urlscan.io logo urlscan.io
SecurityTrails logo

paymentrewardzzone.com Open in urlscan Pro
18.245.86.126  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.henk3ks.com/cmp/2gshb1/d7256/0.05087874654938629
Effective URL: https://paymentrewardzzone.com/ef/BBT7CR/3N9226M/index.html?uid=2486&sourceid=72693DC4&sub1=79&sub2=1960&sub3=92ea73e707754590a...
Submission: On July 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 14 domains to perform 24 HTTP transactions. The main IP is 18.245.86.126, located in United States and belongs to AMAZON-02, US. The main domain is paymentrewardzzone.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 14th 2024. Valid for: a year.
This is the only time paymentrewardzzone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.117.154.36 396982 (GOOGLE-CL...)
2 2 3.69.182.131 16509 (AMAZON-02)
1 1 35.227.241.194 396982 (GOOGLE-CL...)
1 1 172.67.219.231 13335 (CLOUDFLAR...)
3 18.245.86.126 16509 (AMAZON-02)
6 34.246.141.41 16509 (AMAZON-02)
6 18.172.112.54 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.102.11 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 13.32.27.54 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 63.32.67.43 16509 (AMAZON-02)
1 54.75.102.160 16509 (AMAZON-02)
24 12
1    34.117.154.36 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.154.117.34.bc.googleusercontent.com
www.henk3ks.com
2    3.69.182.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-182-131.eu-central-1.compute.amazonaws.com
reviantrelsently.com
1    35.227.241.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.241.227.35.bc.googleusercontent.com
www.protected-url.com
1    172.67.219.231 (United States)

ASN13335 (CLOUDFLARENET, US)
link.heavenstrack.com
3    18.245.86.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-126.fra60.r.cloudfront.net
paymentrewardzzone.com
6    34.246.141.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-141-41.eu-west-1.compute.amazonaws.com
lnd-cntrl.pro
6    18.172.112.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-54.fra60.r.cloudfront.net
gramagift.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net
static.hotjar.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
script.hotjar.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    63.32.67.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-67-43.eu-west-1.compute.amazonaws.com
shield.hygge-int.com
1    54.75.102.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-102-160.eu-west-1.compute.amazonaws.com
content.hotjar.io
Apex Domain
Subdomains		 Transfer
6 gramagift.com
gramagift.com
1 MB
6 lnd-cntrl.pro
lnd-cntrl.pro
2 KB
3 paymentrewardzzone.com
paymentrewardzzone.com
3 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 829
script.hotjar.com — Cisco Umbrella Rank: 1135
60 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 72
177 KB
2 reviantrelsently.com
reviantrelsently.com
1011 B
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 5983
171 B
1 hygge-int.com
shield.hygge-int.com
138 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 74
2 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2681
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 352
24 KB
1 heavenstrack.com
link.heavenstrack.com
711 B
1 protected-url.com
www.protected-url.com
700 B
1 henk3ks.com
www.henk3ks.com
676 B
24 14
Domain Requested by
6 gramagift.com paymentrewardzzone.com
6 lnd-cntrl.pro paymentrewardzzone.com
gramagift.com
3 paymentrewardzzone.com paymentrewardzzone.com
2 www.googletagmanager.com paymentrewardzzone.com
www.googletagmanager.com
2 reviantrelsently.com 2 redirects
1 content.hotjar.io script.hotjar.com
1 shield.hygge-int.com gramagift.com
1 fonts.googleapis.com gramagift.com
1 script.hotjar.com static.hotjar.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 cdn.jsdelivr.net paymentrewardzzone.com
1 link.heavenstrack.com 1 redirects
1 www.protected-url.com 1 redirects
1 www.henk3ks.com 1 redirects
24 15

This site contains no links.

