bonus.gifts Open in urlscan Pro
184.107.11.4  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bonus.gifts/	5 KB 2 KB	220ms 30ms	Document text/html	184.107.11.4 IWEB-AS
General Check archive.org Show headers Download Go to Full URL https://bonus.gifts/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 184.107.11.4 , Canada, ASN32613 (IWEB-AS, CA), Reverse DNS mtlr101.websitehostserver.net Software / Resource Hash 4beb5bfc1bce94be21713c59736c314d56ee43b9407ad8127661990507c5b3e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control max-age=1333600, must-revalidate content-encoding br content-length 1892 content-type text/html date Fri, 20 Dec 2024 13:36:15 GMT etag "0674804de-0;br" last-modified Thu, 28 Nov 2024 05:51:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	style.css bonus.gifts/	9 KB 2 KB	66ms 55ms	Stylesheet text/css	184.107.11.4 IWEB-AS
General Check archive.org Show headers Download Go to Full URL https://bonus.gifts/style.css Requested by Host: bonus.gifts URL: https://bonus.gifts/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 184.107.11.4 , Canada, ASN32613 (IWEB-AS, CA), Reverse DNS mtlr101.websitehostserver.net Software / Resource Hash 22b60bd14cdae7aa9e0079e914517f1d7e318cbe8a48669929d5e92336666fde Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bonus.gifts/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=1333600, public content-encoding br etag "066cd58a4-0;br" x-content-type-options nosniff expires Fri, 27 Dec 2024 13:36:15 GMT accept-ranges bytes content-length 2162 date Fri, 20 Dec 2024 13:36:15 GMT content-type text/css last-modified Tue, 27 Aug 2024 04:40:04 GMT vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	css2 fonts.googleapis.com/	846 B 857 B	246ms 67ms	Stylesheet text/css	2607:f8b0:4004:c1d::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@900&display=swap Requested by Host: bonus.gifts URL: https://bonus.gifts/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ed7bb5dee7bfd3062210d9082389fdd5937053d85d55f8a5441da4dc6fbdad54 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bonus.gifts/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 20 Dec 2024 13:36:16 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Dec 2024 13:36:16 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 20 Dec 2024 13:26:54 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	404	play-button.png bonus.gifts/assets/img/	796 B 796 B	28ms 19ms	Image text/html	184.107.11.4 IWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bonus.gifts/assets/img/play-button.png Requested by Host: bonus.gifts URL: https://bonus.gifts/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 184.107.11.4 , Canada, ASN32613 (IWEB-AS, CA), Reverse DNS mtlr101.websitehostserver.net Software / Resource Hash c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bonus.gifts/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private, no-cache, no-store, must-revalidate, max-age=0 pragma no-cache x-content-type-options nosniff content-length 796 date Fri, 20 Dec 2024 13:36:15 GMT content-type text/html x-frame-options SAMEORIGIN
GET H2	200	jquery-3.5.1.min.js Show response bonus.gifts/assets/js/	87 KB 30 KB	64ms 55ms	Script application/javascript	184.107.11.4 IWEB-AS
General Check archive.org Show headers Download Go to Full URL https://bonus.gifts/assets/js/jquery-3.5.1.min.js Requested by Host: bonus.gifts URL: https://bonus.gifts/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 184.107.11.4 , Canada, ASN32613 (IWEB-AS, CA), Reverse DNS mtlr101.websitehostserver.net Software / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bonus.gifts/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=1333600, public content-encoding br etag "066cd58aa-0;br" x-content-type-options nosniff expires Fri, 27 Dec 2024 13:36:15 GMT accept-ranges bytes content-length 30280 date Fri, 20 Dec 2024 13:36:15 GMT content-type