www.unionrewardz.com Open in urlscan Pro
182.18.130.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.unionrewardz.com/pec/mer/12ID7ZY10e
Effective URL:
https://www.unionrewardz.com/PEC/CampaignRedemption/Verify
Submission: On July 08 via manual (July 8th 2024, 2:51:42 pm UTC) from IN — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 7 domains to perform 20 HTTP transactions. The main IP is 182.18.130.96, located in Hyderabad, India and belongs to CTRLS-AS-IN CtrlS, IN. The main domain is www.unionrewardz.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on October 4th 2023. Valid for: a year.

This is the only time www.unionrewardz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	182.18.130.96 182.18.130.96	18229 (CTRLS-AS-...) (CTRLS-AS-IN CtrlS)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:29:1... 2620:1ec:29:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.45.184.134 104.45.184.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
20	9

9 182.18.130.96 (Hyderabad, India) 1 redirects

ASN18229 (CTRLS-AS-IN CtrlS, IN)
PTR: static-182-18-130-96.ctrls.in

www.unionrewardz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.45.184.134 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	unionrewardz.com 1 redirects www.unionrewardz.com	319 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1094 a.clarity.ms — Cisco Umbrella Rank: 23333 c.clarity.ms — Cisco Umbrella Rank: 1823	28 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 449	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108 ajax.googleapis.com — Cisco Umbrella Rank: 607	33 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1780	37 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 379	776 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 1449	32 KB
20	7

	Domain	Requested by
9	www.unionrewardz.com	1 redirects www.unionrewardz.com
2	bam.nr-data.net	www.unionrewardz.com
2	c.clarity.ms	1 redirects
2	a.clarity.ms	www.unionrewardz.com
2	www.clarity.ms	www.unionrewardz.com
2	maxcdn.bootstrapcdn.com	www.unionrewardz.com
1	c.bing.com	1 redirects
1	js-agent.newrelic.com	www.unionrewardz.com
1	ajax.googleapis.com	www.unionrewardz.com
1	fonts.googleapis.com	www.unionrewardz.com
20	10

This site contains no links.

Subject Issuer	Validity	Valid
www.unionrewardz.com GeoTrust TLS RSA CA G1	`2023-10-04` - `2024-10-27`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify
Frame ID: 95F3D79F2D5D9E1DDF3674614EDB83F0
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Point Expiry Campaign

Page URL History Show full URLs

https://www.unionrewardz.com/pec/mer/12ID7ZY10e HTTP 302
https://www.unionrewardz.com/PEC/CampaignRedemption/Verify Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

50 %
IPv6

7
Domains

10
Subdomains

9
IPs

5
Countries

448 kB
Transfer

848 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.unionrewardz.com/pec/mer/12ID7ZY10e HTTP 302
https://www.unionrewardz.com/PEC/CampaignRedemption/Verify Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DFA3DBA5C4B641DE87CD61673B395828&RedC=c.clarity.ms&MXFR=03927F010FA16C4D26C46BB70BA16298 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFA3DBA5C4B641DE87CD61673B395828&MUID=3AAD4A602E7D6D4D3A615ED62FF66C54

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Verify Show response
www.unionrewardz.com/PEC/CampaignRedemption/
Redirect Chain

https://www.unionrewardz.com/pec/mer/12ID7ZY10e
https://www.unionrewardz.com/PEC/CampaignRedemption/Verify

67 KB
32 KB

479ms
466ms

Document
text/html

182.18.130.96
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unionrewardz.com/PEC/CampaignRedemption/Verify

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.18.130.96 Hyderabad, India, ASN18229 (CTRLS-AS-IN CtrlS, IN),

