beyondultamaterewards.com Open in urlscan Pro
18.233.246.79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://beyondultamaterewards.com/
Effective URL:
https://beyondultamaterewards.com/
Submission: On March 05 via api (March 5th 2023, 6:36:08 pm UTC) from US — Scanned from DE

Summary HTTP 26 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 26 HTTP transactions. The main IP is 18.233.246.79, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is beyondultamaterewards.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 23rd 2023. Valid for: 4 months.

This is the only time beyondultamaterewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	18.233.246.79 18.233.246.79	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	184.24.161.25 184.24.161.25	16625 (AKAMAI-AS) (AKAMAI-AS)
26	5

14 18.233.246.79 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-246-79.compute-1.amazonaws.com

beyondultamaterewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.24.161.25 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-161-25.deploy.static.akamaitechnologies.com

static.rclon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	beyondultamaterewards.com 1 redirects beyondultamaterewards.com	2 MB
5	rclon.com static.rclon.com — Cisco Umbrella Rank: 595181	42 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 354	176 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2425	306 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	116 KB
26	5

	Domain	Requested by
14	beyondultamaterewards.com	1 redirects beyondultamaterewards.com
5	static.rclon.com
4	maps.googleapis.com	beyondultamaterewards.com maps.googleapis.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	beyondultamaterewards.com www.googletagmanager.com
26	5

This site contains links to these domains. Also see Links.

Domain
www.ulta.com

Subject Issuer	Validity	Valid
beyondultamaterewards.com Amazon RSA 2048 M02	`2023-02-23` - `2023-06-25`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.ebatescanada.com GeoTrust RSA CA 2018	`2023-02-28` - `2023-07-25`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://beyondultamaterewards.com/
Frame ID: 2149A9D454F716FA32AB784A3CB2B85E
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Beyond Ultamate Rewards

Page URL History Show full URLs

http://beyondultamaterewards.com/ HTTP 301
https://beyondultamaterewards.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

26
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

2519 kB
Transfer

3128 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ulta.com/creditcards/landingpage.jsp
Title: View details

Search URL Search Domain Scan URL

URL: https://www.ulta.com/company/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://beyondultamaterewards.com/ HTTP 301
https://beyondultamaterewards.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
beyondultamaterewards.com/
Redirect Chain

http://beyondultamaterewards.com/
https://beyondultamaterewards.com/

2 KB
4 KB

486ms
174ms

Document
text/html

18.233.246.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beyondultamaterewards.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.246.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-246-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8fcad38a024ad5f84a5bd09cfb606cba115293058218f87634ad5c0c5e42fa81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 05 Mar 2023 18:36:01 GMT
Keep-Alive: timeout=15
Server: nginx
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 05 Mar 2023 18:36:01 GMT
Keep-Alive: timeout=15
Location: https://beyondultamaterewards.com/
Server: nginx
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK vendor.css
beyondultamaterewards.com/css/ 76 KB
76 KB 103ms
102ms Stylesheet
text/css 18.233.246.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beyondultamaterewards.com/css/vendor.css?id=c808cc5b967d6656f382962626e089af

Requested by

Host: beyondultamaterewards.com
URL: https://beyondultamaterewards.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.246.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-246-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

39a9f87df89cea10bad475f40cdebb00735d07688daa7a03e27b34ae58c4227d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 18:36:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 77423
Last-Modified: Thu, 23 Feb 2023 17:48:29 GMT
Server: nginx
ETag: "63f7a6ed-12e6f"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: https://beyondultamaterewards.com
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK app.css
beyondultamaterewards.com/css/ 315 KB
315 KB 408ms
102ms Stylesheet
text/css 18.233.246.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beyondultamaterewards.com/css/app.css?id=4016ce9bcd0a6caf635552280dec2ff7

Requested by

Host: beyondultamaterewards.com
URL: https://beyondultamaterewards.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.246.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-246-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4f62921f8558a7c1611139848ce5d71133055f9d2dd6c1271460df1f37110277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 18:36:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 322111
Last-Modified: Thu, 23 Feb 2023 17:48:29 GMT
Server: nginx
ETag: "63f7a6ed-4ea3f"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: https://beyondultamaterewards.com
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK app.js Show response
beyondultamaterewards.com/js/ 1 MB
1 MB 102ms
102ms Script
application/javascript 18.233.246.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beyondultamaterewards.com/js/app.js?id=03ed6ef3a808bfcebb8ecf5954856291