Subject Issuer Validity Valid
paymentrewardzzone.com
Amazon RSA 2048 M02		 2024-03-14 -
2025-04-12		 a year crt.sh
lnd-cntrl.pro
R11		 2024-06-24 -
2024-09-22		 3 months crt.sh
gramagift.com
Amazon RSA 2048 M03		 2024-04-18 -
2025-05-17		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.hygge-int.com
Amazon RSA 2048 M03		 2024-03-18 -
2025-04-16		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-01-31 -
2025-03-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://paymentrewardzzone.com/ef/BBT7CR/3N9226M/index.html?uid=2486&sourceid=72693DC4&sub1=79&sub2=1960&sub3=92ea73e707754590a69a72776e6218fc&sub4=&sub7=&sub5=&sub8=&sub6=&sub19=&sub20=postage&sub9=de
Frame ID: 4A37FC87DFE797BC720E1C7723EF6CE6
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.henk3ks.com/cmp/2gshb1/d7256/0.05087874654938629 HTTP 307
    https://www.henk3ks.com/cmp/2gshb1/d7256/0.05087874654938629 HTTP 302
    https://reviantrelsently.com/a0f877d1-350d-47b8-ada9-05140f271b2b?source_id=60&pub_id=&transaction_id=a7e... HTTP 307
    https://reviantrelsently.com/a0f877d1-350d-47b8-ada9-05140f271b2b/2?source_id=60&pub_id=&transaction_id=a... HTTP 302
    https://www.protected-url.com/45ZHXH1/91LD26Q/?source_id=60&sub2=w6eumd32ki92a1n2jt5sij6l&sub4=postage HTTP 302
    https://link.heavenstrack.com/click?pid=79&offer_id=466&sub1=8336f27a18e14ff7ae523d75e30c0590&sub2=1960&su... HTTP 302
    https://paymentrewardzzone.com/660a722b49acd/preeflnk.html?source_id=72693DC4&sub1=79&sub2=1960&sub3=669328... Page URL
  2. https://paymentrewardzzone.com/ef/BBT7CR/3N9226M/index.html?uid=2486&sourceid=72693DC4&sub1=79&sub2=1960&su... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

24
Requests

100 %
HTTPS

27 %
IPv6

14
Domains

15
Subdomains

12
IPs

3
Countries

1660 kB
Transfer

2239 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.henk3ks.com/cmp/2gshb1/d7256/0.05087874654938629 HTTP 307
    https://www.henk3ks.com/cmp/2gshb1/d7256/0.05087874654938629 HTTP 302
    https://reviantrelsently.com/a0f877d1-350d-47b8-ada9-05140f271b2b?source_id=60&pub_id=&transaction_id=a7e5668d350b4c6883d92beae54b0cf7 HTTP 307
    https://reviantrelsently.com/a0f877d1-350d-47b8-ada9-05140f271b2b/2?source_id=60&pub_id=&transaction_id=a7e5668d350b4c6883d92beae54b0cf7 HTTP 302
    https://www.protected-url.com/45ZHXH1/91LD26Q/?source_id=60&sub2=w6eumd32ki92a1n2jt5sij6l&sub4=postage HTTP 302
    https://link.heavenstrack.com/click?pid=79&offer_id=466&sub1=8336f27a18e14ff7ae523d75e30c0590&sub2=1960&sub4=postage&sub5=&sub6=&sub7= HTTP 302
    https://paymentrewardzzone.com/660a722b49acd/preeflnk.html?source_id=72693DC4&sub1=79&sub2=1960&sub3=66932894924d0d0001695378&sub4=&sub19=&sub20=postage&sub5= Page URL
  2. https://paymentrewardzzone.com/ef/BBT7CR/3N9226M/index.html?uid=2486&sourceid=72693DC4&sub1=79&sub2=1960&sub3=92ea73e707754590a69a72776e6218fc&sub4=&sub7=&sub5=&sub8=&sub6=&sub19=&sub20=postage&sub9=de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.henk3ks.com/cmp/2gshb1/d7256/0.05087874654938629 HTTP 307
  • https://www.henk3ks.com/cmp/2gshb1/d7256/0.05087874654938629 HTTP 302
  • https://reviantrelsently.com/a0f877d1-350d-47b8-ada9-05140f271b2b?source_id=60&pub_id=&transaction_id=a7e5668d350b4c6883d92beae54b0cf7 HTTP 307
  • https://reviantrelsently.com/a0f877d1-350d-47b8-ada9-05140f271b2b/2?source_id=60&pub_id=&transaction_id=a7e5668d350b4c6883d92beae54b0cf7 HTTP 302
  • https://www.protected-url.com/45ZHXH1/91LD26Q/?source_id=60&sub2=w6eumd32ki92a1n2jt5sij6l&sub4=postage HTTP 302
  • https://link.heavenstrack.com/click?pid=79&offer_id=466&sub1=8336f27a18e14ff7ae523d75e30c0590&sub2=1960&sub4=postage&sub5=&sub6=&sub7= HTTP 302
  • https://paymentrewardzzone.com/660a722b49acd/preeflnk.html?source_id=72693DC4&sub1=79&sub2=1960&sub3=66932894924d0d0001695378&sub4=&sub19=&sub20=postage&sub5=