Reverse DNS

static-182-18-130-96.ctrls.in

Software

Resource Hash

4d9e77ee15a92bc8ccc117c2a1f2331503c82916071c321ccdceb2fb229225bf

Security Headers

Name	Value
Content-Security-Policy	default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 31190
Content-Security-Policy: default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Mon, 08 Jul 2024 14:51:35 GMT
Expires: 0
Last-Modified: Mon, 08 Jul 2024 14:51:35 GMT
Permissions-Policy: camera=(),gyroscope=(), magnetometer=()
Pragma: no-cache
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Vary: *, Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Content-Length: 147
Content-Security-Policy: default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Mon, 08 Jul 2024 14:51:34 GMT
Expires: 0
Last-Modified: Mon, 08 Jul 2024 14:51:35 GMT
Location: /PEC/CampaignRedemption/Verify
Permissions-Policy: camera=(),gyroscope=(), magnetometer=()
Pragma: no-cache
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Vary: *, Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ 119 KB
24 KB 226ms
128ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1069
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1190501
cdn-cachedat: 10/31/2023 19:00:19
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"7f89537eaf606bff49f5cc1a7c24dbca"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 68f99bad1de318871fba1ea78118a1a8
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8a00e4b189ddc3bb-WAW
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 29 KB
2 KB 175ms
52ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,700;1,300&display=swap

Requested by

Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8c8185a7b9cd8af0797a9997df36de594b0a76b55eef4f5eba93f381214b036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jul 2024 14:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jul 2024 14:51:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jul 2024 14:51:36 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 165ms
43ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 04 Jul 2024 14:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Jul 2025 14:13:49 GMT

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
13 KB 153ms
63ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2971719
cdn-cachedat: 2021-08-01 19:19:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 6923066369371d6997c92d232b1a01f3
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8a00e4b189dbc3bb-WAW
cdn-requestpullsuccess: True

GET
H/1.1 200
OK style.css
www.unionrewardz.com/PEC/Content/union/css/ 11 KB
5 KB 247ms
227ms Stylesheet
text/css 182.18.130.96
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unionrewardz.com/PEC/Content/union/css/style.css

Requested by

Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.18.130.96 Hyderabad, India, ASN18229 (CTRLS-AS-IN CtrlS, IN),

Reverse DNS

static-182-18-130-96.ctrls.in

Software

Resource Hash

5e0805692ebc07c7943cbd7029d77fd26dcb39db47e88f5144b9ea47c15e27f7

Security Headers

Name	Value
Content-Security-Policy	default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Security-Policy: default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
X-Content-Type-Options: nosniff
Date: Mon, 08 Jul 2024 14:51:35 GMT
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 4034
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Tue, 06 Sep 2022 15:00:39 GMT
Cross-Origin-Opener-Policy: same-origin
ETag: "a3b85e6d1c2d81:0"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3888000, public
Permissions-Policy: camera=(),gyroscope=(), magnetometer=()
Accept-Ranges: bytes

GET
H/1.1 200
OK logo.png
www.unionrewardz.com/PEC/Content/union/images/ 6 KB
7 KB 610ms
271ms Image
image/png 182.18.130.96
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unionrewardz.com/PEC/Content/union/images/logo.png

Requested by

Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.18.130.96 Hyderabad, India, ASN18229 (CTRLS-AS-IN CtrlS, IN),

Reverse DNS

static-182-18-130-96.ctrls.in

Software

Resource Hash

d0e47b001e15a2e6acf0fe6881ae026712e7e0517f13295f50da77c2ac51dd66

Security Headers

Name	Value
Content-Security-Policy	default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Security-Policy: default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
X-Content-Type-Options: nosniff
Date: Mon, 08 Jul 2024 14:51:36 GMT
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 5947
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Tue, 06 Sep 2022 09:04:17 GMT
Cross-Origin-Opener-Policy: same-origin
ETag: "78cb1a4cfc1d81:0"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=3888000, public
Permissions-Policy: camera=(),gyroscope=(), magnetometer=()
Accept-Ranges: bytes

GET
H/1.1 200
OK otp.svg
www.unionrewardz.com/PEC/Content/union/images/ 66 KB
32 KB 892ms
454ms Image
image/svg+xml 182.18.130.96
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unionrewardz.com/PEC/Content/union/images/otp.svg

