![](/screenshots/52b8bf93-b9d7-4d6b-b571-ce8ca997640f.png)
app.giftbit.com
Open in
urlscan Pro
2606:4700:10::6816:35eb
Public Scan
Effective URL: https://app.giftbit.com/claimGift/index/20d4ee8532fe47699947cff2c56a9c3c
Submission: On January 29 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 26th 2023. Valid for: a year.
This is the only time app.giftbit.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.231.197.157 54.231.197.157 | 16509 (AMAZON-02) (AMAZON-02) | |
2 12 | 2606:4700:10:... 2606:4700:10::6816:35eb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 13.249.9.42 13.249.9.42 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:1f18:24e... 2600:1f18:24e6:b901:4fde:ae29:9087:aec7 | 14618 (AMAZON-AES) (AMAZON-AES) | |
13 | 3 |
ASN16509 (AMAZON-02, US)
PTR: s3-website-us-east-1.amazonaws.com
gft.link |
ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-42.cdg53.r.cloudfront.net
emailimages.giftbit.com |
ASN14618 (AMAZON-AES, US)
csp-report.browser-intake-datadoghq.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
giftbit.com
2 redirects
app.giftbit.com emailimages.giftbit.com |
528 KB |
1 |
browser-intake-datadoghq.com
csp-report.browser-intake-datadoghq.com — Cisco Umbrella Rank: 13890 |
|
1 |
gft.link
1 redirects
gft.link |
284 B |
13 | 3 |
Domain | Requested by | |
---|---|---|
12 | app.giftbit.com |
2 redirects
app.giftbit.com
|
2 | emailimages.giftbit.com |
app.giftbit.com
|
1 | csp-report.browser-intake-datadoghq.com |
app.giftbit.com
|
1 | gft.link | 1 redirects |
13 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.giftbit.com |
info.giftbit.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-26 - 2024-04-25 |
a year | crt.sh |
giftbit.com Amazon RSA 2048 M01 |
2023-05-29 - 2024-06-25 |
a year | crt.sh |
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-06-17 - 2024-06-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://app.giftbit.com/claimGift/index/20d4ee8532fe47699947cff2c56a9c3c
Frame ID: 755C02E5039FBEC51BA79250CAA43008
Requests: 13 HTTP requests in this frame
Screenshot
![](/screenshots/52b8bf93-b9d7-4d6b-b571-ce8ca997640f.png)
Page Title
Your Gift DetailsPage URL History Show full URLs
-
http://gft.link/2yhGrRvGXUQ
HTTP 301
https://app.giftbit.com/sl/2yhGrRvGXUQ HTTP 302
https://app.giftbit.com/viewGift?id=20d4ee8532fe47699947cff2c56a9c3c HTTP 302
https://app.giftbit.com/claimGift/index/20d4ee8532fe47699947cff2c56a9c3c Page URL
Detected technologies
![](/vendor/wappa/icons/ZURB Foundation.png)
Detected patterns
- <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: https://www.giftbit.com/visa-help
Search URL Search Domain Scan URL
Title: giftbit.com
Search URL Search Domain Scan URL
Title: Cardholder Agreement
Search URL Search Domain Scan URL
Title: Issuing Bank Privacy Policy
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://gft.link/2yhGrRvGXUQ
HTTP 301
https://app.giftbit.com/sl/2yhGrRvGXUQ HTTP 302
https://app.giftbit.com/viewGift?id=20d4ee8532fe47699947cff2c56a9c3c HTTP 302
https://app.giftbit.com/claimGift/index/20d4ee8532fe47699947cff2c56a9c3c Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
20d4ee8532fe47699947cff2c56a9c3c
app.giftbit.com/claimGift/index/ Redirect Chain
|
8 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jQueryModule-b99d1953fd9ec669955569f42f3a21c2.js
app.giftbit.com/assets/ |
88 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
coreReactModule-50110219a93310598d4c347b86769089.css
app.giftbit.com/assets/ |
69 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
coreJSModule-fbd4322a03ab3d4f89536c94abb87969.js
app.giftbit.com/assets/ |
1 MB 443 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
giftClaimLayoutModule-709813a0ed3a85e49edd1cb44ee8b366.css
app.giftbit.com/assets/ |
29 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
giftLayoutModule-4dc0e7648aeccefb11282f2f1b076ed5.js
app.giftbit.com/assets/ |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
creditCardModule-e559e0c4b54aa3231ccd6974ca523513.css
app.giftbit.com/assets/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
creditCardModule-ff84c2dd0beb4b3297804683064a428d.js
app.giftbit.com/assets/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
errormessage-03cb24af2190516016d8d2b96a9616ae.js