Requested by

Host: beyondultamaterewards.com
URL: https://beyondultamaterewards.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.246.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-246-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8bdf1d0d6f04f342fa9c30b0fc433a8ad206ef3b1ee24d8ae479173149a0b789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 18:36:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 1407945
Last-Modified: Thu, 23 Feb 2023 17:48:29 GMT
Server: nginx
ETag: "63f7a6ed-157bc9"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: https://beyondultamaterewards.com
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vendor.js Show response
beyondultamaterewards.com/js/ 122 KB
122 KB 103ms
103ms Script
application/javascript 18.233.246.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beyondultamaterewards.com/js/vendor.js?id=c495f0135238750a21e875eff79b438e

Requested by

Host: beyondultamaterewards.com
URL: https://beyondultamaterewards.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.246.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-246-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c7e5ce4830dfda78bff34f298bb9b29b023204d49c5d29c3bb1cabbe929f0244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 18:36:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 124418
Last-Modified: Thu, 23 Feb 2023 17:48:29 GMT
Server: nginx
ETag: "63f7a6ed-1e602"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: https://beyondultamaterewards.com
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 163 KB
54 KB 130ms
67ms Script
text/javascript 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCwJ_WJ6qiVZqY9g2SLoG9OT4xMIGXMoa8

Requested by

Host: beyondultamaterewards.com
URL: https://beyondultamaterewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

b6f6d12f1defbf5995fe6b6366911c5f4bc502b8bf2f255d6d8bfd260a7c4b2a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:36:02 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: l2gfet4t7; dur=20, gfet4t7; dur=47
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54799
x-xss-protection: 0
expires: Sun, 05 Mar 2023 19:06:02 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 100 KB
39 KB 111ms
48ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P5DNSCF

Requested by

Host: beyondultamaterewards.com
URL: https://beyondultamaterewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22ae3d902b0ec025f79bc6ddab4b14623996cd4a98ca884ebf95a3801bf4cf33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:36:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40049
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Mar 2023 18:36:02 GMT

GET
H/1.1 200
OK Helvetica.woff2
beyondultamaterewards.com/fonts/ 102 KB
103 KB 101ms
101ms Font
font/woff2 18.233.246.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beyondultamaterewards.com/fonts/Helvetica.woff2

Requested by

Host: beyondultamaterewards.com
URL: https://beyondultamaterewards.com/css/app.css?id=4016ce9bcd0a6caf635552280dec2ff7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.246.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-246-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3482bef4a6d8e161edff43f8db2def925fc2414fbc63d7d36558fb3e993e42b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://beyondultamaterewards.com/css/app.css?id=4016ce9bcd0a6caf635552280dec2ff7
Origin: https://beyondultamaterewards.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 18:36:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 104520
Last-Modified: Thu, 23 Feb 2023 17:48:29 GMT
Server: nginx
ETag: "63f7a6ed-19848"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: font/woff2
Access-Control-Allow-Origin: https://beyondultamaterewards.com
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 61ms
60ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VSQMT8X25K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5DNSCF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf6716f059e279cf042cfc6a51e8d1298f0a4e946532098e26e883536af36856

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:36:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78683
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 18:36:02 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 88ms
45ms XHR
application/json 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCwJ_WJ6qiVZqY9g2SLoG9OT4xMIGXMoa8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://beyondultamaterewards.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 274ms
250ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VSQMT8X25K&gtm=45je3310&_p=780572543&cid=310762579.1678041363&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678041362&sct=1&seg=0&dl=https%3A%2F%2Fbeyondultamaterewards.com%2F&dt=Beyond%20Ultamate%20Rewards&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSQMT8X25K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 18:36:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beyondultamaterewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 401
Unauthorized get-user Show response
beyondultamaterewards.com/ 30 B
1 KB 171ms
170ms XHR
application/json 18.233.246.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beyondultamaterewards.com/get-user

