.251.40.131	15169 (GOOGLE) (GOOGLE)
4	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
4	150.171.28.10 150.171.28.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	23.206.172.47 23.206.172.47	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
2	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1 2	142.250.80.38 142.250.80.38	15169 (GOOGLE) (GOOGLE)
1	142.250.81.238 142.250.81.238	15169 (GOOGLE) (GOOGLE)
8	31.13.71.36 31.13.71.36	32934 (FACEBOOK) (FACEBOOK)
1 1	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
1 1	142.250.80.36 142.250.80.36	15169 (GOOGLE) (GOOGLE)
2	13.107.246.40 13.107.246.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.21.237 13.107.21.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
80	16

39 76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)

mcorewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 161.35.249.139 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

sso.thanksagain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.136 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 150.171.28.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.206.172.47 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-172-47.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.38 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f6.1e100.net

9785471.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.98 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.36 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	mcorewards.com mcorewards.com	818 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	5 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 c.clarity.ms — Cisco Umbrella Rank: 1838 o.clarity.ms — Cisco Umbrella Rank: 12757	29 KB
5	doubleclick.net 2 redirects td.doubleclick.net — Cisco Umbrella Rank: 481 9785471.fls.doubleclick.net ad.doubleclick.net Failed googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	744 B
5	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 534 c.bing.com — Cisco Umbrella Rank: 341	17 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	135 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	79 KB
4	gstatic.com fonts.gstatic.com	32 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	367 KB
2	thanksagain.com sso.thanksagain.com
1	google.ca www.google.ca — Cisco Umbrella Rank: 9677	64 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10	24 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	3 KB
80	14

	Domain	Requested by
39	mcorewards.com	mcorewards.com
8	www.facebook.com
4	analytics.tiktok.com	mcorewards.com analytics.tiktok.com
4	bat.bing.com	www.googletagmanager.com bat.bing.com
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net
4	fonts.gstatic.com
4	www.googletagmanager.com	mcorewards.com www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	9785471.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	td.doubleclick.net	www.googletagmanager.com
2	sso.thanksagain.com	mcorewards.com
1	o.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
1	www.google.ca
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.google-analytics.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
0	ad.doubleclick.net Failed
80	20

This site contains links to these domains. Also see Links.

Domain
sso.thanksagain.com
orlandoairports.net

Subject Issuer	Validity	Valid
mcorewards.com R11	`2024-09-01` - `2024-11-30`	3 months	crt.sh
sso.thanksagain.com Network Solutions RSA DV SSL CA 3	`2024-04-02` - `2025-04-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-11` - `2024-09-09`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.googleadservices.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://mcorewards.com/
Frame ID: F25BB5E7157C81FA05D9121607E95E23
Requests: 78 HTTP requests in this frame

Frame: https://sso.thanksagain.com/realms/mco/protocol/openid-connect/3p-cookies/step1.html
Frame ID: 57A670B7835E4D3179DEB9DFA4865C51
Requests: 1 HTTP requests in this frame

Frame: https://sso.thanksagain.com/realms/mco/protocol/openid-connect/login-status-iframe.html
Frame ID: 3A25E42C47274E9A854EAAD9AB09338C
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11229901576?random=1725283419400&cv=11&fst=1725283419400&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48s0z89127146742za201zb9127146742&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcorewards.com%2F&label=cUzgCPr9nLgYEIjm6uop&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20MCO%20Rewards&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=931993302.1725283419&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: 390FDBDDDBEEA86D4F52851DB6889071
Requests: 1 HTTP requests in this frame

Frame: https://9785471.fls.doubleclick.net/activityi;dc_pre=CJ7BhMutpIgDFa7IwgQd2eAw0g;src=9785471;type=denpe0;cat=denpe001;ord=9670239769924;npa=0;auiddc=931993302.1725283419;ps=1;pcor=752522230;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0v9188115310z89127146742za201zb9127146742;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmcorewards.com%2F
Frame ID: 1893E275D3238D92D6A0947F723ACC2A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=9785471;type=denpe0;cat=denpe001;ord=9670239769924;npa=0;auiddc=931993302.1725283419;ps=1;pcor=752522230;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0v9188115310z89127146742za201zb9127146742;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmcorewards.com%2F
Frame ID: 772DDBDE8D1DC633AA7FBC16E41129C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | MCO Rewards

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

80
Requests

96 %
HTTPS

0 %
IPv6

14
Domains

20
Subdomains

16
IPs

1
Countries

1483 kB
Transfer

4103 kB
Size

31
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://sso.thanksagain.com/realms/mco/protocol/openid-connect/auth?client_id=thanksagain-front-end&redirect_uri=https%3A%2F%2Fmcorewards.com%2F&state=46470f74-c15c-4024-be80-5b84553759cb&response_mode=fragment&response_type=code&scope=openid&nonce=1a079f1e-e032-48d1-b272-548fb3412a58
Title: Sign In

Search URL Search Domain Scan URL

URL: https://sso.thanksagain.com/realms/mco/protocol/openid-connect/registrations?client_id=thanksagain-front-end&redirect_uri=https%3A%2F%2Fmcorewards.com%2F&state=f009b80b-0256-4547-9920-4d4a06c93d73&response_mode=fragment&response_type=code&scope=openid&nonce=19104abb-21a3-45ac-8bb6-1856ec041cda
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://sso.thanksagain.com/realms/mco/protocol/openid-connect/registrations?client_id=thanksagain-front-end&redirect_uri=https%3A%2F%2Fmcorewards.com%2F&state=b1300ba0-78c6-4148-870c-099976386474&response_mode=fragment&response_type=code&scope=openid&nonce=c07f209a-5bc6-4167-804d-a125acd2c54b
Title: Sign Up Now

Search URL Search Domain Scan URL

URL: https://sso.thanksagain.com/realms/mco/protocol/openid-connect/auth?client_id=thanksagain-front-end&redirect_uri=https%3A%2F%2Fmcorewards.com%2F&state=c565064d-8aa7-4836-b365-dba7e0b4eddd&response_mode=fragment&response_type=code&scope=openid&nonce=4167f297-9dcb-4130-8123-a6aa359ac725
Title: Sign In

Search URL Search Domain Scan URL

URL: https://orlandoairports.net/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://9785471.fls.doubleclick.net/activityi;src=9785471;type=denpe0;cat=denpe001;ord=9670239769924;npa=0;auiddc=931993302.1725283419;ps=1;pcor=752522230;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0v9188115310z89127146742za201zb9127146742;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmcorewards.com%2F HTTP 302
https://9785471.fls.doubleclick.net/activityi;dc_pre=CJ7BhMutpIgDFa7IwgQd2eAw0g;src=9785471;type=denpe0;cat=denpe001;ord=9670239769924;npa=0;auiddc=931993302.1725283419;ps=1;pcor=752522230;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0v9188115310z89127146742za201zb9127146742;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmcorewards.com%2F

Request Chain 60

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11229901576/?random=1907462119&cv=11&fst=1725283419400&bg=ffffff&guid=ON&async=1&gtm=45be48s0z89127146742za201zb9127146742&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcorewards.com%2F&label=cUzgCPr9nLgYEIjm6uop&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20MCO%20Rewards&value=0&npa=0&pscdl=noapi&auid=931993302.1725283419&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&eitems=ChEI8MTVtgYQxZbrvLXN2qDsARIdAGZ0zPMWS-AJVzRkNYV_5e08YtCGj1jPBK-TN0M&pscrd=IhMIucv5yq2kiAMVGQ1oCB35Pz2hMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL21jb3Jld2FyZHMuY29tLw HTTP 302
https://www.google.com/pagead/1p-conversion/11229901576/?random=1907462119&cv=11&fst=1725283419400&bg=ffffff&guid=ON&async=1&gtm=45be48s0z89127146742za201zb9127146742&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcorewards.com%2F&label=cUzgCPr9nLgYEIjm6uop&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20MCO%20Rewards&value=0&npa=0&pscdl=noapi&auid=931993302.1725283419&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIucv5yq2kiAMVGQ1oCB35Pz2hMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL21jb3Jld2FyZHMuY29tLw&is_vtc=1&cid=CAQSGwDpaXnfHK-wDO3Agq59mtmvhRp2XkGH-a3MRQ&eitems=ChEI8MTVtgYQxZbrvLXN2qDsARIdAGZ0zPN-L7MLyCyVuHjoIxce8X_0SNh5Rzy1-SQ&random=2413835671 HTTP 302
https://www.google.ca/pagead/1p-conversion/11229901576/?random=1907462119&cv=11&fst=1725283419400&bg=ffffff&guid=ON&async=1&gtm=45be48s0z89127146742za201zb9127146742&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcorewards.com%2F&label=cUzgCPr9nLgYEIjm6uop&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20MCO%20Rewards&value=0&npa=0&pscdl=noapi&auid=931993302.1725283419&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIucv5yq2kiAMVGQ1oCB35Pz2hMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL21jb3Jld2FyZHMuY29tLw&is_vtc=1&cid=CAQSGwDpaXnfHK-wDO3Agq59mtmvhRp2XkGH-a3MRQ&eitems=ChEI8MTVtgYQxZbrvLXN2qDsARIdAGZ0zPN-L7MLyCyVuHjoIxce8X_0SNh5Rzy1-SQ&random=2413835671&ipr=y