application/javascript last-modified Tue, 27 Aug 2024 04:40:10 GMT vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	geo-modal.js Show response winnerwinner.net/geo-modal/	229 B 419 B	619ms 139ms	Script application/javascript	35.214.123.39 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://winnerwinner.net/geo-modal/geo-modal.js Requested by Host: bonus.gifts URL: https://bonus.gifts/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.214.123.39 London, United Kingdom, ASN15169 (GOOGLE, US), Reverse DNS 39.123.214.35.bc.googleusercontent.com Software nginx / Resource Hash 8202338eefc6fc840617aa78be32ff43747dcf6ef00dc0acd5221669567fc682 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bonus.gifts/ Response headers host-header 8441280b0c35cbc1147f8ba998a563a7 cache-control max-age=2592000 content-encoding br etag W/"e5-605523a7ed0bb" expires Sat, 18 Jan 2025 22:31:04 GMT x-proxy-cache HIT date Fri, 20 Dec 2024 13:36:17 GMT x-httpd 1 content-type application/javascript vary Accept-Encoding, Accept-Encoding,User-Agent server nginx last-modified Thu, 14 Sep 2023 14:09:47 GMT
GET H2	200	E-v1.js Show response fast.wistia.net/assets/external/	851 KB 144 KB	146ms 43ms	Script text/javascript	2a04:4e42:200::644 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.wistia.net/assets/external/E-v1.js Requested by Host: bonus.gifts URL: https://bonus.gifts/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash dd5527dd75411eba0dec603fa7387de472360595c8613bb4f1d12fd6377a6256 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bonus.gifts/ Response headers content-encoding br etag "2a2da3c51ac16b9f77436c19dd9ca521" age 5 x-cache HIT, HIT date Fri, 20 Dec 2024 13:36:16 GMT last-modified Thu, 19 Dec 2024 22:35:23 GMT x-served-by cache-iad-kjyo7100098-IAD, cache-yul1970072-YUL x-cache-hits 33, 1 content-type text/javascript vary Accept-Encoding strict-transport-security max-age=0 cache-control public, max-age=3600 timing-allow-origin * x-timer S1734701777.764901,VS0,VE1 via 1.1 varnish, 1.1 varnish x-browser chrome x-ecma-v modern x-browser-version 131 accept-ranges bytes access-control-allow-origin * content-length 147317 asset-version 110dfcbd451a80169d4be508913059c2aeab9ad9 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	gl Show response g1386590346.co/	0 267 B	167ms 58ms	Script application/javascript	2600:1901:0:7d2:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://g1386590346.co/gl?id=-NFihIK5wUyv-iBlnKBw&refurl=&winurl=https%3A%2F%2Fbonus.gifts%2F Requested by Host: bonus.gifts URL: https://bonus.gifts/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7d2:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software Google Frontend / Express Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bonus.gifts/ Response headers cache-control private, no-cache, no-store, must-revalidate etag W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk" via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Fri, 20 Dec 2024 13:36:17 GMT content-type application/javascript; charset=utf-8 x-powered-by Express server Google Frontend x-cloud-trace-context bab3aeed13cba353319b7b5d544a686f
GET H3	404	geo-modal.html Show response bonus.gifts/geo-modal/	796 B 1 KB	22ms 20ms	XHR text/html	184.107.11.4 IWEB-AS
General Check archive.org Show headers Download Go to Full URL https://bonus.gifts/geo-modal/geo-modal.html Requested by Host: bonus.gifts URL: https://bonus.gifts/assets/js/jquery-3.5.1.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 184.107.11.4 , Canada, ASN32613 (IWEB-AS, CA), Reverse DNS mtlr101.websitehostserver.net Software / Resource Hash c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://bonus.gifts/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept text/html, */*; q=0.01 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private, no-cache, no-store, must-revalidate, max-age=0 pragma no-cache x-content-type-options nosniff alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 796 date Fri, 20 Dec 2024 13:36:16 GMT content-type text/html x-frame-options SAMEORIGIN