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
preeflnk.html
paymentrewardzzone.com/660a722b49acd/
Redirect Chain
  • http://www.henk3ks.com/cmp/2gshb1/d7256/0.05087874654938629
  • https://www.henk3ks.com/cmp/2gshb1/d7256/0.05087874654938629
  • https://reviantrelsently.com/a0f877d1-350d-47b8-ada9-05140f271b2b?source_id=60&pub_id=&transaction_id=a7e5668d350b4c6883d92beae54b0cf7
  • https://reviantrelsently.com/a0f877d1-350d-47b8-ada9-05140f271b2b/2?source_id=60&pub_id=&transaction_id=a7e5668d350b4c6883d92beae54b0cf7
  • https://www.protected-url.com/45ZHXH1/91LD26Q/?source_id=60&sub2=w6eumd32ki92a1n2jt5sij6l&sub4=postage
  • https://link.heavenstrack.com/click?pid=79&offer_id=466&sub1=8336f27a18e14ff7ae523d75e30c0590&sub2=1960&sub4=postage&sub5=&sub6=&sub7=
  • https://paymentrewardzzone.com/660a722b49acd/preeflnk.html?source_id=72693DC4&sub1=79&sub2=1960&sub3=66932894924d0d0001695378&sub4=&sub19=&sub20=postage&sub5=
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paymentrewardzzone.com/660a722b49acd/preeflnk.html?source_id=72693DC4&sub1=79&sub2=1960&sub3=66932894924d0d0001695378&sub4=&sub19=&sub20=postage&sub5=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-126.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb86f56c3bc0b3b3048c556437ec429ff9329d77ed21a6705f7631d2605a392b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 14 Jul 2024 01:23:34 GMT
etag
W/"59206cb1067da2533a3c86a4440c355f"
last-modified
Mon, 01 Apr 2024 08:37:28 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
x-amz-cf-id
Z6cEsnrMFEAp9ZQ5QfjSeDJCbVVDTXRPHz_b-b81gmrpuHQ_c5MqIA==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a2db541bca52c35-FRA
content-length
0
date
Sun, 14 Jul 2024 01:23:32 GMT
location
https://paymentrewardzzone.com/660a722b49acd/preeflnk.html?source_id=72693DC4&sub1=79&sub2=1960&sub3=66932894924d0d0001695378&sub4=&sub19=&sub20=postage&sub5=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tr%2FB9M34v2mVZgsYW0XP%2FloA%2BNR62WqNDyAYL1j3qdq21uXLSI7qv0U5TWO3irTAqJX1kSGNzXCpCMMmOn3wOeIpfJ3LrikAD3GdQ%2BNDU%2FY80nJEn9YzblqYctHxp318DbtehzkLy%2Fk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-adjust-use-original-forwarded-for
1
3NGKK53
lnd-cntrl.pro/api/v1/internal/test/BBT7CR/ 		286 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lnd-cntrl.pro/api/v1/internal/test/BBT7CR/3NGKK53?source_id=72693DC4&sub1=79&sub2=1960&sub3=66932894924d0d0001695378&sub4=&sub19=&sub20=postage&sub5=
Requested by
Host: paymentrewardzzone.com
URL: https://paymentrewardzzone.com/660a722b49acd/preeflnk.html?source_id=72693DC4&sub1=79&sub2=1960&sub3=66932894924d0d0001695378&sub4=&sub19=&sub20=postage&sub5=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.246.141.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-141-41.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/8.0.29
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://paymentrewardzzone.com/
Authorization
Basic: bHAtYnVpbGRlci1hcGk6c1RhcGhvMG95aU51SmFjcg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 14 Jul 2024 01:23:33 GMT
Strict-Transport-Security
max-age=63072000
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/8.0.29
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://paymentrewardzzone.com
Access-Control-Expose-Headers
link
Cache-Control
max-age=0, must-revalidate, private
Connection
keep-alive
Expires
Sun, 14 Jul 2024 01:23:33 GMT
3NGKK53
lnd-cntrl.pro/api/v1/internal/test/BBT7CR/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lnd-cntrl.pro/api/v1/internal/test/BBT7CR/3NGKK53?source_id=72693DC4&sub1=79&sub2=1960&sub3=66932894924d0d0001695378&sub4=&sub19=&sub20=postage&sub5=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.246.141.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-141-41.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/8.0.29
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://paymentrewardzzone.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
POST, PUT, GET, DELETE
Access-Control-Allow-Origin
https://paymentrewardzzone.com
Access-Control-Max-Age
3600
Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Jul 2024 01:23:33 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000
Transfer-Encoding
chunked
Vary
Accept-Encoding Origin
X-Powered-By
PHP/8.0.29
favicon.ico
paymentrewardzzone.com/ 		243 B
484 B 		Other
General
Check archive.org
Download Go to
Full URL
https://paymentrewardzzone.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-126.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95fd2ebdb0dec77c1a56b23f25ea0d33682ddc29bfbc66c59e058eceefe1517b