Request Chain 78

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7AF35F6ED6774C21AECEB0F5FA717FB7&RedC=c.clarity.ms&MXFR=1C49692ECFEA6D7A0EDF7DC0CBEA6322 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7AF35F6ED6774C21AECEB0F5FA717FB7&MUID=0DE2DD9DC70369453C9FC973C62968F8

80 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mcorewards.com/ 10 KB
3 KB 330ms
75ms Document
text/html 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

59ab11a80b8975391924d752fb8b3256cd88885cffcdb2af4f56652469013629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 02 Sep 2024 13:23:38 GMT
etag: W/"2bp92znubo813"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-id: iad1::iad1::vkvx6-1725283418090-55267e189799

GET
H2 200 bef403e4b51110e5.css
mcorewards.com/_next/static/css/ 11 KB
4 KB 54ms
53ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/css/bef403e4b51110e5.css

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e1b6973fc4bc3be97747a392a351fc6ccde7b1615d86b0a454e151e227ae4b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::srrmt-1725283418209-4c472a945859
age: 5521380
x-matched-path: /_next/static/css/bef403e4b51110e5.css
etag: W/"6be4abe1ef58dad27c0842d35dd4c3cd"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="bef403e4b51110e5.css"

GET
H2 200 webpack-e36ffddd6be2b40c.js Show response
mcorewards.com/_next/static/chunks/ 6 KB
3 KB 54ms
54ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/webpack-e36ffddd6be2b40c.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9822dbe8b9dd9f79bea569554238808971d2ae0f89cf16f8941e09baddd72013

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::lcjj6-1725283418209-562f3542012b
age: 5521380
x-matched-path: /_next/static/chunks/webpack-e36ffddd6be2b40c.js
etag: W/"a071ec0dd261f947ba73a17980e745da"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="webpack-e36ffddd6be2b40c.js"

GET
H2 200 framework-4e455cd48f2147ae.js Show response
mcorewards.com/_next/static/chunks/ 206 KB
60 KB 45ms
44ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/framework-4e455cd48f2147ae.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d0abe7a6fda5751ded493e59a10416ffe77dcae3c2b95985bba6c537edf4632f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::r9cx5-1725283418406-83f2aa786d8c
age: 5521380
x-matched-path: /_next/static/chunks/framework-4e455cd48f2147ae.js
etag: W/"b55054d8dbbcb1d416945e9bdd2b6dda"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="framework-4e455cd48f2147ae.js"

GET
H2 200 main-5f62ca318ada3ed4.js Show response
mcorewards.com/_next/static/chunks/ 136 KB
40 KB 85ms
80ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/main-5f62ca318ada3ed4.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

52ff9dc357d5d48b58f382997ff4f37e30ddf789db91e101e010302b04b9bc58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::ljjvz-1725283418424-f5a61a0ff578
age: 5521380
x-matched-path: /_next/static/chunks/main-5f62ca318ada3ed4.js
etag: W/"bb7dd1852f545f08cd8f5ea8d031840b"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="main-5f62ca318ada3ed4.js"

GET
H2 200 _app-530e70fdae28d367.js Show response
mcorewards.com/_next/static/chunks/pages/ 603 KB
174 KB 84ms
79ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/pages/_app-530e70fdae28d367.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c7fb18d780098b3be80a9545c0b81c447405fae5902b754726778e6c91a668e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::gskfl-1725283418425-334acbb0a62d
age: 5521380
x-matched-path: /_next/static/chunks/pages/_app-530e70fdae28d367.js
etag: W/"237e01547a74ce56fb013edf0cc4f394"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_app-530e70fdae28d367.js"

GET
H2 200 9127-7dae2acbe053d8ae.js Show response
mcorewards.com/_next/static/chunks/ 45 KB
14 KB 59ms
55ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/9127-7dae2acbe053d8ae.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

37105f1774a89ac28114173b0cdf9196def2d6619c77f809b6a55d414c14d438

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::hvs7p-1725283418425-e162413ef85e
age: 5521380
x-matched-path: /_next/static/chunks/9127-7dae2acbe053d8ae.js
etag: W/"7abe14344e0a5d6e15b135b48cf0e8cf"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="9127-7dae2acbe053d8ae.js"

GET
H2 200 5181-b022639b3f39601b.js Show response
mcorewards.com/_next/static/chunks/ 14 KB
5 KB 83ms
78ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/5181-b022639b3f39601b.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6bffe6a484635172064ba14b9191a004d05d53a2704ed19173c2949221a213e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::rzgx9-1725283418425-70fbf807acad
age: 5521380
x-matched-path: /_next/static/chunks/5181-b022639b3f39601b.js
etag: W/"da3a81cfdc5621dafaf82ec8476bbb66"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5181-b022639b3f39601b.js"

GET
H2 200 5345-6d5b240a7735e8aa.js Show response
mcorewards.com/_next/static/chunks/ 14 KB
6 KB 54ms
50ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/5345-6d5b240a7735e8aa.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

06c9367db3c6c80cc3011eaf8effc230c922ccbbc5985a551824c577600d521d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::xjkg6-1725283418425-54a74a1a2303
age: 5521380
x-matched-path: /_next/static/chunks/5345-6d5b240a7735e8aa.js
etag: W/"48381870c4ae5eb447a7ac8b8418c3db"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5345-6d5b240a7735e8aa.js"

GET
H2 200 9755-ae46e3c21d22ff17.js Show response
mcorewards.com/_next/static/chunks/ 9 KB
4 KB 58ms
54ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/9755-ae46e3c21d22ff17.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

05c9aba3536fa736f0799ac58ef75c8251348faa5c0af9a1129da9284c047b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::pxq68-1725283418425-39e940f874d4
age: 5521380
x-matched-path: /_next/static/chunks/9755-ae46e3c21d22ff17.js
etag: W/"18ce7411436a29653e7bdaa65abce81b"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="9755-ae46e3c21d22ff17.js"

GET
H2 200 8765-b87370c283a6bd4d.js Show response
mcorewards.com/_next/static/chunks/ 23 KB
9 KB 58ms
55ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/8765-b87370c283a6bd4d.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c68c2bb11cbcef4ddd435ef7c47709d1be853385bdd6a31ab432b81feb77441d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::cblnv-1725283418425-fcb5c974e578
age: 5521380
x-matched-path: /_next/static/chunks/8765-b87370c283a6bd4d.js
etag: W/"e9fdd0c6ee901f990d7d7142c3bc7018"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="8765-b87370c283a6bd4d.js"

GET
H2 200 1863-7d3ad085f89ba1b4.js Show response
mcorewards.com/_next/static/chunks/ 11 KB
4 KB 60ms
56ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/1863-7d3ad085f89ba1b4.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a9009bb8120ac30eed7847612ce3703d05a0a854ee7921563cb493c7f7fb7c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::gwhzz-1725283418425-af92f8b7df1f
age: 5521380
x-matched-path: /_next/static/chunks/1863-7d3ad085f89ba1b4.js
etag: W/"7f4c9ef9f132972d1b403e1c05797ca8"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="1863-7d3ad085f89ba1b4.js"

GET
H2 200 626-b36b5982a09c1776.js Show response
mcorewards.com/_next/static/chunks/ 11 KB
4 KB 83ms
80ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/626-b36b5982a09c1776.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

157ee6ffea4226196d64b56ef4cc64e4f696ac34a9b5f3cd656514ceebb16713

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::tv2t7-1725283418425-892cde89f10b
age: 5521380
x-matched-path: /_next/static/chunks/626-b36b5982a09c1776.js
etag: W/"2eca446db63dc82099c68be967497b36"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="626-b36b5982a09c1776.js"

GET
H2 200 2614-f644e456b8f77bec.js Show response
mcorewards.com/_next/static/chunks/ 30 KB
9 KB 111ms
108ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/2614-f644e456b8f77bec.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

adcdf8b75c895e438bc29ce95a6045b7816586a4e6026f2fadef71014cd75947

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::gskfl-1725283418449-f25dd5276760
age: 5521380
x-matched-path: /_next/static/chunks/2614-f644e456b8f77bec.js
etag: W/"1d8b7daf4de122fba3295150e8754a41"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="2614-f644e456b8f77bec.js"

GET
H2 200 1928-b75013558d5dfd91.js Show response
mcorewards.com/_next/static/chunks/ 21 KB
8 KB 111ms
109ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/1928-b75013558d5dfd91.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2257bd7d9a7f8c184bce092d967a7886930098e7d73f57090ddf469dd42852c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::gwhzz-1725283418449-992b072895e6
age: 5521380
x-matched-path: /_next/static/chunks/1928-b75013558d5dfd91.js
etag: W/"5e822179032a8211e530ffbd7c35ba1e"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="1928-b75013558d5dfd91.js"