GET H2	200	zl182ix3h7.json Show response fast.wistia.net/embed/medias/	6 KB 2 KB	78ms 32ms	Fetch application/json	2a04:4e42:200::644 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.wistia.net/embed/medias/zl182ix3h7.json Requested by Host: fast.wistia.net URL: https://fast.wistia.net/assets/external/E-v1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US), Reverse DNS Software envoy / Resource Hash 7c10b3e89fbb90aef9f8d11202d18ab1e806c504f88bf0f323140a4096191f72 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bonus.gifts/ Response headers x-request-id bf299951-0fbe-4ec1-a7c8-10ee1ad78f9d content-encoding br etag W/"7c10b3e89fbb90aef9f8d11202d18ab1" age 43482 x-permitted-cross-domain-policies none x-content-type-options nosniff x-cache Miss from cloudfront, HIT, HIT x-amz-cf-id _EbcUIVlY4-fJEErvH_Y3pn8CRlIf4GznbCfupibjoDDdeR9UJAhhA== date Fri, 20 Dec 2024 13:36:17 GMT content-type application/json; charset=utf-8 x-served-by cache-iad-kiad7000154-IAD, cache-yul1970074-YUL x-runtime 0.053875 x-cache-hits 5, 0 vary Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override strict-transport-security max-age=0 cache-control public, no-cache timing-allow-origin * x-envoy-upstream-service-time 56 x-timer S1734701778.502446,VS0,VE1 via 1.1 b530298a539e971cee361eb408cead3a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish x-browser chrome x-ecma-v modern x-browser-version 131 accept-ranges bytes access-control-allow-origin * content-length 1693 x-amz-cf-pop IAD61-P4 server envoy
GET H2	200	playPauseLoadingControl.js Show response fast.wistia.net/assets/external/	83 KB 22 KB	34ms 19ms	Script text/javascript	2a04:4e42:200::644 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.wistia.net/assets/external/playPauseLoadingControl.js Requested by Host: fast.wistia.net URL: https://fast.wistia.net/assets/external/E-v1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 5391ba1ea0e305e29df1bc7c1cea8d264ae924843ba6672cc7d504b1fb53f40e Security Headers Name Value Strict-Transport-Security max-age=0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://bonus.gifts Referer Response headers content-encoding br etag "7211c50b3c11a1498b4d02fe842c57d0" age 5 access-control-allow-methods GET, HEAD x-cache HIT, HIT date Fri, 20 Dec 2024 13:36:17 GMT last-modified Thu, 19 Dec 2024 22:35:23 GMT x-served-by cache-iad-kiad7000116-IAD, cache-yul1970074-YUL x-cache-hits 40, 1 content-type text/javascript vary Accept-Encoding strict-transport-security max-age=0 cache-control public, max-age=3600 timing-allow-origin * x-timer S1734701778.636200,VS0,VE1 via 1.1 varnish, 1.1 varnish x-browser chrome x-ecma-v modern x-browser-version 131 accept-ranges bytes access-control-allow-origin * content-length 22489 asset-version 110dfcbd451a80169d4be508913059c2aeab9ad9 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	63efe4f7ce4d8fca48a062930f93f713.webp embed-ssl.wistia.com/deliveries/	16 KB 16 KB	238ms 51ms	Image image/webp	2600:9000:2305:6000:1e:c86:4140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://embed-ssl.wistia.com/deliveries/63efe4f7ce4d8fca48a062930f93f713.webp?image_crop_resized=540x743 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2305:6000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software envoy / Resource Hash 72b105eab2955e4d7fe0acc4a63639c026067bd66893395c8e7f84689d29d55a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bonus.gifts/ Response headers surrogate-key 63efe4f7ce4d8fca48a062930f93f713 thumbnail-delivery etag HfJ0LhrqDEpCEdXdTcIWQ-zv6u8= age 441391 access-control-request-method * x-cache Hit from cloudfront x-amz-cf-id bkrRP_uSCivtMlWNftQVFWyqobjf6PXcXsVhzwpLDbrKcDEPDDaqcQ== date Sun, 15 Dec 2024 10:59:46 GMT content-type image/webp content-disposition inline vary Origin last-modified Tue, 30 Jul 2024 17:26:36 UTC edge-cache-tag 63efe4f7ce4d8fca48a062930f93f713 cache-control max-age=31536000 x-envoy-upstream-service-time 155 x-cdn cloudfront via 1.1 573f3bf892e6baf323888f7038237db2.cloudfront.net (CloudFront) accept-ranges none x-amz-cf-pop IAD89-P2 server envoy