Request headers

Referer
https://paymentrewardzzone.com/660a722b49acd/preeflnk.html?source_id=72693DC4&sub1=79&sub2=1960&sub3=66932894924d0d0001695378&sub4=&sub19=&sub20=postage&sub5=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 01:23:33 GMT
via
1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-cf-id
nJ7V3E_adv-GnXTHb4dr4Jxkyz8-K8zBln0Ei7nhpYbFdMFkdG-WVA==
x-cache
Error from cloudfront
content-type
application/xml
Primary Request index.html
paymentrewardzzone.com/ef/BBT7CR/3N9226M/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paymentrewardzzone.com/ef/BBT7CR/3N9226M/index.html?uid=2486&sourceid=72693DC4&sub1=79&sub2=1960&sub3=92ea73e707754590a69a72776e6218fc&sub4=&sub7=&sub5=&sub8=&sub6=&sub19=&sub20=postage&sub9=de
Requested by
Host: paymentrewardzzone.com
URL: https://paymentrewardzzone.com/660a722b49acd/preeflnk.html?source_id=72693DC4&sub1=79&sub2=1960&sub3=66932894924d0d0001695378&sub4=&sub19=&sub20=postage&sub5=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-126.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c51880992495dab3fddc999dafaaee4b735b2b8a281efbba204aaf40990ac67

Request headers

Referer
https://paymentrewardzzone.com/660a722b49acd/preeflnk.html?source_id=72693DC4&sub1=79&sub2=1960&sub3=66932894924d0d0001695378&sub4=&sub19=&sub20=postage&sub5=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 14 Jul 2024 01:23:35 GMT
etag
W/"ba5a660c9695cf3ff3ed4ac1361f3d55"
last-modified
Fri, 07 Jun 2024 11:44:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
x-amz-cf-id
1oO3p1OBiMTkoRP31qfr0AB_pzyJbgJpm--woAvB-IndCSBEMCrD8Q==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
build.bundle.js
gramagift.com/prod/assets/187/js/ 		723 KB
724 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gramagift.com/prod/assets/187/js/build.bundle.js
Requested by
Host: paymentrewardzzone.com
URL: https://paymentrewardzzone.com/ef/BBT7CR/3N9226M/index.html?uid=2486&sourceid=72693DC4&sub1=79&sub2=1960&sub3=92ea73e707754590a69a72776e6218fc&sub4=&sub7=&sub5=&sub8=&sub6=&sub19=&sub20=postage&sub9=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
832fb8618a27fec52ddb5b43002f3eedd6a3357a1a3f8c5dbb260c16738eb889

Request headers

Referer
https://paymentrewardzzone.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 01:23:35 GMT
via
1.1 5f5fdd347d6ea8b242af79ee38a02fae.cloudfront.net (CloudFront)
last-modified
Mon, 27 May 2024 15:08:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
etag
"fb1b4ba716c1948c0921d565b05dae7c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
740188
x-amz-cf-id
-8-mE8ouTWBV_QH4b-R_aEyckPCmZPRJVK_icI9ClHBznUIs1MfgDg==
build.css
gramagift.com/prod/assets/187/css/ 		390 KB
391 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gramagift.com/prod/assets/187/css/build.css
Requested by
Host: paymentrewardzzone.com
URL: https://paymentrewardzzone.com/ef/BBT7CR/3N9226M/index.html?uid=2486&sourceid=72693DC4&sub1=79&sub2=1960&sub3=92ea73e707754590a69a72776e6218fc&sub4=&sub7=&sub5=&sub8=&sub6=&sub19=&sub20=postage&sub9=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b18aa85b570b30a8783ac19c83467321f1fb741ce3592229b72ae06b4e488e9