Requested by

Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.18.130.96 Hyderabad, India, ASN18229 (CTRLS-AS-IN CtrlS, IN),

Reverse DNS

static-182-18-130-96.ctrls.in

Software

Resource Hash

411d00b86890cc94f19c6beff6c73bc207087c10325839fe3a65e4538f071815

Security Headers

Name	Value
Content-Security-Policy	default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Security-Policy: default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
X-Content-Type-Options: nosniff
Date: Mon, 08 Jul 2024 14:51:36 GMT
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 31199
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 25 Aug 2022 06:46:11 GMT
Cross-Origin-Opener-Policy: same-origin
ETag: "a91b1e5d4eb8d81:0"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=3888000, public
Permissions-Policy: camera=(),gyroscope=(), magnetometer=()
Accept-Ranges: bytes

GET
H/1.1 200
OK pci-loylty.png
www.unionrewardz.com/PEC/Images/ 7 KB
8 KB 338ms
233ms Image
image/png 182.18.130.96
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unionrewardz.com/PEC/Images/pci-loylty.png

Requested by

Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.18.130.96 Hyderabad, India, ASN18229 (CTRLS-AS-IN CtrlS, IN),

Reverse DNS

static-182-18-130-96.ctrls.in

Software

Resource Hash

c474f4de38471dcb21dedef51ad23795ba1f6e532cc271da317f89f317ccedee

Security Headers

Name	Value
Content-Security-Policy	default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Security-Policy: default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
X-Content-Type-Options: nosniff
Date: Mon, 08 Jul 2024 14:51:36 GMT
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 7252
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Wed, 24 Aug 2022 09:38:07 GMT
Cross-Origin-Opener-Policy: same-origin
ETag: "83973d379db7d81:0"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=3888000, public
Permissions-Policy: camera=(),gyroscope=(), magnetometer=()
Accept-Ranges: bytes

GET
H/1.1 200
OK jqueryval Show response
www.unionrewardz.com/PEC/bundles/ 28 KB
13 KB 602ms
228ms Script
text/javascript 182.18.130.96
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unionrewardz.com/PEC/bundles/jqueryval?v=x63JhYAtPoWfuvvzOG4ie0IbeC8KtI5Q_Ln6iJWChUE1

Requested by

Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.18.130.96 Hyderabad, India, ASN18229 (CTRLS-AS-IN CtrlS, IN),

Reverse DNS

static-182-18-130-96.ctrls.in

Software

Resource Hash

9012a9c1449111c93f495696eeaae5ba629b3918f3e1bbc1f9e4327ca97d868c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Security-Policy: default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
X-Content-Type-Options: nosniff
Date: Mon, 08 Jul 2024 14:51:36 GMT
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Resource-Policy: same-origin
Connection: Keep-Alive
Content-Length: 12055
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 08 Jul 2024 14:51:37 GMT
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=3888000, public
Permissions-Policy: camera=(),gyroscope=(), magnetometer=()
Expires: Tue, 08 Jul 2025 14:51:37 GMT

GET
H2 200 ddm1g965dt Show response
www.clarity.ms/tag/ 637 B
1002 B 536ms
222ms Script
application/x-javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ddm1g965dt
Requested by: Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3f682d16ec46449557c604671efa36b5288f9102d2cf03b7ffef45cc2720d711

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Mon, 08 Jul 2024 14:51:37 GMT
x-azure-ref: 20240708T145137Z-157445bcd66zfzzgx8kqtmwan800000001qg00000000ke92
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 637
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H/1.1 200
OK bg.png
www.unionrewardz.com/PEC/Content/union/Images/ 216 KB
218 KB 896ms
506ms Image
image/png 182.18.130.96
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unionrewardz.com/PEC/Content/union/Images/bg.png

Requested by

Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/Content/union/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.18.130.96 Hyderabad, India, ASN18229 (CTRLS-AS-IN CtrlS, IN),

