urlscan.io logo urlscan.io
SecurityTrails logo

neverherbalance.com Open in urlscan Pro
104.21.87.96  Public Scan

Go To Rescan Add Verdict Report
URL: https://neverherbalance.com/kjfbg89fg-+dg-54+gf3%6043f.php
Submission: On March 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 104.21.87.96, located in and belongs to CLOUDFLARENET, US. The main domain is neverherbalance.com.
TLS certificate: Issued by E1 on February 3rd 2024. Valid for: 3 months.
This is the only time neverherbalance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.21.87.96 13335 (CLOUDFLAR...)
1 108.138.106.49 16509 (AMAZON-02)
1 18.164.96.87 16509 (AMAZON-02)
3 18.216.247.76 16509 (AMAZON-02)
6 5
Apex Domain
Subdomains		 Transfer
3 blackhawknetwork.com
ht.blackhawknetwork.com — Cisco Umbrella Rank: 114089
1010 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 742
script.hotjar.com — Cisco Umbrella Rank: 1067
59 KB
1 neverherbalance.com
neverherbalance.com
2 MB
6 3
Domain Requested by
3 ht.blackhawknetwork.com neverherbalance.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com neverherbalance.com
1 neverherbalance.com
6 4

This site contains links to these domains. Also see Links.

Domain
mygift.giftcardmall.com
www.giftcards.com
www.giftcardmall.com
Subject Issuer Validity Valid
neverherbalance.com
E1		 2024-02-03 -
2024-05-03		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
ht.blackhawknetwork.com
Amazon RSA 2048 M01		 2023-09-18 -
2024-10-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://neverherbalance.com/kjfbg89fg-+dg-54+gf3%6043f.php
Frame ID: DEF20410E7EC901B640C805E47740ADE
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MccG

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

2577 kB
Transfer

4721 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request kjfbg89fg-+dg-54+gf3%6043f.php
neverherbalance.com/ 		3 MB
2 MB 		Document
General
Check archive.org
Download Go to
Full URL
https://neverherbalance.com/kjfbg89fg-+dg-54+gf3%6043f.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.87.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edc634d0694fc23d7b86f6e55a36b5494bca9d508def78d071c1688897068743

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8645412eefdf311c-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 14 Mar 2024 15:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3MWDhVumMKSJIyTPG7CjXKEU1eW0y6aRX8x0ykkvHySV3ps7UhZsXY3yoogK4VxPZ9zUgLLuJ9na%2FDqFVvBDdau%2FBh%2F3HBLE5fNbKmSOoodsa2t72E5rgvgCO9gcUtDHdENUY5rS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
hotjar-3730167.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3730167.js?sv=6
Requested by
Host: neverherbalance.com
URL: https://neverherbalance.com/kjfbg89fg-+dg-54+gf3%6043f.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
74210656c2c64c4ca499bdcd07b63acc0f873e7ddec840cfb10fc39ab92210fc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://neverherbalance.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 14 Mar 2024 15:21:39 GMT
via
1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/1027739b87be5180789346937206d2d1
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
o34soxlUWJbsMbJLGA53xbu_znBB5yZgQsPyPxXzv6zB2bTZJKZz5Q==
modules.76600994a7e845923464.js
script.hotjar.com/ 		222 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.76600994a7e845923464.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3730167.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
fc968a94886e49c075569cafadd25b9b21b2ba42bcac9114bb2586c57683f7eb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://neverherbalance.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:30:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 cfc46590021b7df312893ffb67317bb2.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
96692
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55785
last-modified
Wed, 13 Mar 2024 12:29:47 GMT
etag
"ef9df1813a7be6a9f62fdfc3c4c6965d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
oEGlORUZmZtHIZ9XTfUAARUrolJePVjB2Y6SJFY39RgfFFbU-5x4zQ==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60209d124b9e7598b70c79bb9d79d2ed1f610f49bbb2a840216d93b5fc951154

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		474 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed57ce02142038981dd6346be622a951494008a92e36f64e4463ebf2277255a2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Request headers

Referer
Origin
https://neverherbalance.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Request headers