Request headers

Referer
https://paymentrewardzzone.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 01:23:35 GMT
via
1.1 5f5fdd347d6ea8b242af79ee38a02fae.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jun 2024 11:44:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
etag
"c56f0d9a6bc45501ff516d0e3cd7b95c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
399803
x-amz-cf-id
uAtTVBbAtbRGc9IZEr9_LHepHP2UWPFoN9kxYoKRejNIkVenSAx1bQ==
loading-text-gif-14.gif
gramagift.com/prod/assets/187/images/ 		198 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gramagift.com/prod/assets/187/images/loading-text-gif-14.gif
Requested by
Host: paymentrewardzzone.com
URL: https://paymentrewardzzone.com/ef/BBT7CR/3N9226M/index.html?uid=2486&sourceid=72693DC4&sub1=79&sub2=1960&sub3=92ea73e707754590a69a72776e6218fc&sub4=&sub7=&sub5=&sub8=&sub6=&sub19=&sub20=postage&sub9=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4aed4e56cfa90e5ed6086f40ae033ff2899d87c5e769226abf51a38f0b0cfb6

Request headers

Referer
https://paymentrewardzzone.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 01:23:35 GMT
via
1.1 5f5fdd347d6ea8b242af79ee38a02fae.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2024 16:43:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
etag
"03081580b1e4f77e0d8af40b6e28cefe"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
203011
x-amz-cf-id
L1PA0NBtBUXRXaFgoVHviuL-X1XArDC2TOGnBc9_IxKi7ZB5qSlHfA==
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: paymentrewardzzone.com
URL: https://paymentrewardzzone.com/ef/BBT7CR/3N9226M/index.html?uid=2486&sourceid=72693DC4&sub1=79&sub2=1960&sub3=92ea73e707754590a69a72776e6218fc&sub4=&sub7=&sub5=&sub8=&sub6=&sub19=&sub20=postage&sub9=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paymentrewardzzone.com/
Origin
https://paymentrewardzzone.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 14 Jul 2024 01:23:34 GMT
x-content-type-options
nosniff
content-encoding
br
age
7134796
x-jsd-version
5.0.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23943
x-served-by
cache-fra-eddf8230080-FRA, cache-mxp6958-MXP
x-jsd-version-type
version
etag
W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
gtm.js
www.googletagmanager.com/ 		213 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MCNVF5XG
Requested by
Host: paymentrewardzzone.com
URL: https://paymentrewardzzone.com/ef/BBT7CR/3N9226M/index.html?uid=2486&sourceid=72693DC4&sub1=79&sub2=1960&sub3=92ea73e707754590a69a72776e6218fc&sub4=&sub7=&sub5=&sub8=&sub6=&sub19=&sub20=postage&sub9=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
31bb9bae9d958d03323d77406029c5821239fecf6cd64a992eed8c21e8cfc16a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://paymentrewardzzone.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 01:23:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76427
x-xss-protection
0
last-modified
Sun, 14 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Jul 2024 01:23:34 GMT
js
www.googletagmanager.com/gtag/ 		307 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XQZFQHHB9W&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCNVF5XG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
63464bee0a937bb68d41e42583ba3617e9ae689ce25f8b35cb50a30689bd35a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://paymentrewardzzone.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 01:23:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103974
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jul 2024 01:23:34 GMT
hotjar-3927171.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3927171.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCNVF5XG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-11.fra56.r.cloudfront.net
Software
/
Resource Hash
d5bf514dc23435a8a4a3e98952ef06f7bfd2c6bee0ba4e51c59449cc645f5e5c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://paymentrewardzzone.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 01:23:34 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/5b6b84b223a99a17b79f911bf2952c9f
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
z0e1S8p3c-2ZFS1tI7r4yiU7dmtPWyDNohkVuV8bbshuZqT9i2-7nQ==
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XQZFQHHB9W&gtm=45je4790v9180790198z89181433081za200zb9181433081&_p=1720920214076&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=5477737.1720920214&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720920214&sct=1&seg=0&dl=https%3A%2F%2Fpaymentrewardzzone.com%2Fef%2FBBT7CR%2F3N9226M%2Findex.html%3Fuid%3D2486%26sourceid%3D72693DC4%26sub1%3D79%26sub2%3D1960%26sub3%3D92ea73e707754590a69a72776e6218fc%26sub4%3D%26sub7%3D%26sub5%3D%26sub8%3D%26sub6%3D%26sub19%3D%26sub20%3Dpostage%26sub9%3Dde&dr=https%3A%2F%2Fpaymentrewardzzone.com%2F660a722b49acd%2Fpreeflnk.html%3Fsource_id%3D72693DC4%26sub1%3D79%26sub2%3D1960%26sub3%3D66932894924d0d0001695378%26sub4%3D%26sub19%3D%26sub20%3Dpostage%26sub5%3D&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=566&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XQZFQHHB9W&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://paymentrewardzzone.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jul 2024 01:23:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paymentrewardzzone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.e4b2dc39f985f11fb1e4.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3927171.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