Reverse DNS

static-182-18-130-96.ctrls.in

Software

Resource Hash

db53279349ae8861f7f007996b302685708eaa9cd6e5eb45994b8b8c2d8a86ce

Security Headers

Name	Value
Content-Security-Policy	default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.unionrewardz.com/PEC/Content/union/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Security-Policy: default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
X-Content-Type-Options: nosniff
Date: Mon, 08 Jul 2024 14:51:36 GMT
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: same-origin
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Wed, 24 Aug 2022 09:38:07 GMT
Cross-Origin-Opener-Policy: same-origin
ETag: "da9595379db7d81:0"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=3888000, public
Permissions-Policy: camera=(),gyroscope=(), magnetometer=()
Accept-Ranges: bytes

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.34/ 61 KB
26 KB 143ms
132ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.34/clarity.js
Requested by: Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:51:37 GMT
content-encoding: br
last-modified: Thu, 23 May 2024 23:20:12 GMT
etag: W/"0x8DC7B7EE5574D78"
vary: Accept-Encoding
x-azure-ref: 20240708T145137Z-157445bcd66zfzzgx8kqtmwan800000001qg00000000ke97
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 10d6d463-701e-0001-3003-cd7107000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
a.clarity.ms/ 0
284 B 414ms
132ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.unionrewardz.com
Date: Mon, 08 Jul 2024 14:51:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 nr-spa-1.261.2.min.js Show response
js-agent.newrelic.com/ 109 KB
32 KB 150ms
40ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.261.2.min.js

Requested by

Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

22c74a835bbc69aa690c781b1243caf4d8b47335fdc5fc1e2294d8d60c6f1545

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer
Origin: https://www.unionrewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: yrKbAgsEQsu_pQ9wI.Fi3_I8OU7Qe_ZH
content-encoding: br
via: 1.1 varnish
date: Mon, 08 Jul 2024 14:51:38 GMT
strict-transport-security: max-age=300
x-amz-request-id: 0VSTEC4Q21R3GXPB
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 31753
x-amz-id-2: tQ0dpVTbtG43I48aeP/IWIXG5FtJlWC7yBPrQpw1yyAXmRRzUFt+5cOY07cQ/ud5kN9zj/FrLtXOLmNGUxSAWw==
x-served-by: cache-cph2320036-CPH
last-modified: Tue, 02 Jul 2024 15:00:16 GMT
server: AmazonS3
etag: "ab3747a3f79dbc9080745d5b175c1285"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 186194

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DFA3DBA5C4B641DE87CD61673B395828&RedC=c.clarity.ms&MXFR=03927F010FA16C4D26C46BB70BA16298
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFA3DBA5C4B641DE87CD61673B395828&MUID=3AAD4A602E7D6D4D3A615ED62FF66C54

42 B
465 B

388ms
388ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFA3DBA5C4B641DE87CD61673B395828&MUID=3AAD4A602E7D6D4D3A615ED62FF66C54
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 14:51:39 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 08 Jul 2024 14:51:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4AFB5373072E4BD3886F2D3F7003F83D Ref B: FRA31EDGE0509 Ref C: 2024-07-08T14:51:38Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFA3DBA5C4B641DE87CD61673B395828&MUID=3AAD4A602E7D6D4D3A615ED62FF66C54
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK favicon.ico
www.unionrewardz.com/ 2 KB
3 KB 229ms
229ms Other
image/x-icon 182.18.130.96
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unionrewardz.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.18.130.96 Hyderabad, India, ASN18229 (CTRLS-AS-IN CtrlS, IN),

Reverse DNS

static-182-18-130-96.ctrls.in

Software

Resource Hash

9c017209a47f3658441e0194ac7519b32178aea5aa7802fd3e99cb8e61af017c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Security-Policy: default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
X-Content-Type-Options: nosniff
Date: Mon, 08 Jul 2024 14:51:37 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Resource-Policy: same-origin
Content-Length: 1737
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 15 May 2023 05:42:54 GMT
Cross-Origin-Opener-Policy: same-origin
ETag: "0c32c18f086d91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/x-icon
Cache-Control: max-age=3888000, public
Permissions-Policy: camera=(),gyroscope=(), magnetometer=()
Accept-Ranges: bytes