GET H3	200	favicon.ico bonus.gifts/assets/img/	32 KB 32 KB	61ms 56ms	Other image/x-icon	184.107.11.4 IWEB-AS
General Check archive.org Show headers Download Go to Full URL https://bonus.gifts/assets/img/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 184.107.11.4 , Canada, ASN32613 (IWEB-AS, CA), Reverse DNS mtlr101.websitehostserver.net Software / Resource Hash bda0ab29a33322dcc294aa8d911b1f627a6a587415c98f34d1329e2894671b3a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bonus.gifts/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=1333600, public etag "066cd58a7-0;;;" x-content-type-options nosniff expires Fri, 27 Dec 2024 13:36:16 GMT accept-ranges bytes content-length 32988 date Fri, 20 Dec 2024 13:36:16 GMT content-type image/x-icon last-modified Tue, 27 Aug 2024 04:40:07 GMT x-frame-options SAMEORIGIN
GET H2	200	hls_video.js Show response fast.wistia.net/assets/external/engines/	520 KB 128 KB	30ms 29ms	Script text/javascript	2a04:4e42:200::644 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.wistia.net/assets/external/engines/hls_video.js Requested by Host: fast.wistia.net URL: https://fast.wistia.net/assets/external/E-v1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash dc8100597827a188e39056320ab8ba9428cc9272cd74f8cd132d5854b6ca5822 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://bonus.gifts Referer Response headers content-encoding br etag "1c8901016542a7d2e6a106a0fce0a7a5" age 41 access-control-allow-methods GET, HEAD x-cache HIT, HIT date Fri, 20 Dec 2024 13:36:17 GMT last-modified Thu, 19 Dec 2024 22:35:23 GMT x-served-by cache-iad-kiad7000171-IAD, cache-yul1970074-YUL x-cache-hits 53, 2 content-type text/javascript vary Accept-Encoding strict-transport-security max-age=0 cache-control public, max-age=3600 timing-allow-origin * x-timer S1734701778.922196,VS0,VE0 via 1.1 varnish, 1.1 varnish x-browser chrome x-ecma-v modern x-browser-version 131 accept-ranges bytes access-control-allow-origin * content-length 130861 asset-version 110dfcbd451a80169d4be508913059c2aeab9ad9 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	blank.gif fast.wistia.net/assets/images/	1 KB 1 KB	36ms 20ms	Image image/gif	2a04:4e42:200::644 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://fast.wistia.net/assets/images/blank.gif Requested by Host: fast.wistia.net URL: https://fast.wistia.net/assets/external/engines/hls_video.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://bonus.gifts Referer https://bonus.gifts/ Response headers etag "fbdc4ed9a1e2ee4917a265306927bcf1" age 889 access-control-allow-methods GET, HEAD x-cache HIT, HIT date Fri, 20 Dec 2024 13:36:18 GMT last-modified Wed, 10 May 2023 19:48:54 GMT x-served-by cache-iad-kjyo7100102-IAD, cache-yul1970074-YUL x-cache-hits 902526, 7 content-type image/gif vary Accept-Encoding strict-transport-security max-age=0 cache-control public, max-age=3600 timing-allow-origin * x-timer S1734701778.133345,VS0,VE0 via 1.1 varnish, 1.1 varnish x-browser chrome x-ecma-v modern x-browser-version 131 accept-ranges bytes access-control-allow-origin * content-length 1214 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	zl182ix3h7.m3u8 Show response fast.wistia.com/embed/medias/	754 B 1 KB	113ms 24ms	XHR application/x-mpegurl	2a04:4e42:200::644 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.wistia.com/embed/medias/zl182ix3h7.m3u8 Requested by Host: fast.wistia.net URL: https://fast.wistia.net/assets/external/engines/hls_video.