/
Resource Hash
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://paymentrewardzzone.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 01 Jul 2024 08:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
1098747
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56291
last-modified
Mon, 01 Jul 2024 08:10:34 GMT
etag
"ca025d2d8ae4b3dc51e058b782590501"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
UkTksCxm2XpKPPn9gZUACSPlCUW9ccdIuky6HQDBzpyXSAa8P6U13w==
css2
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
Requested by
Host: gramagift.com
URL: https://gramagift.com/prod/assets/187/css/build.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gramagift.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jul 2024 01:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jul 2024 23:55:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jul 2024 01:23:34 GMT
check-affiliate
lnd-cntrl.pro/api/v1/internal/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lnd-cntrl.pro/api/v1/internal/check-affiliate
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.246.141.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-141-41.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/8.0.29
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-referer
Access-Control-Request-Method
POST
Origin
https://paymentrewardzzone.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-referer
Access-Control-Allow-Methods
POST, PUT, GET, DELETE
Access-Control-Allow-Origin
https://paymentrewardzzone.com
Access-Control-Max-Age
3600
Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Jul 2024 01:23:34 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000
Transfer-Encoding
chunked
Vary
Accept-Encoding Origin
X-Powered-By
PHP/8.0.29
check-affiliate
lnd-cntrl.pro/api/v1/internal/ 		2 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lnd-cntrl.pro/api/v1/internal/check-affiliate
Requested by
Host: gramagift.com
URL: https://gramagift.com/prod/assets/187/js/build.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.246.141.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-141-41.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/8.0.29
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Referer
https://paymentrewardzzone.com/
X-Referer
https://paymentrewardzzone.com/ef/BBT7CR/3N9226M/index.html?uid=2486&sourceid=72693DC4&sub1=79&sub2=1960&sub3=92ea73e707754590a69a72776e6218fc&sub4=&sub7=&sub5=&sub8=&sub6=&sub19=&sub20=postage&sub9=de
Authorization
Basic bHAtYnVpbGRlci1hcGk6c1RhcGhvMG95aU51SmFjcg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 14 Jul 2024 01:23:34 GMT
Strict-Transport-Security
max-age=63072000
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/8.0.29
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://paymentrewardzzone.com
Access-Control-Expose-Headers
link
Cache-Control
max-age=0, must-revalidate, private
Connection
keep-alive
Expires
Sun, 14 Jul 2024 01:23:34 GMT
color
shield.hygge-int.com/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shield.hygge-int.com/color?forScheme=aHR0cHM6Ly9wYXltZW50cmV3YXJkenpvbmUuY29tL2VmL0JCVDdDUi8zTjkyMjZNL2luZGV4Lmh0bWw/dWlkPTI0ODYmc291cmNlaWQ9NzI2OTNEQzQmc3ViMT03OSZzdWIyPTE5NjAmc3ViMz05MmVhNzNlNzA3NzU0NTkwYTY5YTcyNzc2ZTYyMThmYyZzdWI0PSZzdWI3PSZzdWI1PSZzdWI4PSZzdWI2PSZzdWIxOT0mc3ViMjA9cG9zdGFnZSZzdWI5PWRl
Requested by
Host: gramagift.com
URL: https://gramagift.com/prod/assets/187/js/build.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.67.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-67-43.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://paymentrewardzzone.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 14 Jul 2024 01:23:34 GMT
server
nginx
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
mc_symbol.svg
gramagift.com/prod/assets/187/images/ 		944 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gramagift.com/prod/assets/187/images/mc_symbol.svg
Requested by
Host: paymentrewardzzone.com
URL: https://paymentrewardzzone.com/ef/BBT7CR/3N9226M/index.html?uid=2486&sourceid=72693DC4&sub1=79&sub2=1960&sub3=92ea73e707754590a69a72776e6218fc&sub4=&sub7=&sub5=&sub8=&sub6=&sub19=&sub20=postage&sub9=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25bebdb1a915f5e8e75f1105b5c7d7c9a4f910cd75ef50dc21b15b9195742df1