app.giftbit.com/assets/js/modules/ |
2 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visa-logo.png
emailimages.giftbit.com/general/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
giftbit-logo-gift-footer.png
emailimages.giftbit.com/logos/ |
969 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
app.giftbit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 824 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
logs
csp-report.browser-intake-datadoghq.com/api/v2/ |
0 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| process function| $ function| jQuery object| webpackChunkgiftbitReact object| SENTRY_RELEASE object| SENTRY_RELEASES object| KIIND4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
app.giftbit.com/ | Name: JSESSIONID Value: 73434A1E790FBDA400326571CA372C3E |
|
app.giftbit.com/ | Name: AWSELB Value: 39A71593100010396AA895D447D743B029389175DC01A85A8679DA0D461607ACD91140969DFEF9E90499A0BD3C2B104BBD9692BD8EB12B438B622A8C9836738C3C76F99595 |
|
app.giftbit.com/ | Name: AWSELBCORS Value: 39A71593100010396AA895D447D743B029389175DC01A85A8679DA0D461607ACD91140969DFEF9E90499A0BD3C2B104BBD9692BD8EB12B438B622A8C9836738C3C76F99595 |
|
.giftbit.com/ | Name: recipient Value: true |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | script-src 'self' 'nonce-MzM3OTk4NDc4LDM0NjQzNTQwMDI=' *.giftbit.com t.co analytics.twitter.com static.ads-twitter.com edge.fullstory.com rs.fullstory.com fullstory.com widget.intercom.io api.intercom.io app.intercom.io js.intercomcdn.com js.hsforms.net app.hubspot.com forms.hsforms.com *.hscollectedforms.net js.hubspot.com js.hubspotfeedback.com js.hsleadflows.net js.hs-banner.com js.hs-analytics.net js.hsadspixel.net *.hs-scripts.com consent.cookiebot.com consentcdn.cookiebot.com cdnjs.cloudflare.com code.jquery.com cdn.zapier.com js.stripe.com ws.zoominfo.com snap.licdn.com px.ads.linkedin.com connect.facebook.net www.facebook.com *.doubleclick.net *.googletagmanager.com www.gstatic.com www.google.com www.googleadservices.com *.google-analytics.com tagmanager.google.com apis.google.com tpc.googlesyndication.com tracking.g2crowd.com tags.clickagy.com hemsync.clickagy.com *.ingest.sentry.io *.sentry.io sentry.io *.sentry-cdn.com *.maxmind.com maxmind.com cloudflare.hcaptcha.com challenges.cloudflare.com bat.bing.com www.clarity.ms *.clearbitscripts.com *.clearbitjs.com; frame-src 'self' *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.stripe.com www.googletagmanager.com www.facebook.com www.google.com *.doubleclick.net tpc.googlesyndication.com www.intercom-reporting.com intercom-sheets.com consentcdn.cookiebot.com hemsync.clickagy.com challenges.cloudflare.com www.youtube.com m.youtube.com player.vimeo.com auth.giftbit.com preprodauth.giftbit.com; child-src 'self' app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net www.googletagmanager.com intercom-sheets.com www.intercom-reporting.com www.youtube.com m.youtube.com player.vimeo.com fast.wistia.net; object-src 'none'; worker-src 'self' blob:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubffffe4c735d1c7e7466b11ba7a7aeb08&dd-evp-origin=content-security-policy&ddsource=csp-report |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.giftbit.com
csp-report.browser-intake-datadoghq.com
emailimages.giftbit.com
gft.link
13.249.9.42
2600:1f18:24e6:b901:4fde:ae29:9087:aec7
2606:4700:10::6816:35eb
54.231.197.157
150b580ed05f1ac04cfc1e26fbb5d86efb1847010191c9aa20c5c0b9cea7341e
2194e873e756ae055c72d504454629b6ccac2f9216c29519c6bd22ab99aa110e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
39063632d79b93a575a074bf1f45e3f5429e2f03d3c9cda234fc4421f9bfc9ad
4a763376d452d9f874793a87693c77e9183ecf2b29f2c68e77d5c03755e5aec1
715d5b3a32f9b7811774841b50d6f8c96502599e7d61bc0a48cf3ceab933bf0e
984071da5ea4a4b632fd8b4148d9dc47fca23b94e62968d6916b8f91b6045c5b
abe26fa46d3e67d929d77441c9bf8ca7946f6fed3adc9cfcce99c01cef785284
b516e87c99319f1acc5a3c828db7e6714151da17bb26a469b34a98c56accc2bb
b82c4ba8ff30b0d53b3de9207a9e668760405beb88273063ee32b91d043befa4
e010e138a5e826dc84a4a875d0d1268654f99c2afe8729acfc0fd662bf84fa97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eea600ea7e3708d8391e6d2fa238c59c505b34b0c942fc0d62d5158f82b5dcb7