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US), Reverse DNS Software envoy / Resource Hash ad8fbe68eff57537df605578a0c12a9a7b47ff34480e4890fc10ae97973b3ade Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bonus.gifts/ Response headers x-request-id 777efd43-2f00-4e5f-847b-3bdd5a17b836 etag W/"ad8fbe68eff57537df605578a0c12a9a" age 130870 x-permitted-cross-domain-policies none x-content-type-options nosniff x-cache Miss from cloudfront, HIT, HIT x-amz-cf-id Syl0genzs29yO42NlxIIPm8h5DSXVPeNYcIPNW9Y3iREzGrfeSS3Mw== date Fri, 20 Dec 2024 13:36:18 GMT content-type application/x-mpegURL x-served-by cache-iad-kcgs7200178-IAD, cache-yul1970027-YUL x-runtime 0.033983 x-cache-hits 5, 0 vary Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override strict-transport-security max-age=0 cache-control public, no-cache timing-allow-origin * x-envoy-upstream-service-time 36 x-timer S1734701778.220676,VS0,VE1 via 1.1 7188701415bacec1212330181f9c1646.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish x-browser chrome x-ecma-v modern x-browser-version 131 accept-ranges bytes access-control-allow-origin * content-length 754 x-amz-cf-pop IAD61-P4 server envoy
GET H2	200	a3591ba5e949a37083cc6f5a4191e903.min.js Show response js.sentry-cdn.com/	3 KB 2 KB	88ms 24ms	Script text/javascript	2a04:4e42:600::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js Requested by Host: fast.wistia.net URL: https://fast.wistia.net/assets/external/E-v1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6b6ad0b3f913c82212455cde1700e6fc51006ff564eb4260ec9942fd53bb06f6 Security Headers Name Value Content-Security-Policy frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; object-src 'none'; worker-src blob:; base-uri 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; img-src * blob: data:; font-src * data:; style-src * 'unsafe-inline'; frame-ancestors 'self' *.sentry.io; default-src 'none'; media-src *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=1237fb95e943a409d18873902b77755075c7e81e Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://bonus.gifts Referer https://bonus.gifts/ Response headers content-encoding gzip age 29 x-envoy-attempt-count 1 x-content-type-options nosniff date Fri, 20 Dec 2024 13:36:18 GMT content-type text/javascript x-served-by frontend-misc-b9d998644-27s47, cache-chi-klot8100079-CHI, cache-yul1970029-YUL vary Accept-Encoding x-frame-options deny strict-transport-security max-age=31536000; includeSubDomains content-security-policy frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; object-src 'none'; worker-src blob:; base-uri 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; img-src * blob: data:; font-src * data:; style-src * 'unsafe-inline'; frame-ancestors 'self' *.sentry.io; default-src 'none'; media-src *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=1237fb95e943a409d18873902b77755075c7e81e cache-control public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000 timing-allow-origin * x-envoy-upstream-service-time 21 accept-ranges bytes access-control-allow-origin * content-length 1331 x-xss-protection 1; mode=block
POST H2	200	mput Show response pipedream.wistia.com/	2 B 329 B	186ms 42ms	Fetch text/plain	2600:9000:27c8:7400:3:471f:5240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pipedream.wistia.com/mput?topic=metrics Requested by Host: fast.wistia.net URL: https://fast.wistia.net/assets/external/E-v1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:27c8:7400:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software envoy / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://bonus.gifts/ Response headers x-envoy-upstream-service-time 0 access-control-allow-methods POST, OPTIONS via 1.1 beec8df5d3c3defd412e08f4a26fcf0c.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Miss from cloudfront content-length 2 x-amz-cf-id V3ULMj6m9Qyce8OVDcDuY_ry18W-_qLT9GdnzHmClJzeXnoNF4h_Sg== date Fri, 20 Dec 2024 13:36:18 GMT content-type text/plain; charset=utf-8 x-amz-cf-pop IAD61-P6 server envoy