GET
H2 200 4466-2f09aad6e5fea24b.js Show response
mcorewards.com/_next/static/chunks/ 94 KB
30 KB 109ms
106ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/4466-2f09aad6e5fea24b.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4552450eafca9e5afaab32cb2c996d2e2a6e3a5de7c0cd5557d0be5b1cc07837

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::cblnv-1725283418449-7d4410599708
age: 5521380
x-matched-path: /_next/static/chunks/4466-2f09aad6e5fea24b.js
etag: W/"92384468f92a3a8122c7ef9ad7720278"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="4466-2f09aad6e5fea24b.js"

GET
H2 200 734-0e179597602b6b9b.js Show response
mcorewards.com/_next/static/chunks/ 21 KB
7 KB 108ms
105ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/734-0e179597602b6b9b.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b4b5b542be45106c78a0f2fe9c07599aa86059479f09405139959ee476098b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::xjkg6-1725283418449-642b429c3787
age: 5521380
x-matched-path: /_next/static/chunks/734-0e179597602b6b9b.js
etag: W/"67a391014c4df5cf954fe8f6bc567ab3"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="734-0e179597602b6b9b.js"

GET
H2 200 index-7b3c44c3b20d2ebf.js Show response
mcorewards.com/_next/static/chunks/pages/ 103 KB
44 KB 114ms
112ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/pages/index-7b3c44c3b20d2ebf.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

48b6bbd3fe2ec88ab3bc5c965f5b8b6064486d35575112ec7412b6d3e2e54c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::hvs7p-1725283418449-9a9dabc33a78
age: 837234
x-matched-path: /_next/static/chunks/pages/index-7b3c44c3b20d2ebf.js
etag: W/"5cc147182d4883aeaf9ba1f777ad47a7"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="index-7b3c44c3b20d2ebf.js"

GET
H2 200 _buildManifest.js Show response
mcorewards.com/_next/static/Bkf1dW4cdXmI7VYgmZvTw/ 2 KB
1 KB 110ms
108ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/Bkf1dW4cdXmI7VYgmZvTw/_buildManifest.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4b01d2ecfbe2c91e2929edb550118aac1d40838467e256bec3c21006a41d3e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::lcjj6-1725283418449-f7d396fd987d
age: 5521380
x-matched-path: /_next/static/Bkf1dW4cdXmI7VYgmZvTw/_buildManifest.js
etag: W/"54fbd0fd33b2a6cf2b3faba99a4bfdcc"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_buildManifest.js"

GET
H2 200 _ssgManifest.js Show response
mcorewards.com/_next/static/Bkf1dW4cdXmI7VYgmZvTw/ 77 B
251 B 113ms
112ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/Bkf1dW4cdXmI7VYgmZvTw/_ssgManifest.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::pxq68-1725283418449-2e405d82ad36
age: 5521380
x-matched-path: /_next/static/Bkf1dW4cdXmI7VYgmZvTw/_ssgManifest.js
etag: "b6652df95db52feb4daf4eca35380933"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_ssgManifest.js"
accept-ranges: bytes
content-length: 77

GET
H/1.1 200
OK step1.html
sso.thanksagain.com/realms/mco/protocol/openid-connect/3p-cookies/ Frame 57A6 0
0 117ms
36ms Document
text/html 161.35.249.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.thanksagain.com/realms/mco/protocol/openid-connect/3p-cookies/step1.html

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/_next/static/chunks/pages/_app-530e70fdae28d367.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

161.35.249.139 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mcorewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, must-revalidate, no-transform, no-store
content-length: 2318
content-security-policy: frame-src 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Mon, 02 Sep 2024 13:23:38 GMT
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 319 KB
102 KB 274ms
83ms Script
application/javascript 142.251.40.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-52ZDT5T&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

17a5fe1b555cd2d880acff3bfee37b6291a350e20fb03f608c35e0701ed62318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103547
x-xss-protection: 0
last-modified: Mon, 02 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 Sep 2024 13:23:38 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 203ms
36ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
Origin: https://mcorewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 07:27:23 GMT
x-content-type-options: nosniff
age: 280575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7900
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Aug 2025 07:27:23 GMT

GET
H2 200 mco_favicon.ico
mcorewards.com/ 15 KB
3 KB 43ms
42ms Other
image/vnd.microsoft.icon 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/mco_favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

27c4f14a97bcfc14a879dd3bb5b35d49de881cb3a1b179627eac02348e904ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::cblnv-1725283418904-453cbdcd1175
age: 5502535
x-matched-path: /mco_favicon.ico
etag: W/"38e3863d14672320260bd61742a37dc7"
x-vercel-cache: HIT
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="mco_favicon.ico"

GET
H/1.1 200
OK login-status-iframe.html
sso.thanksagain.com/realms/mco/protocol/openid-connect/ Frame 3A25 0
0 36ms
36ms Document
text/html 161.35.249.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.thanksagain.com/realms/mco/protocol/openid-connect/login-status-iframe.html

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/_next/static/chunks/pages/_app-530e70fdae28d367.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

161.35.249.139 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mcorewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, must-revalidate, no-transform, no-store
content-length: 4049
content-security-policy: frame-src 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Mon, 02 Sep 2024 13:23:39 GMT
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
102 KB 79ms
78ms Script
application/javascript 142.251.40.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DKP1ZLE998&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52ZDT5T&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b55e024e02fa3511d0cb9269d22544f4d70dac2331a2619df17bb9b62d424dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 02 Sep 2024 13:23:39 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 215 KB
77 KB 72ms
71ms Script
application/javascript 142.251.40.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-9785471&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52ZDT5T&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

45496957f7606bd7243d4e19a5c43cdb4714331d6c17839e728b40a57052b1a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78838
x-xss-protection: 0
last-modified: Mon, 02 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 Sep 2024 13:23:39 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 95ms
41ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52ZDT5T&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Sep 2024 13:23:39 GMT
document-policy: force-load-at-top
x-fb-server-load: 56
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58936
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=23, mss=1232, tbw=4284, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: Arpm9e4kDdT2U8HiVR7J4ZIdf3J8Mrz2kOZFiXbuCiz6PfQQzXPf0Ew3+FN+ol/MTzlxgcGICp/bbOeSO7G56w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 242 KB
86 KB 80ms
79ms Script
application/javascript 142.251.40.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11229901576&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52ZDT5T&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c6dc84558866ddd0633ccdb49b02824af846e09c2b92ca7c39f7c4ef576d863f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87932
x-xss-protection: 0
last-modified: Mon, 02 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 Sep 2024 13:23:39 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 602ms
120ms Script
application/javascript 150.171.28.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52ZDT5T&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 02 Sep 2024 13:23:39 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DFAABF2B857745A3BA9873FBE04C6CC6 Ref B: YTO01EDGE0821 Ref C: 2024-09-02T13:23:39Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 8 KB
3 KB 233ms
139ms Script
application/javascript 23.206.172.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CL0IL5RC77U0CK809E2G&lib=ttq
Requested by: Host: mcorewards.com
URL: https://mcorewards.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.47 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 38fa7f602ac94915ae4236cfc44d582b76e12559d3d741e70bfe7769be03c229

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 114592a0
date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240902132339BA22CA77E4CDA2CFBD5F-4DC15DBB6D48AA8F-00
x-cache: TCP_MISS from a23-58-89-82.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=14, origin; dur=17
content-length: 2062
pragma: no-cache
server: nginx
x-tt-logid: 20240902132339BA22CA77E4CDA2CFBD5F
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 17,23.58.89.82
x-tt-trace-host: 011638076690c7499bd9859f1e61fb4d04f7a999fcc3aa08d924feabc813d30d10e6c667df942e264a666cb74558a523041213e4ef74d9dce7cc0a6736905bf4c94ba2350d23ad52aa13b5cc95b7a3cedb402b42e0189acd3602dbb08f99fd41cc
expires: Mon, 02 Sep 2024 13:23:39 GMT

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c57428681de56dcd18f570e61bd390565c27b070bf309debc22cb0c63410cd4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8e9e1119ac315446ec96145a8decdcb40d26265f872705e4d364a8f2cb1dff9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00147d1d0d8de849ef99e6ac7780e74b0d8e9fdbec2d272a50cccc714e5196b1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 51ms
49ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

872e862918591a9e824dc03ed92f05729435ffbb8ebbb10eff7eda26592b1798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
Origin: https://mcorewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 06:24:51 GMT
x-content-type-options: nosniff
age: 284328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7992
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Aug 2025 06:24:51 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 34ms
32ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
Origin: https://mcorewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 06:35:54 GMT
x-content-type-options: nosniff
age: 283665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7848
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Aug 2025 06:35:54 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 39ms
38ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