POST
H/1.1 200
OK NRJS-e071b7f3ef4d1ef1459 Show response
bam.nr-data.net/1/ 150 B
713 B 499ms
394ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-e071b7f3ef4d1ef1459?a=575700103&v=1.261.2&to=YAFVMRQAWUJQUBJaWFlLejMlTnRQXEMHWlBZNlIBAwxHRVhcCHBYWRBFCgoNUkMeZQNBXlEd&rst=4302&ck=0&s=e700c12b2a07f11a&ref=https://www.unionrewardz.com/PEC/CampaignRedemption/Verify&ptid=12e7b4d2a6d55e40&af=err,spa,xhr,stn,ins&ap=14&be=1703&fe=2413&dc=1230&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1720450294498,%22n%22:0,%22r%22:0,%22re%22:1151,%22f%22:1151,%22dn%22:1151,%22dne%22:1151,%22c%22:1151,%22s%22:1151,%22ce%22:1151,%22rq%22:1253,%22rp%22:1704,%22rpe%22:1925,%22di%22:2933,%22ds%22:2933,%22de%22:2933,%22dc%22:4112,%22l%22:4112,%22le%22:4116%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=2345&fcp=2383
Requested by: Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c77adba9802343ac5ea7f5c716f32cc65d8ab95d681cbcfd09f8d17f50eea299

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 08 Jul 2024 14:51:39 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.unionrewardz.com
access-control-expose-headers: Date
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 8a00e4c05c814528-TXL
timing-allow-origin: https://www.unionrewardz.com

POST
H/1.1 200
OK NRJS-e071b7f3ef4d1ef1459 Show response
bam.nr-data.net/events/1/ 24 B
408 B 352ms
350ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-e071b7f3ef4d1ef1459?a=575700103&v=1.261.2&to=YAFVMRQAWUJQUBJaWFlLejMlTnRQXEMHWlBZNlIBAwxHRVhcCHBYWRBFCgoNUkMeZQNBXlEd&rst=4824&ck=0&s=e700c12b2a07f11a&ref=https://www.unionrewardz.com/PEC/CampaignRedemption/Verify&ptid=12e7b4d2a6d55e40
Requested by: Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 08 Jul 2024 14:51:39 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.unionrewardz.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 8a00e4c2ea664528-TXL
Content-Length: 24