Referer
Origin
https://neverherbalance.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		750 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a767d2ee10915d0e3e62eb9870e82584c69c3f54166bc5f30acd0e2043a7cba5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		67 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a1cf6512abc9d8f1e59907c9e9449061bcdd2b9897da041fe0f8f0ef13107b6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		18 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8abd1446ca408e1bde5c9f14abe51e820cf753b81a8593c64771a3d9b3e9b090

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e23dfee3f2702c9b728c9fa42185ed67230f14f92b6af97523f7d72f171e7bdd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		36 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5572baf9a662be38895e83faacccea221c5e2e0aa9a245790f876589fa5808cc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
620dc71a1fafadff8d414b200555cf01cff9558bc7eb0f93106057bb188c65e8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer
Origin
https://neverherbalance.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
font/woff2
bXlnaWZ0LmdpZnRjYXJkbWFsbC5jb20
ht.blackhawknetwork.com/assets/ 		395 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ht.blackhawknetwork.com/assets/bXlnaWZ0LmdpZnRjYXJkbWFsbC5jb20
Requested by
Host: neverherbalance.com
URL: https://neverherbalance.com/kjfbg89fg-+dg-54+gf3%6043f.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.216.247.76 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-247-76.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
6fa6648f3a7a6078979b21f2e876648b97fc8f9e7735cf92ba7e5b5e905599bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://neverherbalance.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 15:21:40 GMT
x-amzn-trace-id
Root=1-65f31604-5b6a558c04859c8d7e68a8c1;Parent=1b89a6a593ec3af7;Sampled=0;lineage=13ba6a0f:0
x-amzn-requestid
5afd87df-a9ae-41ee-88f4-5e44f3bdde47
content-length
395
x-amz-apigw-id
UoBgtE_WCYcER9A=
content-type
application/javascript
logo.png
ht.blackhawknetwork.com/assets/images/ 		0
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht.blackhawknetwork.com/assets/images/logo.png?l=https://neverherbalance.com/kjfbg89fg-+dg-54+gf3%256043f.php&r=&d=mygift.giftcardmall.com
Requested by
Host: neverherbalance.com
URL: https://neverherbalance.com/kjfbg89fg-+dg-54+gf3%6043f.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.216.247.76 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-247-76.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://neverherbalance.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 15:21:40 GMT
x-amzn-trace-id
Root=1-65f31604-3a8c3a49110da5cf3f06cd02;Parent=6702b08d00e0a448;Sampled=0;lineage=65e6dab5:0
x-amzn-requestid
9ec55adb-0f56-4d40-b4f4-cd6ef5c4ec33
content-length
0
x-amz-apigw-id
UoBguFVHiYcEMXA=
content-type
image/gif
logo.png
ht.blackhawknetwork.com/assets/images/ 		0
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht.blackhawknetwork.com/assets/images/logo.png?l=https://neverherbalance.com/kjfbg89fg-+dg-54+gf3%256043f.php&r=&d=mygift.giftcardmall.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.216.247.76 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-247-76.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://neverherbalance.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 15:21:41 GMT
x-amzn-trace-id
Root=1-65f31604-5c2448eb0dd355317883e885;Parent=5c53285eb9f110c4;Sampled=0;lineage=65e6dab5:0
x-amzn-requestid
097ec6c7-3d61-40eb-b0b1-fc4f3283c4b3
content-length
0
x-amz-apigw-id
UoBgyFX9CYcEIgA=
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| savepage_ShadowLoader string| x object| temp string| root_domain undefined| m string| r

2 Cookies

Domain/Path Name / Value
.neverherbalance.com/ Name: _hjSessionUser_3730167
Value: eyJpZCI6IjY4M2U4YmVkLWI0YzgtNTkwOS1hMDY0LTc0YWY0MmI5NGVlYiIsImNyZWF0ZWQiOjE3MTA0Mjk3MDAzMTEsImV4aXN0aW5nIjpmYWxzZX0=
.neverherbalance.com/ Name: _hjSession_3730167
Value: eyJpZCI6IjFlNGEwNTQwLWI1ZWEtNDc2ZS1hNGQ5LTViOWVkYzdmM2MzYyIsImMiOjE3MTA0Mjk3MDAzMTIsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=