289e0afc8be731a86822349e54557296f145926496bd2138db1bac0db77f77a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
Origin: https://mcorewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 17:00:34 GMT
x-content-type-options: nosniff
age: 246185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7740
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Aug 2025 17:00:34 GMT

GET
H2 200 Gotham-Book.otf
mcorewards.com/fonts/ 163 KB
69 KB 50ms
48ms Font
font/otf 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/fonts/Gotham-Book.otf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

39a0be6269a3b75d80eee6bb7e63e6797d6808514417287d9c2dca9780b48b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
Origin: https://mcorewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::xjkg6-1725283419373-ebfe5e23a2ee
age: 5521380
x-matched-path: /fonts/Gotham-Book.otf
etag: W/"6f8eacd611b2414da7d46d7fba0b02e8"
x-vercel-cache: HIT
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="Gotham-Book.otf"

GET
H2 200 image
mcorewards.com/_next/ 98 KB
98 KB 79ms
75ms Image
image/webp 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mcorewards.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fmco_main_cover.64320c4a.jpg&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e0a196f4bcdf7ea753b07040843d80308b6ef0db2f4c936b211fc6658df715eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Mon, 02 Sep 2024 13:23:39 GMT
strict-transport-security: max-age=63072000
age: 397530
x-vercel-imgsrc: 8ec1ec934429ca87122df6917ad43e59
content-disposition: inline; filename="mco_main_cover.webp"
content-length: 100342
last-modified: Wed, 28 Aug 2024 22:58:09 GMT
server: Vercel
x-vercel-id: iad1::ks8dn-1725283419373-a1df82a56896
x-matched-path: /_next/static/media/mco_main_cover.64320c4a.jpg
x-vercel-cache: HIT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 image
mcorewards.com/_next/ 60 KB
60 KB 77ms
74ms Image
image/webp 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mcorewards.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fmco_logo.cfc233b1.png&w=3840&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

18b6b23e3cc1f419148d976a0e26af5df99bf195b0263fea327bb3a662735fcd

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Mon, 02 Sep 2024 13:23:39 GMT
strict-transport-security: max-age=63072000
age: 763908
x-vercel-imgsrc: 85d0e203847ee7d58060ab23612631a5
content-disposition: inline; filename="mco_logo.webp"
content-length: 61292
last-modified: Sat, 24 Aug 2024 17:11:50 GMT
server: Vercel
x-vercel-id: iad1::wprp6-1725283419373-b85bbec5e3c9
x-matched-path: /_next/static/media/mco_logo.cfc233b1.png
x-vercel-cache: HIT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 image
mcorewards.com/_next/ 55 KB
56 KB 104ms
101ms Image
image/webp 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mcorewards.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fmco_logo_white.29d92f9e.png&w=3840&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d226328e3fca899e73c5cd06042b15374c517575f51834f17cada1eb9fc9719c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Mon, 02 Sep 2024 13:23:39 GMT
strict-transport-security: max-age=63072000
age: 763461
x-vercel-imgsrc: 318de729a9c2eb3d0698e2f7317c5ec0
content-disposition: inline; filename="mco_logo_white.webp"
content-length: 56802
last-modified: Sat, 24 Aug 2024 17:19:17 GMT
server: Vercel
x-vercel-id: iad1::2dk98-1725283419374-568f5ad13248
x-matched-path: /_next/static/media/mco_logo_white.29d92f9e.png
x-vercel-cache: HIT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 image
mcorewards.com/_next/ 38 KB
38 KB 128ms
125ms Image
image/webp 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mcorewards.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fgoaa_logo.4c06a8c8.png&w=2048&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

abccc9c25bd44dfb1d23ba908a02a265a6ab7e7a26275afd095b4bb8469c31bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Mon, 02 Sep 2024 13:23:39 GMT
strict-transport-security: max-age=63072000
age: 583013
x-vercel-imgsrc: bf9b2eb30a7bf90d9ed402f2beffb653
content-disposition: inline; filename="goaa_logo.webp"
content-length: 38564
last-modified: Mon, 26 Aug 2024 19:26:45 GMT
server: Vercel
x-vercel-id: iad1::cblnv-1725283419374-fffdf6c4ca6e
x-matched-path: /_next/static/media/goaa_logo.4c06a8c8.png
x-vercel-cache: HIT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 script.js Show response
mcorewards.com/_vercel/insights/ 2 KB
1 KB 124ms
124ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_vercel/insights/script.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/_next/static/chunks/pages/_app-530e70fdae28d367.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

52c33e15c3d7e4924c94171c8917a0239551234f0d3b602d5f4c55a244d839ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: iad1:iad1:iad1::w649z-1725283419375-ab8bd632193d
age: 71
etag: W/"fcf06e135949a699d8950fec18d1a14a"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="script.js"

GET
H3 200 3383637721951290 Show response
connect.facebook.net/signals/config/ 72 KB
14 KB 204ms
204ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3383637721951290?v=2.9.166&r=stable&domain=mcorewards.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

45d5b0ffa76a554988b91a734cca51a2a7d5a454df5e7756866d626632976832

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Sep 2024 13:23:39 GMT
document-policy: force-load-at-top
x-fb-server-load: 51
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=72, mss=1232, tbw=66922, tp=63, tpl=0, uplat=162, ullat=0
pragma: public
x-fb-debug: AmvwvdxtLuQgKcoLCAEAAlb/FBB1EZRNFdbL4cDFGy3Fk+bmFNRlU/eI5j2FCmls9NuyEVOwxQ/wvpJzLsoH2Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/11229901576/ 5 KB
3 KB 311ms
61ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11229901576/?random=1725283419400&cv=11&fst=1725283419400&bg=ffffff&guid=ON&async=1&gtm=45be48s0z89127146742za201zb9127146742&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcorewards.com%2F&label=cUzgCPr9nLgYEIjm6uop&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20MCO%20Rewards&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=931993302.1725283419&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11229901576&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

f858b401b10657337ba0b836c918ac5e46e57f85c6e215e116a06a4d486e21f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2555
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11229901576
td.doubleclick.net/td/rul/ Frame 390F 0
0 455ms
205ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11229901576?random=1725283419400&cv=11&fst=1725283419400&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48s0z89127146742za201zb9127146742&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcorewards.com%2F&label=cUzgCPr9nLgYEIjm6uop&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20MCO%20Rewards&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=931993302.1725283419&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11229901576&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Sep 2024 13:23:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CJ7BhMutpIgDFa7IwgQd2eAw0g;src=9785471;type=denpe0;cat=denpe001;ord=9670239769924;npa=0;auiddc=931993302.1725283419;ps=1;pcor=752522230;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
9785471.fls.doubleclick.net/ Frame 1893
Redirect Chain

https://9785471.fls.doubleclick.net/activityi;src=9785471;type=denpe0;cat=denpe001;ord=9670239769924;npa=0;auiddc=931993302.1725283419;ps=1;pcor=752522230;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
https://9785471.fls.doubleclick.net/activityi;dc_pre=CJ7BhMutpIgDFa7IwgQd2eAw0g;src=9785471;type=denpe0;cat=denpe001;ord=9670239769924;npa=0;auiddc=931993302.1725283419;ps=1;pcor=752522230;uaa=;uab...

0
0

107ms
106ms

Document
text/html

142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9785471.fls.doubleclick.net/activityi;dc_pre=CJ7BhMutpIgDFa7IwgQd2eAw0g;src=9785471;type=denpe0;cat=denpe001;ord=9670239769924;npa=0;auiddc=931993302.1725283419;ps=1;pcor=752522230;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0v9188115310z89127146742za201zb9127146742;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmcorewards.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9785471&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 997
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Sep 2024 13:23:39 GMT
expires: Mon, 02 Sep 2024 13:23:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Sep 2024 13:23:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9785471.fls.doubleclick.net/activityi;dc_pre=CJ7BhMutpIgDFa7IwgQd2eAw0g;src=9785471;type=denpe0;cat=denpe001;ord=9670239769924;npa=0;auiddc=931993302.1725283419;ps=1;pcor=752522230;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0v9188115310z89127146742za201zb9127146742;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmcorewards.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=9785471;type=denpe0;cat=denpe001;ord=9670239769924;npa=0;auiddc=931993302.1725283419;ps=1;pcor=752522230;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=4...
td.doubleclick.net/td/fls/rul/ Frame 772D 0
0 260ms
62ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=9785471;type=denpe0;cat=denpe001;ord=9670239769924;npa=0;auiddc=931993302.1725283419;ps=1;pcor=752522230;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0v9188115310z89127146742za201zb9127146742;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmcorewards.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9785471&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Sep 2024 13:23:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET activity;register_conversion=1;src=9785471;type=denpe0;cat=denpe001;ord=9670239769924;npa=0;auiddc=931993302.1725283419;ps=1;pcor=752522230;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi...
ad.doubleclick.net/ 0
0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 265ms
47ms Fetch
text/plain 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DKP1ZLE998&gtm=45je48s0v9127146300z89127146742za200zb9127146742&_p=1725283418699&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=654289316.1725283420&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725283419&sct=1&seg=0&dl=https%3A%2F%2Fmcorewards.com%2F&dt=Home%20%7C%20MCO%20Rewards&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1802
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKP1ZLE998&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s74-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 13:23:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mcorewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 redeem-e9fb4f9b4d1e6f48.js
mcorewards.com/_next/static/chunks/pages/ 0
8 KB 48ms
47ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/pages/redeem-e9fb4f9b4d1e6f48.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/_next/static/chunks/main-5f62ca318ada3ed4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::27pnl-1725283419741-e403af587955
age: 5521378
x-matched-path: /_next/static/chunks/pages/redeem-e9fb4f9b4d1e6f48.js
etag: W/"130acb84ffdf4a69f3c7d3088d3b605d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="redeem-e9fb4f9b4d1e6f48.js"