POST
H/1.1 204
No Content collect Show response
a.clarity.ms/ 0
284 B 127ms
126ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.unionrewardz.com
URL: https://www.unionrewardz.com/PEC/CampaignRedemption/Verify
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.unionrewardz.com
Date: Mon, 08 Jul 2024 14:51:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.unionrewardz.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 4ytzp4n5zzopbayr5ozajlls
www.unionrewardz.com/	1969-12-31 23:59:59	Name: BIGipServerBanks_Urls_Pool Value: !6Ge/cV22lujCd4usIgvVdOfUdVRwP+1VR3z6oX1fY5iDIpnoDUla322jOp3ZRLONz/COj7uTIbimfio=
www.unionrewardz.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken_L1BFQw2 Value: qw6QHYEEhpfIEiFfC0iW8HAzMje2iRzWE4HTWtq33vTz_5V0YTBGhKPymTn903MeeMf4owiqqd7LG0VBi0JTPJR5JDL9jhHBoSLW5XK9kO81
www.unionrewardz.com/	1969-12-31 23:59:59	Name: TS01137ebb Value: 010ac248eb3344598add785a8b3b4527be58adf7771c2e593f3a94abb215769a036ec09e2ab0e7f84a6769f63bdb607baa5be19e15d9f5d1a44c4efc0c556f81e96a1ee96a0a6dcf174f5327b0b59abddb31d6bedca7964d40b20a102733151dc9c1b856a4
www.clarity.ms/	1970-01-21 06:39:46	Name: CLID Value: 652f312304fc49ed984ee76b05ee9a99.20240708.20250708
.unionrewardz.com/	1970-01-21 06:39:46	Name: _clck Value: 14athcc%7C2%7Cfna%7C0%7C1650
.unionrewardz.com/	1970-01-20 21:55:36	Name: _clsk Value: 1t8xw65%7C1720450298073%7C1%7C1%7Ca.clarity.ms%2Fcollect
www.unionrewardz.com/	1969-12-31 23:59:59	Name: TS3d26f121027 Value: 082d0ea656ab20003e6f9f3618479ad2a651613ab7211d427bde9a2bbc41bf6c406837b082c15224087d0690741130008c7ff02e6dba1e312fb10875f87786fba580bbd06ebd7f2efbcb127de42390abd37f1444b108776a1ae3f8316f7dd01f
.bing.com/	1970-01-21 07:15:46	Name: MUID Value: 3AAD4A602E7D6D4D3A615ED62FF66C54
.c.bing.com/	1970-01-20 22:04:15	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:15:46	Name: SRM_B Value: 3AAD4A602E7D6D4D3A615ED62FF66C54
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:15:46	Name: MUID Value: 3AAD4A602E7D6D4D3A615ED62FF66C54
.c.clarity.ms/	1970-01-20 22:04:15	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:54:10	Name: ANONCHK Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data:;script-src https: 'unsafe-inline' 'unsafe-eval' 'self';style-src https: 'unsafe-inline' 'self';frame-ancestors 'none';object-src 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clarity.ms
ajax.googleapis.com
bam.nr-data.net
c.bing.com
c.clarity.ms
fonts.googleapis.com
js-agent.newrelic.com
maxcdn.bootstrapcdn.com
www.clarity.ms
www.unionrewardz.com
104.18.11.207
104.45.184.134
13.74.129.1
162.247.241.14
182.18.130.96
2602:816:5001::39
2620:1ec:29:1::45
2620:1ec:c11::237
2a00:1450:4001:80b::200a
2a00:1450:4001:829::200a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
22c74a835bbc69aa690c781b1243caf4d8b47335fdc5fc1e2294d8d60c6f1545
3f682d16ec46449557c604671efa36b5288f9102d2cf03b7ffef45cc2720d711
411d00b86890cc94f19c6beff6c73bc207087c10325839fe3a65e4538f071815
4d9e77ee15a92bc8ccc117c2a1f2331503c82916071c321ccdceb2fb229225bf
5e0805692ebc07c7943cbd7029d77fd26dcb39db47e88f5144b9ea47c15e27f7
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
9012a9c1449111c93f495696eeaae5ba629b3918f3e1bbc1f9e4327ca97d868c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c017209a47f3658441e0194ac7519b32178aea5aa7802fd3e99cb8e61af017c
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
c474f4de38471dcb21dedef51ad23795ba1f6e532cc271da317f89f317ccedee
c77adba9802343ac5ea7f5c716f32cc65d8ab95d681cbcfd09f8d17f50eea299
d0e47b001e15a2e6acf0fe6881ae026712e7e0517f13295f50da77c2ac51dd66
d8c8185a7b9cd8af0797a9997df36de594b0a76b55eef4f5eba93f381214b036
db53279349ae8861f7f007996b302685708eaa9cd6e5eb45994b8b8c2d8a86ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

www.unionrewardz.com Open in urlscan Pro 182.18.130.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

95 %HTTPS

50 %IPv6

7 Domains

10 Subdomains

9 IPs

5 Countries

448 kBTransfer

848 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

15 Cookies

Security Headers

Indicators

www.unionrewardz.com Open in urlscan Pro
182.18.130.96 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

50 %
IPv6

7
Domains

10
Subdomains

9
IPs

5
Countries

448 kB
Transfer

848 kB
Size

15
Cookies

20 HTTP transactions
0 data transactions