Requested by

Host: beyondultamaterewards.com
URL: https://beyondultamaterewards.com/js/app.js?id=03ed6ef3a808bfcebb8ecf5954856291

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.246.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-246-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8031180d4d982a471ca97ef5a04e8d013d003c5c19e80d0a5f45401c4463ec27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://beyondultamaterewards.com/
X-XSRF-TOKEN: eyJpdiI6InFLVldHQ2ZEWmw2bzdJcCtORDUzYUE9PSIsInZhbHVlIjoiY0t6MEEwQmlnMjl1S1ZyZ1haUmFBZXVMRE13elJYOXgrd2pXeS8rSlAvSkx6UUdQZlhjd3ZGWmpybDc0T05Vajd2SGwyeFRWV3FMSUwrZWtldFNDZlVSOGJzQURiSFk2a0VOT0F3ampzcjJVY1NNYy9HSi9wK0NEcStqazZhY3YiLCJtYWMiOiJmNThhZTJiNTY2MmY5YzNlNGNhOTlmYmJhZGM1ZWQyMjM0OGU1YTYxMjU5NTJmYjRhM2JiZTA3YWU0YmQyZDk1IiwidGFnIjoiIn0=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 18:36:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: application/json
Cache-Control: no-cache, private
Connection: keep-alive
Keep-Alive: timeout=15
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK getPreLoginFeaturedOffers Show response
beyondultamaterewards.com/ 9 KB
10 KB 181ms
178ms XHR
application/json 18.233.246.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beyondultamaterewards.com/getPreLoginFeaturedOffers

Requested by

Host: beyondultamaterewards.com
URL: https://beyondultamaterewards.com/js/app.js?id=03ed6ef3a808bfcebb8ecf5954856291

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.246.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-246-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8a9f708c1f6e05a7e304ea4c3f43843d39606285764c15954d2fbdb168089d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://beyondultamaterewards.com/
X-XSRF-TOKEN: eyJpdiI6IkFlMlVYY0YxeG9ib0JiQXFFeUhibHc9PSIsInZhbHVlIjoiNWhPNy8vVzNGQ2NhWlo4VnFOWk8zMHlxNy9BVUI1NmpqdjRCT0JLbk1wZEhPaDVsSU9tK2pxTXdrOVZxRjdZWThBUGZVNi9IMHo1NlJRRHVEcUdWWTN4bUo4ZkJlZ09OWjhmdWthUndYNVg5cGVIY3dkM0g3MDJPd3dFdEhmU28iLCJtYWMiOiJmODQwYjllNTBlODliMDYzNjg3MGY1N2VkODdiODk0MTRhN2JiZGUyZDdhM2NlOWU5ZjIyMjYwMzYyYjE1MjQ3IiwidGFnIjoiIn0=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 18:36:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: application/json
Cache-Control: no-cache, private
Connection: keep-alive
Keep-Alive: timeout=15
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo.svg
beyondultamaterewards.com/images/ 5 KB
6 KB 101ms
97ms Image
image/svg+xml 18.233.246.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beyondultamaterewards.com/images/logo.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.246.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-246-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

562e476afcf66a4b20dd3a9f761cdab1242dc6063edbcfde28f3c0ce7ece096e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 18:36:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 5312
Last-Modified: Thu, 23 Feb 2023 17:48:29 GMT
Server: nginx
ETag: "63f7a6ed-14c0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/svg+xml
Access-Control-Allow-Origin: https://beyondultamaterewards.com
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK txt-the-possibilities.png
beyondultamaterewards.com/images/ 3 KB
4 KB 105ms
102ms Image
image/png 18.233.246.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beyondultamaterewards.com/images/txt-the-possibilities.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.246.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-246-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3a76f13b38883e0c1e5c44bf01c54f98c720498de1f1738e31deddd9bd0674c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 18:36:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 3516
Last-Modified: Thu, 23 Feb 2023 17:48:29 GMT
Server: nginx
ETag: "63f7a6ed-dbc"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: https://beyondultamaterewards.com
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ultamate-rewards-credit-card_compact-feature-card.png
beyondultamaterewards.com/images/ 55 KB
56 KB 207ms
102ms Image
image/png 18.233.246.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beyondultamaterewards.com/images/ultamate-rewards-credit-card_compact-feature-card.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.246.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-246-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