GET H2	200	a4c740c152f5dc065f2ba5959ff8e8df9d42e3a0.m3u8 Show response embed-cloudfront.wistia.com/deliveries/	488 B 1 KB	181ms 40ms	XHR application/vnd.apple.mpegurl	2600:9000:2305:8e00:1e:c86:4140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://embed-cloudfront.wistia.com/deliveries/a4c740c152f5dc065f2ba5959ff8e8df9d42e3a0.m3u8 Requested by Host: fast.wistia.net URL: https://fast.wistia.net/assets/external/engines/hls_video.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2305:8e00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software envoy / Resource Hash 4170499dc0d321e176bdd255075478285b2ca20b22372afe5a3b5035a20f81e3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bonus.gifts/ Response headers access-control-expose-headers Server,range,Content-Length,Content-Range,x-cdn surrogate-key a4c740c152f5dc065f2ba5959ff8e8df9d42e3a0-hls-segment age 116137 expires Fri, 19 Dec 2025 05:20:41 GMT x-cache Hit from cloudfront x-amz-cf-id RXSbObf8JF-lbiAHJviPUnFhte60QdGd1mITTCARwxhhD9L5O13yVg== date Thu, 19 Dec 2024 05:20:41 GMT content-type application/vnd.apple.mpegurl last-modified Mon, 05 Nov 2018 10:11:00 GMT edge-cache-tag a4c740c152f5dc065f2ba5959ff8e8df9d42e3a0-hls-segment cache-control max-age=31536000 x-envoy-upstream-service-time 114 x-cdn cloudfront via 1.1 b18bcd54d0f77ca53d7c0ba4b9e54284.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 488 x-amz-cf-pop IAD89-P2 server envoy
POST H2	204	x distillery.wistia.com/	0 0	189ms 42ms	Fetch	18.165.98.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://distillery.wistia.com/x Requested by Host: fast.wistia.net URL: https://fast.wistia.net/assets/external/E-v1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.80 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-80.iad55.r.cloudfront.net Software envoy / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://bonus.gifts/ Response headers cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 1 via 1.1 ddd3d8441374ce62d11d031216138152.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Miss from cloudfront x-amz-cf-id LAoRJ-fl76YRp8dkknzj-HnpFJxc2RQCupiuwJBG3hDlT_IfnMK9_g== date Fri, 20 Dec 2024 13:36:18 GMT x-amz-cf-pop IAD55-P4 server envoy
GET H2	200	bundle.min.js Show response browser.sentry-cdn.com/8.47.0/	72 KB 25 KB	37ms 27ms	Script application/javascript	2a04:4e42:600::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://browser.sentry-cdn.com/8.47.0/bundle.min.js Requested by Host: js.sentry-cdn.com URL: https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash c1b17481511add5ef4d6427a723982afa35507b368b325e829c3537ac2f75757 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://bonus.gifts Referer https://bonus.gifts/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control public, max-age=31536000 content-encoding gzip etag "aada5065c1ac5e6a25afc4e27171a63f" age 160188 expires Thu, 18 Dec 2025 17:06:29 GMT accept-ranges bytes access-control-allow-origin * content-length 25255 date Fri, 20 Dec 2024 13:36:18 GMT last-modified Wed, 18 Dec 2024 16:03:18 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding server Fastly
GET H2	200	seg-1-v1-a1.ts Show response embed-cloudfront.wistia.com/deliveries/a4c740c152f5dc065f2ba5959ff8e8df9d42e3a0.m3u8/	594 KB 595 KB	43ms 39ms	XHR video/mp2t	2600:9000:2305:8e00:1e:c86:4140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://embed-cloudfront.wistia.com/deliveries/a4c740c152f5dc065f2ba5959ff8e8df9d42e3a0.m3u8/seg-1-v1-a1.ts Requested by Host: fast.wistia.net URL: https://fast.wistia.net/assets/external/engines/hls_video.