GET
H2 200 5000-f15ab19401fbbab2.js
mcorewards.com/_next/static/chunks/ 0
18 KB 54ms
50ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/5000-f15ab19401fbbab2.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/_next/static/chunks/main-5f62ca318ada3ed4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::q5swv-1725283419794-2815d4a104ed
age: 5521380
x-matched-path: /_next/static/chunks/5000-f15ab19401fbbab2.js
etag: W/"80a7b3f7051797a66a05713a81754e97"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5000-f15ab19401fbbab2.js"

GET
H2 200 5428-0da23ea7a41d767a.js
mcorewards.com/_next/static/chunks/ 0
8 KB 47ms
43ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/5428-0da23ea7a41d767a.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/_next/static/chunks/main-5f62ca318ada3ed4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::27pnl-1725283419790-e2407334fc76
age: 5521380
x-matched-path: /_next/static/chunks/5428-0da23ea7a41d767a.js
etag: W/"85b5da9dd046c2a4b3b57ebeb02a600d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5428-0da23ea7a41d767a.js"

GET
H2 200 8088-8bae949f9c12e20b.js
mcorewards.com/_next/static/chunks/ 0
19 KB 48ms
45ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/8088-8bae949f9c12e20b.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/_next/static/chunks/main-5f62ca318ada3ed4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::lqzwl-1725283419790-cfbe8b809979
age: 5521380
x-matched-path: /_next/static/chunks/8088-8bae949f9c12e20b.js
etag: W/"7772d2577751aa2e36ec6ee59f2835d5"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="8088-8bae949f9c12e20b.js"

GET
H2 200 earn-9fa3fa8e44541d68.js
mcorewards.com/_next/static/chunks/pages/ 0
9 KB 47ms
44ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_next/static/chunks/pages/earn-9fa3fa8e44541d68.js

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/_next/static/chunks/main-5f62ca318ada3ed4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::vkvx6-1725283419790-b505d7f563bc
age: 825265
x-matched-path: /_next/static/chunks/pages/earn-9fa3fa8e44541d68.js
etag: W/"0218b28b35de7f1ac9aeb448fbc8e244"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="earn-9fa3fa8e44541d68.js"

GET
H2 200 main.MTZlYmMyNjliMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 334 KB
93 KB 47ms
36ms Script
application/javascript 23.206.172.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CL0IL5RC77U0CK809E2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.47 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 97cb5582858b04ad514c84f116de94e931849838034ef1f324beda5f60514c06

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 11459433
date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202408300225316154CDD92B31D184000E
x-tt-trace-id: 00-2408300225316154CDD92B31D184000E-69E652444ABA7AF9-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-58-89-82.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 012396d32eb32b20f5ef6a090c1fe42de6ac21bf8d53fad164fe126df8bfca91bb6a2ef5f4ea8251f79255dbc52e0ddc4baabff633ecb8442c7da83e64367db7732697c10bf7ddaef0bd21cadc8501f3fe3982949d2de1dfd6da21b9321df1e6c0
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 94509

POST
H2 200 view Show response
mcorewards.com/_vercel/insights/ 2 B
171 B 322ms
314ms Fetch
text/plain 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcorewards.com/_vercel/insights/view

Requested by

Host: mcorewards.com
URL: https://mcorewards.com/_vercel/insights/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: iad1::6dpq6-1725283419729-310499dc7370
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8
cache-control: public, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
x-ratelimit-limit: 1000
x-ratelimit-reset: 60
content-length: 2

GET
H3 200 1043085696836673 Show response
connect.facebook.net/signals/config/ 27 KB
3 KB 222ms
217ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1043085696836673?v=2.9.166&r=stable&domain=mcorewards.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C130%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C123%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

6d154188db381aba8ce971b88d131c23e862117dbb8151c1826ab7ce421921af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Sep 2024 13:23:39 GMT
document-policy: force-load-at-top
x-fb-server-load: 48
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=84, mss=1232, tbw=82218, tp=79, tpl=0, uplat=183, ullat=0
pragma: public
x-fb-debug: dWEK+2IcDoGVs6Y/4wzVcVj16bx+nH4iDiMurrOnvqWAZLsWuKjJDEJ0EpJa0LqG10UWCQzsoM0onvRec2t6xw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 124ms
34ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3383637721951290&ev=PageView&dl=https%3A%2F%2Fmcorewards.com%2F&rl=&if=false&ts=1725283419770&sw=1600&sh=1200&v=2.9.166&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1725283419763.128085957178396970&cs_est=true&ler=empty&cdl=API_unavailable&it=1725283419378&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1316, tbw=2799, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 02 Sep 2024 13:23:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 233ms
147ms Image
image/png 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3383637721951290&ev=PageView&dl=https%3A%2F%2Fmcorewards.com%2F&rl=&if=false&ts=1725283419770&sw=1600&sh=1200&v=2.9.166&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1725283419763.128085957178396970&cs_est=true&ler=empty&cdl=API_unavailable&it=1725283419378&coo=false&tm=1&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 02 Sep 2024 13:23:39 GMT
document-policy: force-load-at-top
x-fb-server-load: 41
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7410035862499517666", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=12, mss=1316, tbw=3117, tp=-1, tpl=-1, uplat=106, ullat=0
pragma: no-cache
x-fb-debug: gNKqLm8YMMn4fIWf5n0eD+N1qm2NE4vTxscm3DDwwJygncaavcr6yPehpgcEdeXOQK83GFjWyL6HJQFXzQi/hA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7410035862499517666"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bef403e4b51110e5.css Show response
mcorewards.com/_next/static/css/ 11 KB
0 0ms
0ms Fetch
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcorewards.com/_next/static/css/bef403e4b51110e5.css
Requested by: Host: mcorewards.com
URL: https://mcorewards.com/_next/static/chunks/main-5f62ca318ada3ed4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Vercel /
Resource Hash: e1b6973fc4bc3be97747a392a351fc6ccde7b1615d86b0a454e151e227ae4b33

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:38 GMT
content-encoding: br
server: Vercel
x-vercel-id: iad1::srrmt-1725283418209-4c472a945859
age: 5521380
x-matched-path: /_next/static/css/bef403e4b51110e5.css
etag: W/"6be4abe1ef58dad27c0842d35dd4c3cd"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="bef403e4b51110e5.css"

GET
H3

200

/
www.google.ca/pagead/1p-conversion/11229901576/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11229901576/?random=1907462119&cv=11&fst=1725283419400&bg=ffffff&guid=ON&async=1&gtm=45be48s0z89127146742za201zb9127146742&gcd=13l3l...
https://www.google.com/pagead/1p-conversion/11229901576/?random=1907462119&cv=11&fst=1725283419400&bg=ffffff&guid=ON&async=1&gtm=45be48s0z89127146742za201zb9127146742&gcd=13l3l3l3l1l1&dma=0&tag_exp...
https://www.google.ca/pagead/1p-conversion/11229901576/?random=1907462119&cv=11&fst=1725283419400&bg=ffffff&guid=ON&async=1&gtm=45be48s0z89127146742za201zb9127146742&gcd=13l3l3l3l1l1&dma=0&tag_exp=...