14fc85a9a81bc56bb69a3c1a1d16f7f33ba23c4120bc750b3f91f4166811aa95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 18:36:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 56521
Last-Modified: Thu, 23 Feb 2023 17:48:29 GMT
Server: nginx
ETag: "63f7a6ed-dcc9"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: https://beyondultamaterewards.com
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Helvetica-Bold.woff2
beyondultamaterewards.com/fonts/ 106 KB
107 KB 199ms
100ms Font
font/woff2 18.233.246.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beyondultamaterewards.com/fonts/Helvetica-Bold.woff2

Requested by

Host: beyondultamaterewards.com
URL: https://beyondultamaterewards.com/css/app.css?id=4016ce9bcd0a6caf635552280dec2ff7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.246.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-246-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6d64e6c05d936b2d3768dc47be745a01a44bdf92102eab0226c27960ba2b7daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://beyondultamaterewards.com/css/app.css?id=4016ce9bcd0a6caf635552280dec2ff7
Origin: https://beyondultamaterewards.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 18:36:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 108740
Last-Modified: Thu, 23 Feb 2023 17:48:29 GMT
Server: nginx
ETag: "63f7a6ed-1a8c4"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: font/woff2
Access-Control-Allow-Origin: https://beyondultamaterewards.com
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 MERCHANT_CREATIVE_ASSET_594079363634438612.png
static.rclon.com/ 8 KB
9 KB 402ms
43ms Image
image/png 184.24.161.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rclon.com/MERCHANT_CREATIVE_ASSET_594079363634438612.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.161.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-161-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b01cba72e75c4545e30c61c164a0315124d5250cac224b2f1b39ea2462da8494

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:36:03 GMT
last-modified: Mon, 17 May 2021 15:06:43 GMT
server: nginx
etag: "7742064822f342fa13d1b6bd99a86c42"
content-type: image/png
cache-control: max-age=182972
accept-ranges: bytes
content-length: 8570
expires: Tue, 07 Mar 2023 21:25:35 GMT

GET
H/1.1 200
OK arrow-blue.png
beyondultamaterewards.com/images/ 5 KB
5 KB 102ms
102ms Image
image/png 18.233.246.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beyondultamaterewards.com/images/arrow-blue.png

Requested by

Host: beyondultamaterewards.com
URL: https://beyondultamaterewards.com/css/app.css?id=4016ce9bcd0a6caf635552280dec2ff7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.246.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-246-79.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8da75f2db9a86f8e103dfa05af14b5490f03429cb355443af3520d023f2c8726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/css/app.css?id=4016ce9bcd0a6caf635552280dec2ff7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 18:36:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 4749
Last-Modified: Thu, 23 Feb 2023 17:48:29 GMT
Server: nginx
ETag: "63f7a6ed-128d"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: https://beyondultamaterewards.com
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 MERCHANT_CREATIVE_ASSET_323093323147040874.png
static.rclon.com/ 4 KB
5 KB 365ms
7ms Image
image/png 184.24.161.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rclon.com/MERCHANT_CREATIVE_ASSET_323093323147040874.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.161.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-161-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 61e095e60e4c8eb399a1d461a242590da2d13f16bd39ecf3ec6e4b945f67f8b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:36:03 GMT
last-modified: Mon, 17 May 2021 15:06:40 GMT
server: nginx
etag: "e74d0adf77cb3bce8417f66970fb7a9e"
content-type: image/png
cache-control: max-age=92749
accept-ranges: bytes
content-length: 4505
expires: Mon, 06 Mar 2023 20:21:52 GMT