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2305:8e00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software envoy / Resource Hash 80c666ed7a69ce75852d73410cb691001e6fc7906613a5d1e180e7bba793cd41 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bonus.gifts/ Response headers access-control-expose-headers Server,range,Content-Length,Content-Range,x-cdn surrogate-key a4c740c152f5dc065f2ba5959ff8e8df9d42e3a0-hls-segment age 7963 expires Sat, 20 Dec 2025 11:23:35 GMT x-cache Hit from cloudfront x-amz-cf-id Z0h1vLa3ALfyakAYwsavqArRZM2h9ZANiB4vmzywvuYSR95nG_zepQ== date Fri, 20 Dec 2024 11:23:35 GMT content-type video/MP2T last-modified Mon, 05 Nov 2018 10:11:00 GMT edge-cache-tag a4c740c152f5dc065f2ba5959ff8e8df9d42e3a0-hls-segment cache-control max-age=31536000 x-envoy-upstream-service-time 197 x-cdn cloudfront via 1.1 b18bcd54d0f77ca53d7c0ba4b9e54284.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 607992 x-amz-cf-pop IAD89-P2 server envoy
POST H2	200	mput Show response pipedream.wistia.com/	2 B 328 B	41ms 35ms	Fetch text/plain	2600:9000:27c8:7400:3:471f:5240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pipedream.wistia.com/mput?topic=metrics Requested by Host: fast.wistia.net URL: https://fast.wistia.net/assets/external/E-v1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:27c8:7400:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software envoy / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://bonus.gifts/ Response headers x-envoy-upstream-service-time 1 access-control-allow-methods POST, OPTIONS via 1.1 beec8df5d3c3defd412e08f4a26fcf0c.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Miss from cloudfront content-length 2 x-amz-cf-id JTIe63WY2pJtT8336PBDf-gQiDWJaTd0Xum1KppPUkb4GlqHOsli5w== date Fri, 20 Dec 2024 13:36:18 GMT content-type text/plain; charset=utf-8 x-amz-cf-pop IAD61-P6 server envoy

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| geotargetly_loaded object| _qs function| parseQuery function| setParam object| videoIds object| _wq number| countdownTime number| countdownInterval object| __webpack_modules__ object| __webpack_module_cache__ function| __webpack_require__ object| __webpack_exports__ object| Wistia string| _wistiaElemId object| wistiaEmbeds object| Sentry object| __SENTRY__ string| SENTRY_SDK_SOURCE

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bonus.gifts/assets/img/play-button.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bonus.gifts/geo-modal/geo-modal.html Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bonus.gifts
browser.sentry-cdn.com
distillery.wistia.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
fast.wistia.com
fast.wistia.net
fonts.googleapis.com
g1386590346.co
js.sentry-cdn.com
pipedream.wistia.com
winnerwinner.net
18.165.98.80
184.107.11.4
2600:1901:0:7d2::
2600:9000:2305:6000:1e:c86:4140:93a1
2600:9000:2305:8e00:1e:c86:4140:93a1
2600:9000:27c8:7400:3:471f:5240:93a1
2607:f8b0:4004:c1d::5f
2a04:4e42:200::644
2a04:4e42:600::729
35.214.123.39
22b60bd14cdae7aa9e0079e914517f1d7e318cbe8a48669929d5e92336666fde
4170499dc0d321e176bdd255075478285b2ca20b22372afe5a3b5035a20f81e3
4beb5bfc1bce94be21713c59736c314d56ee43b9407ad8127661990507c5b3e6
5391ba1ea0e305e29df1bc7c1cea8d264ae924843ba6672cc7d504b1fb53f40e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6b6ad0b3f913c82212455cde1700e6fc51006ff564eb4260ec9942fd53bb06f6
72b105eab2955e4d7fe0acc4a63639c026067bd66893395c8e7f84689d29d55a
7c10b3e89fbb90aef9f8d11202d18ab1e806c504f88bf0f323140a4096191f72
80c666ed7a69ce75852d73410cb691001e6fc7906613a5d1e180e7bba793cd41
8202338eefc6fc840617aa78be32ff43747dcf6ef00dc0acd5221669567fc682
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
ad8fbe68eff57537df605578a0c12a9a7b47ff34480e4890fc10ae97973b3ade
bda0ab29a33322dcc294aa8d911b1f627a6a587415c98f34d1329e2894671b3a
c1b17481511add5ef4d6427a723982afa35507b368b325e829c3537ac2f75757
c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400
dc8100597827a188e39056320ab8ba9428cc9272cd74f8cd132d5854b6ca5822
dd5527dd75411eba0dec603fa7387de472360595c8613bb4f1d12fd6377a6256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed7bb5dee7bfd3062210d9082389fdd5937053d85d55f8a5441da4dc6fbdad54
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d