42 B
64 B

134ms
59ms

Image
image/gif

142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/11229901576/?random=1907462119&cv=11&fst=1725283419400&bg=ffffff&guid=ON&async=1&gtm=45be48s0z89127146742za201zb9127146742&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcorewards.com%2F&label=cUzgCPr9nLgYEIjm6uop&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20MCO%20Rewards&value=0&npa=0&pscdl=noapi&auid=931993302.1725283419&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIucv5yq2kiAMVGQ1oCB35Pz2hMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL21jb3Jld2FyZHMuY29tLw&is_vtc=1&cid=CAQSGwDpaXnfHK-wDO3Agq59mtmvhRp2XkGH-a3MRQ&eitems=ChEI8MTVtgYQxZbrvLXN2qDsARIdAGZ0zPN-L7MLyCyVuHjoIxce8X_0SNh5Rzy1-SQ&random=2413835671&ipr=y

Protocol

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 13:23:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Sep 2024 13:23:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ca/pagead/1p-conversion/11229901576/?random=1907462119&cv=11&fst=1725283419400&bg=ffffff&guid=ON&async=1&gtm=45be48s0z89127146742za201zb9127146742&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcorewards.com%2F&label=cUzgCPr9nLgYEIjm6uop&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20MCO%20Rewards&value=0&npa=0&pscdl=noapi&auid=931993302.1725283419&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIucv5yq2kiAMVGQ1oCB35Pz2hMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL21jb3Jld2FyZHMuY29tLw&is_vtc=1&cid=CAQSGwDpaXnfHK-wDO3Agq59mtmvhRp2XkGH-a3MRQ&eitems=ChEI8MTVtgYQxZbrvLXN2qDsARIdAGZ0zPN-L7MLyCyVuHjoIxce8X_0SNh5Rzy1-SQ&random=2413835671&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 283011949.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 50ms
49ms Script
application/javascript 150.171.28.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/283011949.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7cf256219059010bc1c734a4d59eff43e74c0ed51f1e894d40f6075a5be5a23f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 02 Sep 2024 13:23:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5F3A297E88EB46FE9CA70AD2BB86414C Ref B: YTO01EDGE0821 Ref C: 2024-09-02T13:23:39Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 redeem-e9fb4f9b4d1e6f48.js Show response
mcorewards.com/_next/static/chunks/pages/ 22 KB
0 0ms
0ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcorewards.com/_next/static/chunks/pages/redeem-e9fb4f9b4d1e6f48.js
Requested by: Host: mcorewards.com
URL: https://mcorewards.com/_next/static/chunks/main-5f62ca318ada3ed4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Vercel /
Resource Hash: 92dd24679d20e1e29834bd5e2625cd56c164a8e9e39268d229849b984b482094

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
server: Vercel
x-vercel-id: iad1::27pnl-1725283419741-e403af587955
age: 5521378
x-matched-path: /_next/static/chunks/pages/redeem-e9fb4f9b4d1e6f48.js
etag: W/"130acb84ffdf4a69f3c7d3088d3b605d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="redeem-e9fb4f9b4d1e6f48.js"

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 64ms
64ms Script
application/javascript 23.206.172.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.47 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 114594e8
date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202408300225272DCF0E49A25075B1263C
x-tt-trace-id: 00-2408300225272DCF0E49A25075B1263C-578A250FEB8B6FD1-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-58-89-82.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01219296fdbd6215c6ae9d1a5d5202510208699a917ea6bcb6a4a8867b5d0e3a82d275eead75f3ccdd7d419bc9d104e23828796e3478be100caab845546542c62c26bc38f14dbbc3b17887aead0622e6b449c5088362f1c101f4660cd6821aad8b
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=9
content-length: 39485

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
700 B 95ms
91ms Ping
text/plain 23.206.172.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.47 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 114594e9
date: Mon, 02 Sep 2024 13:23:39 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240902132339B34309F1F7ABDED7222F-681836FA5AA5F7DE-00
x-cache: TCP_MISS from a23-58-89-82.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
server-timing: inner; dur=22, cdn-cache; desc=MISS, edge; dur=7, origin; dur=39
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240902132339B34309F1F7ABDED7222F
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 39,23.58.89.82
x-tt-trace-host: 011638076690c7499bd9859f1e61fb4d04f7a999fcc3aa08d924feabc813d30d100fa212bf2b53aa1638a4c0366df1f224e3fe1562f8a9bdf75edeeebb23497b527c750f817d2d0cdcc9901b9c08ddcc471180247495470095558d3cebdbc3563e
access-control-allow-headers: Authorization,*
expires: Mon, 02 Sep 2024 13:23:39 GMT

GET
H2 200 283011949 Show response
www.clarity.ms/tag/uet/ 866 B
1 KB 285ms
78ms Script
application/x-javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/283011949
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/283011949.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a4ba395397e91a711a8c8de0272b2f8953a2f787ff8320de9708cc76aa86a6d8

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
date: Mon, 02 Sep 2024 13:23:40 GMT
x-azure-ref: 20240902T132340Z-1799c87bc7b64swrbugy3y2qhs00000007zg000000005yqz
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 866
expires: -1

GET
H2 204 0
bat.bing.com/action/ 0
232 B 131ms
131ms Image
text/plain 150.171.28.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=283011949&tm=gtm002&Ver=2&mid=935f3176-fe4a-4cb4-b9d3-f47347f84ed9&sid=91515200692e11efbbf68da32efdecb1&vid=91518980692e11efb33b9fd3dcd94ea0&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Home%20%7C%20MCO%20Rewards&p=https%3A%2F%2Fmcorewards.com%2F&r=&lt=837&evt=pageLoad&sv=1&cdb=AQAQ&rn=141211

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 13:23:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 64D95A1DAF5148DABFCE27AB4B3FF228 Ref B: YTO01EDGE0821 Ref C: 2024-09-02T13:23:39Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
360 B 51ms
51ms Image
text/plain 150.171.28.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=283011949&tm=gtm002&Ver=2&mid=935f3176-fe4a-4cb4-b9d3-f47347f84ed9&sid=91515200692e11efbbf68da32efdecb1&vid=91518980692e11efb33b9fd3dcd94ea0&vids=0&msclkid=N&gtm_tag_source=awct&tpp=1&ea=11229901576%2FcUzgCPr9nLgYEIjm6uop&en=Y&p=https%3A%2F%2Fmcorewards.com%2F&sw=1600&sh=1200&sc=24&evt=custom&cdb=AQAQ&rn=468550

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 13:23:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6D99A4C66C674CFF9E9C92F8117261A2 Ref B: YTO01EDGE0821 Ref C: 2024-09-02T13:23:39Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5000-f15ab19401fbbab2.js Show response
mcorewards.com/_next/static/chunks/ 54 KB
0 1ms
1ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcorewards.com/_next/static/chunks/5000-f15ab19401fbbab2.js
Requested by: Host: mcorewards.com
URL: https://mcorewards.com/_next/static/chunks/main-5f62ca318ada3ed4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Vercel /
Resource Hash: 219c6ec7c49305945816dd8a8a3d931fe48a9aca6639b1e73eac070fae9e5ce5

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
server: Vercel
x-vercel-id: iad1::q5swv-1725283419794-2815d4a104ed
age: 5521380
x-matched-path: /_next/static/chunks/5000-f15ab19401fbbab2.js
etag: W/"80a7b3f7051797a66a05713a81754e97"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5000-f15ab19401fbbab2.js"

GET
H2 200 5428-0da23ea7a41d767a.js Show response
mcorewards.com/_next/static/chunks/ 22 KB
0 2ms
2ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcorewards.com/_next/static/chunks/5428-0da23ea7a41d767a.js
Requested by: Host: mcorewards.com
URL: https://mcorewards.com/_next/static/chunks/main-5f62ca318ada3ed4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Vercel /
Resource Hash: 10a331a2eca76c76d72fcfb6c2914cf0f226eb5f63f27175acf07fe66dbafca2

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
server: Vercel
x-vercel-id: iad1::27pnl-1725283419790-e2407334fc76
age: 5521380
x-matched-path: /_next/static/chunks/5428-0da23ea7a41d767a.js
etag: W/"85b5da9dd046c2a4b3b57ebeb02a600d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5428-0da23ea7a41d767a.js"

GET
H2 200 8088-8bae949f9c12e20b.js Show response
mcorewards.com/_next/static/chunks/ 58 KB
0 2ms
2ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcorewards.com/_next/static/chunks/8088-8bae949f9c12e20b.js
Requested by: Host: mcorewards.com
URL: https://mcorewards.com/_next/static/chunks/main-5f62ca318ada3ed4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Vercel /
Resource Hash: 2df156303b85f1444e4f7509f44f572aaf959ff9d1ec92e64dffee455662e42f

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
server: Vercel
x-vercel-id: iad1::lqzwl-1725283419790-cfbe8b809979
age: 5521380
x-matched-path: /_next/static/chunks/8088-8bae949f9c12e20b.js
etag: W/"7772d2577751aa2e36ec6ee59f2835d5"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="8088-8bae949f9c12e20b.js"

GET
H2 200 earn-9fa3fa8e44541d68.js Show response
mcorewards.com/_next/static/chunks/pages/ 26 KB
0 2ms
2ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcorewards.com/_next/static/chunks/pages/earn-9fa3fa8e44541d68.js
Requested by: Host: mcorewards.com
URL: https://mcorewards.com/_next/static/chunks/main-5f62ca318ada3ed4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Vercel /
Resource Hash: 4487f2b21938a92abaad9f00cbc12cf1f2c209e1737cbe6ebde39e91a5259d47