GET
H2 200 MERCHANT_CREATIVE_ASSET_5804276683363902237.png
static.rclon.com/ 10 KB
10 KB 372ms
14ms Image
image/png 184.24.161.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rclon.com/MERCHANT_CREATIVE_ASSET_5804276683363902237.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.161.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-161-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a6867ea5d53168c05d0c9895f5c16313a5398598c6f1275b445699f2fbb481b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:36:03 GMT
last-modified: Mon, 17 May 2021 15:06:43 GMT
server: nginx
etag: "b364ed03c3a1951deede6188971d2ca6"
content-type: image/png
cache-control: max-age=80914
accept-ranges: bytes
content-length: 9910
expires: Mon, 06 Mar 2023 17:04:37 GMT

GET
H2 200 MERCHANT_CREATIVE_ASSET_6921374545512573528.png
static.rclon.com/ 9 KB
9 KB 369ms
12ms Image
image/png 184.24.161.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rclon.com/MERCHANT_CREATIVE_ASSET_6921374545512573528.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.161.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-161-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a3733776aa16f1e22c3b06cc322b07953739ca095ec58097319a8bbbfa3314dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:36:03 GMT
last-modified: Mon, 14 Nov 2022 16:48:33 GMT
server: nginx
etag: "ae22c88db8c4ec86bc85481957935aaa"
content-type: image/png
cache-control: max-age=261900
accept-ranges: bytes
content-length: 9313
expires: Wed, 08 Mar 2023 19:21:03 GMT

