Submitted URL: https://hello.redeemitems.com/go/liyus
Effective URL: https://hello.redeemitems.com/new/
Submission: On November 01 via api from US — Scanned from FI

Summary

This website contacted 9 IPs in 5 countries across 7 domains to perform 24 HTTP transactions. The main IP is 65.109.110.88, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is hello.redeemitems.com.
TLS certificate: Issued by E5 on October 18th 2024. Valid for: 3 months.
This is the only time hello.redeemitems.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 65.109.110.88 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:275... 16509 (AMAZON-02)
1 2606:4700:7::... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:214... 16509 (AMAZON-02)
1 104.18.10.207 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 149.56.240.129 16276 (OVH)
24 9
Apex Domain
Subdomains
Transfer
13 redeemitems.com
hello.redeemitems.com
111 KB
6 cloudfront.net
d9cshxmf0qazr.cloudfront.net
d3ept9mddcbuhi.cloudfront.net
27 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 12259
s4.histats.com — Cisco Umbrella Rank: 12449
5 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1113
56 KB
1 gstatic.com
encrypted-tbn0.gstatic.com
3 KB
1 medium.com
miro.medium.com — Cisco Umbrella Rank: 16623
108 KB
1 blogspot.com
new-viral365.blogspot.com
15 KB
24 7
Domain Requested by
13 hello.redeemitems.com 1 redirects new-viral365.blogspot.com
hello.redeemitems.com
5 d3ept9mddcbuhi.cloudfront.net d9cshxmf0qazr.cloudfront.net
1 s4.histats.com s10.histats.com
1 s10.histats.com hello.redeemitems.com
1 maxcdn.bootstrapcdn.com hello.redeemitems.com
1 encrypted-tbn0.gstatic.com hello.redeemitems.com
1 miro.medium.com hello.redeemitems.com
1 d9cshxmf0qazr.cloudfront.net hello.redeemitems.com
1 new-viral365.blogspot.com
24 9

This site contains no links.

Subject Issuer Validity Valid
misc-sni.blogspot.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
www.hello.redeemitems.com
E5
2024-10-18 -
2025-01-16
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
medium.com
Cloudflare Inc ECC CA-3
2024-02-16 -
2024-12-31
a year crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
bootstrapcdn.com
WE1
2024-09-20 -
2024-12-19
3 months crt.sh
s10.histats.com
WE1
2024-10-05 -
2025-01-03
3 months crt.sh
histats.com
R11
2024-10-30 -
2025-01-28
3 months crt.sh

This page contains 2 frames:

Primary Page: https://hello.redeemitems.com/new/
Frame ID: 483D6B2AAE20AC4555F80FFCC31D68A8
Requests: 23 HTTP requests in this frame

Frame: https://d3ept9mddcbuhi.cloudfront.net/public/ct?cpguid=&pr=0&it=4386723&w=1600&h=1200&key=d7fbd&m=0&r=%1D%01%01%05%06OZZ%1B%10%02X%03%1C%07%14%19FC@%5B%17%19%1A%12%06%05%1A%01%5B%16%1A%18Z
Frame ID: E6022716AB0865BDF4FEA10EC2088293
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Watch Trending Leaked Viral Full Video

Page URL History Show full URLs

  1. https://hello.redeemitems.com/go/liyus HTTP 307
    https://new-viral365.blogspot.com/ Page URL
  2. https://hello.redeemitems.com/new/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • medium\.com

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

9
IPs

5
Countries

325 kB
Transfer

698 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hello.redeemitems.com/go/liyus HTTP 307
    https://new-viral365.blogspot.com/ Page URL
  2. https://hello.redeemitems.com/new/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://hello.redeemitems.com/go/liyus HTTP 307
  • https://new-viral365.blogspot.com/