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:39 GMT
content-encoding: br
server: Vercel
x-vercel-id: iad1::vkvx6-1725283419790-b505d7f563bc
age: 825265
x-matched-path: /_next/static/chunks/pages/earn-9fa3fa8e44541d68.js
etag: W/"0218b28b35de7f1ac9aeb448fbc8e244"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="earn-9fa3fa8e44541d68.js"

GET
H3 200 2819223058232378 Show response
connect.facebook.net/signals/config/ 26 KB
3 KB 185ms
180ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2819223058232378?v=2.9.166&r=stable&domain=mcorewards.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C130%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C123%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

f2e1112a321ff3cfc71b6dae39bd48344a3363068112dc0affeea19b965851bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Sep 2024 13:23:40 GMT
document-policy: force-load-at-top
x-fb-server-load: 38
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=87, mss=1232, tbw=85850, tp=84, tpl=0, uplat=146, ullat=0
pragma: public
x-fb-debug: hjnsJDxEhSo3xNDvlJ9ddW6nzPiI/vyL0GeHexUFMBfJ13OuywnR148CC8Bvz63/ppnzq6pE7SknMje1AGW+lQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
125 B 73ms
66ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3383637721951290&ev=PageView&dl=https%3A%2F%2Fmcorewards.com%2F&rl=&if=false&ts=1725283420030&sw=1600&sh=1200&v=2.9.166&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1725283419763.128085957178396970&cs_est=true&ler=empty&cdl=API_unavailable&it=1725283419378&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=12, mss=1316, tbw=6453, tp=-1, tpl=-1, uplat=2, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 02 Sep 2024 13:23:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
851 B 148ms
142ms Image
image/png 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3383637721951290&ev=PageView&dl=https%3A%2F%2Fmcorewards.com%2F&rl=&if=false&ts=1725283420030&sw=1600&sh=1200&v=2.9.166&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1725283419763.128085957178396970&cs_est=true&ler=empty&cdl=API_unavailable&it=1725283419378&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 02 Sep 2024 13:23:40 GMT
document-policy: force-load-at-top
x-fb-server-load: 53
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7410035865388872812", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=12, mss=1316, tbw=7532, tp=-1, tpl=-1, uplat=77, ullat=0
pragma: no-cache
x-fb-debug: GzcTi6V1RZyJa0uInR9EtdQjd/UM1OTIo+nAbyZqEeZ4ewMFuzVeBxEXDax067Vixs2duavnPQ6mozplZI76HQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7410035865388872812"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 78ms
72ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1043085696836673&ev=PageView&dl=https%3A%2F%2Fmcorewards.com%2F&rl=&if=false&ts=1725283420050&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4126&fbp=fb.1.1725283419763.128085957178396970&cs_est=true&ler=empty&cdl=API_unavailable&it=1725283419378&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=12, mss=1316, tbw=6453, tp=-1, tpl=-1, uplat=2, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 02 Sep 2024 13:23:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
856 B 137ms
133ms Image
image/png 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1043085696836673&ev=PageView&dl=https%3A%2F%2Fmcorewards.com%2F&rl=&if=false&ts=1725283420050&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4126&fbp=fb.1.1725283419763.128085957178396970&cs_est=true&ler=empty&cdl=API_unavailable&it=1725283419378&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 02 Sep 2024 13:23:40 GMT
document-policy: force-load-at-top
x-fb-server-load: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7410035865828893487", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=12, mss=1316, tbw=6654, tp=-1, tpl=-1, uplat=69, ullat=0
pragma: no-cache
x-fb-debug: ix1xTvqF/w0wdENsJU9+wNOhUqTdITGxekjxMV+p5zkWq67xv1bGznMXW4lrcXrGYYv68I5dkr9SRNMG/3I/Dg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7410035865828893487"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.45/ 64 KB
27 KB 81ms
80ms Script
application/javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.45/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/283011949
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 13:23:40 GMT
content-encoding: br
last-modified: Fri, 30 Aug 2024 23:52:41 GMT
etag: W/"0x8DCC94ED5C26BE6"
vary: Accept-Encoding
x-azure-ref: 20240902T132340Z-1799c87bc7b64swrbugy3y2qhs00000007zg000000005yr0
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 585df437-c01e-0082-7457-fb6f65000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7AF35F6ED6774C21AECEB0F5FA717FB7&RedC=c.clarity.ms&MXFR=1C49692ECFEA6D7A0EDF7DC0CBEA6322
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7AF35F6ED6774C21AECEB0F5FA717FB7&MUID=0DE2DD9DC70369453C9FC973C62968F8

42 B
443 B

39ms
38ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7AF35F6ED6774C21AECEB0F5FA717FB7&MUID=0DE2DD9DC70369453C9FC973C62968F8
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 13:23:40 GMT
last-modified: Wed, 14 Aug 2024 17:35:32 GMT
server: Microsoft-IIS/10.0
etag: "bb391b5d70eeda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 02 Sep 2024 13:23:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 06DC7B0E972345F3B97A8E9D22873911 Ref B: YTO01EDGE0712 Ref C: 2024-09-02T13:23:40Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7AF35F6ED6774C21AECEB0F5FA717FB7&MUID=0DE2DD9DC70369453C9FC973C62968F8
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 35ms
34ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2819223058232378&ev=PageView&dl=https%3A%2F%2Fmcorewards.com%2F&rl=&if=false&ts=1725283420245&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4126&fbp=fb.1.1725283419763.128085957178396970&cs_est=true&ler=empty&cdl=API_unavailable&it=1725283419378&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=4399, tp=10, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 02 Sep 2024 13:23:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 166ms
166ms Image
image/png 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2819223058232378&ev=PageView&dl=https%3A%2F%2Fmcorewards.com%2F&rl=&if=false&ts=1725283420245&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4126&fbp=fb.1.1725283419763.128085957178396970&cs_est=true&ler=empty&cdl=API_unavailable&it=1725283419378&coo=false&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 02 Sep 2024 13:23:40 GMT
document-policy: force-load-at-top
x-fb-server-load: 56
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7410035866243613751", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=23, mss=1232, tbw=4767, tp=13, tpl=0, uplat=124, ullat=0
pragma: no-cache
x-fb-debug: 4LCJBqM2UwjZqZiJlDKPZptWyCuK4LlX8EZ9T6fvUiv2XW/QNF4I+CfKu0vvQ6LchHSEaj40aQkr900u9sWc+w==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7410035866243613751"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
278 B 222ms
117ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://mcorewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://mcorewards.com
Date: Mon, 02 Sep 2024 13:23:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/activity;register_conversion=1;src=9785471;type=denpe0;cat=denpe001;ord=9670239769924;npa=0;auiddc=931993302.1725283419;ps=1;pcor=752522230;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0v9188115310z89127146742za201zb9127146742;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmcorewards.com%2F?