GET
H2 200 MERCHANT_CREATIVE_ASSET_211348781025588509.png
static.rclon.com/ 10 KB
10 KB 364ms
8ms Image
image/png 184.24.161.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rclon.com/MERCHANT_CREATIVE_ASSET_211348781025588509.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.161.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-161-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e6fa2ede65fd221d00c0519ff5513df558a667b298b7aa59e65f15497bb07a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:36:03 GMT
content-encoding: gzip
last-modified: Fri, 15 Oct 2021 19:54:22 GMT
server: nginx
etag: W/"b6481afe0b753f7b3c88c4be41909842"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=476305
content-length: 9835
expires: Sat, 11 Mar 2023 06:54:28 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/ 270 KB
67 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCwJ_WJ6qiVZqY9g2SLoG9OT4xMIGXMoa8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8605c23e565a96c1361218762063ecd7fd58df5dd67d2bfae48a07468ac4dc7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68577
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 22:08:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 19:08:38 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/ 159 KB
55 KB 37ms
37ms Script
text/javascript 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCwJ_WJ6qiVZqY9g2SLoG9OT4xMIGXMoa8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d49d943267bb71f96aaea5498acb9544fdd427649b9a0b77a590314058669a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beyondultamaterewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56038
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 22:08:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 19:08:38 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VSQMT8X25K&gtm=45je3310&_p=780572543&cid=310762579.1678041363&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1678041362&sct=1&seg=1&dl=https%3A%2F%2Fbeyondultamaterewards.com%2F&dt=Beyond%20Ultamate%20Rewards&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSQMT8X25K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://beyondultamaterewards.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 18:36:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beyondultamaterewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.beyondultamaterewards.com/	1970-01-20 19:43:21	Name: _ga Value: GA1.1.310762579.1678041363
.beyondultamaterewards.com/	1970-01-20 19:43:21	Name: _ga_VSQMT8X25K Value: GS1.1.1678041362.1.1.1678041362.0.0.0
beyondultamaterewards.com/	1970-01-20 10:07:23	Name: XSRF-TOKEN Value: eyJpdiI6Ino3V1pvWnRPSjNWUWpSOXJpVE4wYnc9PSIsInZhbHVlIjoiV1JBalY3YTVaTE9XNDFGZU90RGcrdGd4aFR4WXNGTHpOcnJDcEtLV2V1bjk5RGNYUVFwaFVqeWtIZlBwT1lqSTNNdHZMSURYNm5WOVZMUWpUNEZFbUtmc21pZUdNeGJDdVpCMnZWcVlGTVZoTFh1Rm1ETWo2ZE1aK1RiNlU4bHMiLCJtYWMiOiIyOWZkMDFiMjJiN2NkY2Q3ZDFiMGNjZmI1MDhlYzY0ZDUyZDg0NjAxZTNlY2ZjMTAwN2JmMTZmZjJlNmVkMWY1IiwidGFnIjoiIn0%3D
beyondultamaterewards.com/	1970-01-20 10:07:23	Name: beyond_ultamate_rewards_session Value: eyJpdiI6ImRET1QyeFpQUE1rUXpxT0FEM2ZtVkE9PSIsInZhbHVlIjoiRW9USTYxd2l3bFRGV0U3c3lMZzAxUWcxM1FjRC9WTlY0ZllpOUg0VVNXTFBoTThSVzlya2x4Q0JyQWJ5dE5DcDlmVDVTSVpZY2tiSzFWU0o3NDdMcUpMTzNMcUhyOTRkSTNFRWZQR0xuZmxocXpMSkszaHA4YVd1cVVobG80Q0UiLCJtYWMiOiJhMWY2ODIxZWU3ODYxYTIwNGVlZmQ2YjYzZDRiMTE4MjE4MTRjNmI2ZDcyYTE5ODkwZjdjZjRjYzQ0NDk5ZGVkIiwidGFnIjoiIn0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://beyondultamaterewards.com/get-user Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beyondultamaterewards.com
maps.googleapis.com
region1.google-analytics.com
static.rclon.com
www.googletagmanager.com
18.233.246.79
184.24.161.25
2001:4860:4802:34::36
2a00:1450:400d:80a::200a
2a00:1450:400d:80d::2008
14fc85a9a81bc56bb69a3c1a1d16f7f33ba23c4120bc750b3f91f4166811aa95
22ae3d902b0ec025f79bc6ddab4b14623996cd4a98ca884ebf95a3801bf4cf33
3482bef4a6d8e161edff43f8db2def925fc2414fbc63d7d36558fb3e993e42b5
39a9f87df89cea10bad475f40cdebb00735d07688daa7a03e27b34ae58c4227d
3a76f13b38883e0c1e5c44bf01c54f98c720498de1f1738e31deddd9bd0674c2
3d49d943267bb71f96aaea5498acb9544fdd427649b9a0b77a590314058669a6
4f62921f8558a7c1611139848ce5d71133055f9d2dd6c1271460df1f37110277
562e476afcf66a4b20dd3a9f761cdab1242dc6063edbcfde28f3c0ce7ece096e
61e095e60e4c8eb399a1d461a242590da2d13f16bd39ecf3ec6e4b945f67f8b6
6d64e6c05d936b2d3768dc47be745a01a44bdf92102eab0226c27960ba2b7daf
8031180d4d982a471ca97ef5a04e8d013d003c5c19e80d0a5f45401c4463ec27
8605c23e565a96c1361218762063ecd7fd58df5dd67d2bfae48a07468ac4dc7c
8a9f708c1f6e05a7e304ea4c3f43843d39606285764c15954d2fbdb168089d26
8bdf1d0d6f04f342fa9c30b0fc433a8ad206ef3b1ee24d8ae479173149a0b789
8da75f2db9a86f8e103dfa05af14b5490f03429cb355443af3520d023f2c8726
8fcad38a024ad5f84a5bd09cfb606cba115293058218f87634ad5c0c5e42fa81
a3733776aa16f1e22c3b06cc322b07953739ca095ec58097319a8bbbfa3314dc
a6867ea5d53168c05d0c9895f5c16313a5398598c6f1275b445699f2fbb481b7
b01cba72e75c4545e30c61c164a0315124d5250cac224b2f1b39ea2462da8494
b6f6d12f1defbf5995fe6b6366911c5f4bc502b8bf2f255d6d8bfd260a7c4b2a
bf6716f059e279cf042cfc6a51e8d1298f0a4e946532098e26e883536af36856
c7e5ce4830dfda78bff34f298bb9b29b023204d49c5d29c3bb1cabbe929f0244
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6fa2ede65fd221d00c0519ff5513df558a667b298b7aa59e65f15497bb07a2c

beyondultamaterewards.com Open in urlscan Pro 18.233.246.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

2519 kBTransfer

3128 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

4 Cookies

1 Console Messages

beyondultamaterewards.com Open in urlscan Pro
18.233.246.79 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

2519 kB
Transfer

3128 kB
Size

4
Cookies

26 HTTP transactions
0 data transactions