Request headers

Referer
https://paymentrewardzzone.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 01:23:35 GMT
via
1.1 5f5fdd347d6ea8b242af79ee38a02fae.cloudfront.net (CloudFront)
last-modified
Mon, 22 Apr 2024 09:32:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
etag
"3c0362850f947b6d17a42a9fa049381c"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
944
x-amz-cf-id
-xkvISPX8S9Rr4AKorxTi0Yr252QqyMvrszKZrBwsy5BCcWB2cwvxg==
Visa_Brandmark_Blue_RGB_2021.svg
gramagift.com/prod/assets/187/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gramagift.com/prod/assets/187/images/Visa_Brandmark_Blue_RGB_2021.svg
Requested by
Host: paymentrewardzzone.com
URL: https://paymentrewardzzone.com/ef/BBT7CR/3N9226M/index.html?uid=2486&sourceid=72693DC4&sub1=79&sub2=1960&sub3=92ea73e707754590a69a72776e6218fc&sub4=&sub7=&sub5=&sub8=&sub6=&sub19=&sub20=postage&sub9=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
202bad9789dd50297f74ecdb3a1f97bbb3081d250a3398faaf9c1945a88720a8

Request headers

Referer
https://paymentrewardzzone.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 01:23:35 GMT
via
1.1 5f5fdd347d6ea8b242af79ee38a02fae.cloudfront.net (CloudFront)
last-modified
Mon, 22 Apr 2024 09:32:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
etag
"220db81ff249afa9b6399ce2705bc60f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
1900
x-amz-cf-id
GiNvkIycHn17Ie4v0f7cKpJ_rxrWqZszEL7QW6I_Hlj9yHM1Y5gATw==
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=3927171&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.75.102.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-102-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c7c72540f3897f8c01c23272befc0be2729c199bdd6c8e466de3cd185835eee8

Request headers

Referer
https://paymentrewardzzone.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 14 Jul 2024 01:23:34 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
click
lnd-cntrl.pro/api/v1/internal/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lnd-cntrl.pro/api/v1/internal/click
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.246.141.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-141-41.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/8.0.29
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://paymentrewardzzone.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type
Access-Control-Allow-Methods
POST, PUT, GET, DELETE
Access-Control-Allow-Origin
https://paymentrewardzzone.com
Access-Control-Max-Age
3600
Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Jul 2024 01:23:34 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000
Transfer-Encoding
chunked
Vary
Accept-Encoding Origin
X-Powered-By
PHP/8.0.29
click
lnd-cntrl.pro/api/v1/internal/ 		35 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lnd-cntrl.pro/api/v1/internal/click
Requested by
Host: gramagift.com
URL: https://gramagift.com/prod/assets/187/js/build.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.246.141.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-141-41.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/8.0.29
Resource Hash
48216b60e4aed3b7a80e4525babe498e0ff9e5a3e3d49709e63ab2297eb0c0f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Referer
https://paymentrewardzzone.com/
Authorization
Basic bHAtYnVpbGRlci1hcGk6c1RhcGhvMG95aU51SmFjcg==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 14 Jul 2024 01:23:35 GMT
Strict-Transport-Security
max-age=63072000
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/8.0.29
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://paymentrewardzzone.com
Access-Control-Expose-Headers
link
Cache-Control
max-age=0, must-revalidate, private
Connection
keep-alive
Expires
Sun, 14 Jul 2024 01:23:35 GMT
truncated
/ 		188 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a17094b2078f387de35294bbf1afc7744262c85a564830e0257c7066992343d0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
favicon.jpg
gramagift.com/prod/assets/187/images/ 		74 KB
74 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gramagift.com/prod/assets/187/images/favicon.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a78dc8a21d82349c53dd7aa0baf912cd8dd251e7a5164a54038d196b73be7126

Request headers

Referer
https://paymentrewardzzone.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 01:23:36 GMT
via
1.1 5f5fdd347d6ea8b242af79ee38a02fae.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2024 16:43:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
etag
"eb333baa6975d6f69fc4d411b4af014c"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
75528
x-amz-cf-id
vYf2ugfnXrAoxxMNXJtPXKBnpo6qc5wk_XJIbnAxQbEDcOdOlDmjSg==

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| onYouTubeIframeAPIReady object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled number| uidEvent object| bootstrap object| Base64 function| jQuery function| $