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sso.thanksagain.com/realms/mco/protocol/openid-connect/3p-cookies	1970-01-20 23:14:43	Name: KEYCLOAK_3P_COOKIE_SAMESITE Value: supported
.mcorewards.com/	1970-01-21 01:24:19	Name: _gcl_au Value: 1.1.931993302.1725283419
.tiktok.com/	1970-01-21 08:36:19	Name: _ttp Value: 2lW6KJwA9kYGpjeqIXTc028TxZH
.mcorewards.com/	1970-01-21 08:50:43	Name: _ga_DKP1ZLE998 Value: GS1.1.1725283419.1.0.1725283419.0.0.0
.mcorewards.com/	1970-01-21 08:50:43	Name: _ga Value: GA1.1.654289316.1725283420
.mcorewards.com/	1970-01-21 01:24:19	Name: _fbp Value: fb.1.1725283419763.128085957178396970
.mcorewards.com/	1970-01-21 08:36:19	Name: _tt_enable_cookie Value: 1
.mcorewards.com/	1970-01-21 08:36:19	Name: _ttp Value: 17esSVawvJvmO-HnJgDME2HaMo6
.mcorewards.com/	1970-01-20 23:16:09	Name: _uetsid Value: 91515200692e11efbbf68da32efdecb1
.mcorewards.com/	1970-01-21 08:36:19	Name: _uetvid Value: 91518980692e11efb33b9fd3dcd94ea0
.bat.bing.com/	1970-01-20 23:24:48	Name: MR Value: 0
.doubleclick.net/	1970-01-21 08:50:43	Name: IDE Value: AHWqTUngPzmGuqe95GnqTuxP1lD2UshHian-2NMORP1MqlUb9ZvVkXDBM7OgxC892nE
.doubleclick.net/	1970-01-21 03:33:55	Name: receive-cookie-deprecation Value: 1
.bing.com/	1970-01-21 08:36:19	Name: MUID Value: 0DE2DD9DC70369453C9FC973C62968F8
www.clarity.ms/	1970-01-21 08:00:19	Name: CLID Value: d201186d3119497e876e8bcbcb00701e.20240902.20250902
.yahoo.com/	1970-01-21 08:00:41	Name: A3 Value: d=AQABBFy81WYCEGTstDn2Wt95U5t5lzmKrkYFEgEBAQEN12bfZiXaxyMA_eMAAA&S=AQAAAhgbGUFYbL7nNHQzLiFzGMg
.mcorewards.com/	1970-01-21 08:00:19	Name: _clck Value: l2px49%7C2%7Cfou%7C0%7C1706
.c.bing.com/	1970-01-20 23:24:48	Name: MR Value: 0
.c.bing.com/	1970-01-21 08:36:19	Name: SRM_B Value: 0DE2DD9DC70369453C9FC973C62968F8
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 08:36:19	Name: MUID Value: 0DE2DD9DC70369453C9FC973C62968F8
.c.clarity.ms/	1970-01-20 23:24:48	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 23:14:44	Name: ANONCHK Value: 0
.mcorewards.com/	1970-01-20 23:16:09	Name: _clsk Value: s18wcq%7C1725283420707%7C1%7C1%7Co.clarity.ms%2Fcollect
.adsrvr.org/	1970-01-21 08:00:19	Name: TDID Value: 451b68cb-5d9f-4f92-a466-883703805036
.adnxs.com/	1970-01-21 08:50:43	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 08:00:19	Name: audit_p Value: 1\|rZANOo0g9CrveHc0aP59aiy6mwmu120qNl/ruZHBSDnH5NJDjBcymXIHR+xL6HwmURTrGSWSVMEwHTRO1/p4iHX0qfg68IpFQAPcN3ARK845KecGn6XgltqcZWOaZvtFC6WEKp05NKgR7zG3r44Tz7OBVeuFjvOzSnLciPE4ib7REvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.rubiconproject.com/	1970-01-21 08:00:19	Name: khaos Value: M0L17BR2-1W-BL9P
.rubiconproject.com/	1970-01-21 08:00:19	Name: khaos_p Value: M0L17BR2-1W-BL9P
.rubiconproject.com/	1970-01-21 08:00:19	Name: audit Value: 1\|rZANOo0g9CrveHc0aP59aiy6mwmu120qNl/ruZHBSDnH5NJDjBcymXIHR+xL6HwmURTrGSWSVMEwHTRO1/p4iHX0qfg68IpFQAPcN3ARK845KecGn6XgltqcZWOaZvtFC6WEKp05NKgR7zG3r44Tz7OBVeuFjvOzSnLciPE4ib7REvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.adsrvr.org/	1970-01-21 08:00:19	Name: TDCPM Value: CAESFwoIYXBwbmV4dXMSCwj6s6Pnj9elPRAFEhYKB3J1Ymljb24SCwjq16Pnj9elPRAFEhUKBmdvb2dsZRILCNLm8umP16U9EAUYBSACKAMyCwjEj6aUptelPRAFQg8iDQgBEgkKBXRpZXIzEAFaB2cwcG1vMzJgAQ..

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9785471.fls.doubleclick.net
ad.doubleclick.net
analytics.tiktok.com
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
fonts.gstatic.com
googleads.g.doubleclick.net
mcorewards.com
o.clarity.ms
sso.thanksagain.com
td.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
ad.doubleclick.net
13.107.21.237
13.107.246.40
142.250.72.98
142.250.80.36
142.250.80.38
142.250.81.238
142.251.40.130
142.251.40.131
142.251.40.136
142.251.40.194
150.171.28.10
157.240.241.1
161.35.249.139
20.110.205.119
23.206.172.47
31.13.71.36
52.152.143.207
76.76.21.21
00147d1d0d8de849ef99e6ac7780e74b0d8e9fdbec2d272a50cccc714e5196b1
05c9aba3536fa736f0799ac58ef75c8251348faa5c0af9a1129da9284c047b8b
06c9367db3c6c80cc3011eaf8effc230c922ccbbc5985a551824c577600d521d
10a331a2eca76c76d72fcfb6c2914cf0f226eb5f63f27175acf07fe66dbafca2
157ee6ffea4226196d64b56ef4cc64e4f696ac34a9b5f3cd656514ceebb16713
17a5fe1b555cd2d880acff3bfee37b6291a350e20fb03f608c35e0701ed62318
18b6b23e3cc1f419148d976a0e26af5df99bf195b0263fea327bb3a662735fcd
197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76
219c6ec7c49305945816dd8a8a3d931fe48a9aca6639b1e73eac070fae9e5ce5
2257bd7d9a7f8c184bce092d967a7886930098e7d73f57090ddf469dd42852c1
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15
27c4f14a97bcfc14a879dd3bb5b35d49de881cb3a1b179627eac02348e904ec9
289e0afc8be731a86822349e54557296f145926496bd2138db1bac0db77f77a2
2df156303b85f1444e4f7509f44f572aaf959ff9d1ec92e64dffee455662e42f
37105f1774a89ac28114173b0cdf9196def2d6619c77f809b6a55d414c14d438
38fa7f602ac94915ae4236cfc44d582b76e12559d3d741e70bfe7769be03c229
39a0be6269a3b75d80eee6bb7e63e6797d6808514417287d9c2dca9780b48b67
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0
4487f2b21938a92abaad9f00cbc12cf1f2c209e1737cbe6ebde39e91a5259d47
45496957f7606bd7243d4e19a5c43cdb4714331d6c17839e728b40a57052b1a9
4552450eafca9e5afaab32cb2c996d2e2a6e3a5de7c0cd5557d0be5b1cc07837
45d5b0ffa76a554988b91a734cca51a2a7d5a454df5e7756866d626632976832
48b6bbd3fe2ec88ab3bc5c965f5b8b6064486d35575112ec7412b6d3e2e54c41
4b01d2ecfbe2c91e2929edb550118aac1d40838467e256bec3c21006a41d3e0d
52c33e15c3d7e4924c94171c8917a0239551234f0d3b602d5f4c55a244d839ea
52ff9dc357d5d48b58f382997ff4f37e30ddf789db91e101e010302b04b9bc58
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59ab11a80b8975391924d752fb8b3256cd88885cffcdb2af4f56652469013629
6bffe6a484635172064ba14b9191a004d05d53a2704ed19173c2949221a213e1
6d154188db381aba8ce971b88d131c23e862117dbb8151c1826ab7ce421921af
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7cf256219059010bc1c734a4d59eff43e74c0ed51f1e894d40f6075a5be5a23f
872e862918591a9e824dc03ed92f05729435ffbb8ebbb10eff7eda26592b1798
8c57428681de56dcd18f570e61bd390565c27b070bf309debc22cb0c63410cd4
92dd24679d20e1e29834bd5e2625cd56c164a8e9e39268d229849b984b482094
97cb5582858b04ad514c84f116de94e931849838034ef1f324beda5f60514c06
9822dbe8b9dd9f79bea569554238808971d2ae0f89cf16f8941e09baddd72013
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a4ba395397e91a711a8c8de0272b2f8953a2f787ff8320de9708cc76aa86a6d8
a9009bb8120ac30eed7847612ce3703d05a0a854ee7921563cb493c7f7fb7c5c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abccc9c25bd44dfb1d23ba908a02a265a6ab7e7a26275afd095b4bb8469c31bf
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
adcdf8b75c895e438bc29ce95a6045b7816586a4e6026f2fadef71014cd75947
b4b5b542be45106c78a0f2fe9c07599aa86059479f09405139959ee476098b39
b55e024e02fa3511d0cb9269d22544f4d70dac2331a2619df17bb9b62d424dbd
c68c2bb11cbcef4ddd435ef7c47709d1be853385bdd6a31ab432b81feb77441d
c6dc84558866ddd0633ccdb49b02824af846e09c2b92ca7c39f7c4ef576d863f
c7fb18d780098b3be80a9545c0b81c447405fae5902b754726778e6c91a668e8
d0abe7a6fda5751ded493e59a10416ffe77dcae3c2b95985bba6c537edf4632f
d226328e3fca899e73c5cd06042b15374c517575f51834f17cada1eb9fc9719c
e0a196f4bcdf7ea753b07040843d80308b6ef0db2f4c936b211fc6658df715eb
e1b6973fc4bc3be97747a392a351fc6ccde7b1615d86b0a454e151e227ae4b33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e1112a321ff3cfc71b6dae39bd48344a3363068112dc0affeea19b965851bc
f858b401b10657337ba0b836c918ac5e46e57f85c6e215e116a06a4d486e21f9
f8e9e1119ac315446ec96145a8decdcb40d26265f872705e4d364a8f2cb1dff9

mcorewards.com Open in urlscan Pro 76.76.21.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

96 %HTTPS

0 %IPv6

14 Domains

20 Subdomains

16 IPs

1 Countries

1483 kBTransfer

4103 kBSize

31 Cookies

5 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mcorewards.com Open in urlscan Pro
76.76.21.21 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

96 %
HTTPS

0 %
IPv6

14
Domains

20
Subdomains

16
IPs

1
Countries

1483 kB
Transfer

4103 kB
Size

31
Cookies

80 HTTP transactions
3 data transactions