12 Cookies

Domain/Path Name / Value
www.henk3ks.com/ Name: uniqueClick_d7256
Value: 9ec82c2e-3a3f-445b-92fb-a194754cc5b0:1720920211
www.henk3ks.com/ Name: transaction_id
Value: a7e5668d350b4c6883d92beae54b0cf7
.reviantrelsently.com/ Name: a0f877d1-350d-47b8-ada9-05140f271b2b-v4
Value: t8wK5FmWpwhUKT7XcfnywtzR8GWNLK_-GCcBCoYQJj0
.reviantrelsently.com/ Name: cc-v4
Value: kfi0QQHAIrWsHbQSXdBBRKFUbV%2BVNAQu4xzPyZ%2B%2BV6A%2BlI7bqICWaWaDnHixY9OJ%2BP9Hn%2B7bH94q4fJBWvPfjE4XB5BqhHHH0KovRPfwXewhnmn53wzE4%2Ba%2BIl%2FeTFK9KX9A7TzAHVDPZKG8BC%2B7Eg%3D%3D
www.protected-url.com/ Name: uniqueClick_91LD26Q
Value: 4e37eb3e-03e4-4761-929b-f17f8fbab5ca:1720920212
www.protected-url.com/ Name: transaction_id
Value: 8336f27a18e14ff7ae523d75e30c0590
link.heavenstrack.com/ Name: afclick
Value: 66932894924d0d0001695378
link.heavenstrack.com/ Name: afoffers
Value: {"466":1720920212}
.paymentrewardzzone.com/ Name: _ga
Value: GA1.1.5477737.1720920214
.paymentrewardzzone.com/ Name: _ga_XQZFQHHB9W
Value: GS1.1.1720920214.1.0.1720920214.0.0.0
.paymentrewardzzone.com/ Name: _hjSessionUser_3927171
Value: eyJpZCI6IjQ5YTBmZjk0LTI3NzMtNWIyZS05YTZiLTg1MjQ0YzI5ODcwNyIsImNyZWF0ZWQiOjE3MjA5MjAyMTQ3OTYsImV4aXN0aW5nIjp0cnVlfQ==
.paymentrewardzzone.com/ Name: _hjSession_3927171
Value: eyJpZCI6IjA5MDE1OWMyLTZkZjQtNDJkZC04ZjhlLTI2YTE4ZDkwMjNlYyIsImMiOjE3MjA5MjAyMTQ3OTYsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

1 Console Messages

Source Level URL
Text
network error URL: https://paymentrewardzzone.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
content.hotjar.io
fonts.googleapis.com
gramagift.com
link.heavenstrack.com
lnd-cntrl.pro
paymentrewardzzone.com
region1.google-analytics.com
reviantrelsently.com
script.hotjar.com
shield.hygge-int.com
static.hotjar.com
www.googletagmanager.com
www.henk3ks.com
www.protected-url.com
13.32.27.54
172.67.219.231
18.172.112.54
18.245.86.126
18.66.102.11
2001:4860:4802:34::36
2a00:1450:4001:806::2008
2a00:1450:4001:812::200a
2a04:4e42:600::485
3.69.182.131
34.117.154.36
34.246.141.41
35.227.241.194
54.75.102.160
63.32.67.43
1b18aa85b570b30a8783ac19c83467321f1fb741ce3592229b72ae06b4e488e9
1c51880992495dab3fddc999dafaaee4b735b2b8a281efbba204aaf40990ac67
202bad9789dd50297f74ecdb3a1f97bbb3081d250a3398faaf9c1945a88720a8
25bebdb1a915f5e8e75f1105b5c7d7c9a4f910cd75ef50dc21b15b9195742df1
31bb9bae9d958d03323d77406029c5821239fecf6cd64a992eed8c21e8cfc16a
48216b60e4aed3b7a80e4525babe498e0ff9e5a3e3d49709e63ab2297eb0c0f2
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
63464bee0a937bb68d41e42583ba3617e9ae689ce25f8b35cb50a30689bd35a8
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
832fb8618a27fec52ddb5b43002f3eedd6a3357a1a3f8c5dbb260c16738eb889
851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7
95fd2ebdb0dec77c1a56b23f25ea0d33682ddc29bfbc66c59e058eceefe1517b
a17094b2078f387de35294bbf1afc7744262c85a564830e0257c7066992343d0
a4aed4e56cfa90e5ed6086f40ae033ff2899d87c5e769226abf51a38f0b0cfb6
a78dc8a21d82349c53dd7aa0baf912cd8dd251e7a5164a54038d196b73be7126
c7c72540f3897f8c01c23272befc0be2729c199bdd6c8e466de3cd185835eee8
d5bf514dc23435a8a4a3e98952ef06f7bfd2c6bee0ba4e51c59449cc645f5e5c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb86f56c3bc0b3b3048c556437ec429ff9329d77ed21a6705f7631d2605a392b