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
new-viral365.blogspot.com/
Redirect Chain
  • https://hello.redeemitems.com/go/liyus
  • https://new-viral365.blogspot.com/
71 KB
15 KB
Document
General
Full URL
https://new-viral365.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
15108
content-type
text/html; charset=UTF-8
date
Fri, 01 Nov 2024 23:14:16 GMT
etag
W/"8699032c01a798ef028c8a4c06fd70207d012aa1f042cff3ca2dc931cdd5ddb4"
expires
Fri, 01 Nov 2024 23:14:16 GMT
last-modified
Tue, 29 Oct 2024 18:07:02 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-type
text/html; charset=UTF-8
date
Fri, 01 Nov 2024 23:14:15 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
location
https://new-viral365.blogspot.com/
pragma
no-cache
server
nginx/1.27.2
strict-transport-security
max-age=31536000
x-cache
HIT from Backend
x-content-type-options
nosniff
x-redirect-by
WordPress
x-redirect-powered-by
https://www.betterlinks.io/
x-robots-tag
sponsored, noindex, nofollow
x-xss-protection
1; mode=block
Primary Request /
hello.redeemitems.com/new/
15 KB
4 KB
Document
General
Full URL
https://hello.redeemitems.com/new/
Requested by
Host: new-viral365.blogspot.com
URL: https://new-viral365.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
65.109.110.88 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.bitsboxhost.com
Software
nginx/1.27.2 /
Resource Hash
a4aa8f40c4e9114c0462f38455cc979f7f9b64d1522f18cdc3ce4976e8752d4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://new-viral365.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, s-maxage=10
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 01 Nov 2024 23:14:16 GMT
server
nginx/1.27.2
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
HIT from Backend
x-content-type-options
nosniff
x-mod-pagespeed
1.13.35.2-0
x-xss-protection
1; mode=block
7156dda.js
d9cshxmf0qazr.cloudfront.net/
26 KB
7 KB
Script
General
Full URL
https://d9cshxmf0qazr.cloudfront.net/7156dda.js
Requested by
Host: hello.redeemitems.com
URL: https://hello.redeemitems.com/new/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:600:d:dd3d:89c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e5a5f2f94969f8ffc45bfc7f31e7fb87fe57193aa325efff901ab5a9d01c5eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/

Response headers

content-encoding
br
etag
W/"f15e91e549ad0dd401be0dbc95bf744d"
age
1238
via
1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
x-cache
Error from cloudfront
x-amz-cf-id
N2t_cIcXjnurAEBDvoCZRavs_rrHo3hJzETv039q29iFndFKuOjNkA==
date
Fri, 01 Nov 2024 22:53:45 GMT
content-type
application/javascript
last-modified
Sun, 22 Sep 2024 12:20:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
bootstrap.min.css
hello.redeemitems.com/new/assets/css/
141 KB
20 KB
Stylesheet
General
Full URL
https://hello.redeemitems.com/new/assets/css/bootstrap.min.css
Requested by
Host: hello.redeemitems.com
URL: https://hello.redeemitems.com/new/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
65.109.110.88 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.bitsboxhost.com
Software
nginx/1.27.2 /
Resource Hash
f1fd53524e47bcb31789dbb734a7f74a133ad56cf0c57ba8e2eddcdc12315a15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/new/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=315360000
content-encoding
gzip
etag
W/"631a7fd6-235f1"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
HIT from Backend
date
Fri, 01 Nov 2024 23:14:16 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Thu, 08 Sep 2022 23:50:46 GMT
server
nginx/1.27.2
vary
Accept-Encoding
font-awesome.min.css
hello.redeemitems.com/new/maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/
23 KB
6 KB
Stylesheet
General
Full URL
https://hello.redeemitems.com/new/maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: hello.redeemitems.com
URL: https://hello.redeemitems.com/new/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
65.109.110.88 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.bitsboxhost.com
Software
nginx/1.27.2 /
Resource Hash
06ff1ad380e219ec72e9fc841313cae364dab0d84a366f292104f6ac81659035
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/new/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=315360000
content-encoding
gzip
etag
W/"61165a84-5dde"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
HIT from Backend
date
Fri, 01 Nov 2024 23:14:16 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Fri, 13 Aug 2021 11:41:56 GMT
server
nginx/1.27.2
vary
Accept-Encoding
style.css
hello.redeemitems.com/new/assets/css/
8 KB
3 KB
Stylesheet
General
Full URL
https://hello.redeemitems.com/new/assets/css/style.css
Requested by
Host: hello.redeemitems.com
URL: https://hello.redeemitems.com/new/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
65.109.110.88 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.bitsboxhost.com
Software
nginx/1.27.2 /
Resource Hash
49e0cd2748a5e48b28056987ae3c05827402197ce17ff27ce3818990d42718e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/new/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=315360000
content-encoding
gzip
etag
W/"631a81fe-2128"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
HIT from Backend
date
Fri, 01 Nov 2024 23:14:16 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Thu, 08 Sep 2022 23:59:58 GMT
server
nginx/1.27.2
vary
Accept-Encoding
1*Xel6x-q83vAP8cYyHni4iA.png
miro.medium.com/v2/resize:fit:1158/
107 KB
108 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fit:1158/1*Xel6x-q83vAP8cYyHni4iA.png
Requested by
Host: hello.redeemitems.com
URL: https://hello.redeemitems.com/new/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da99e6096b2185c9a334d0330010f3bf5abe4c227d9c16ba29b8b675392471c
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/

Response headers

x-request-id
4b405b95-7f9a-9f22-abc4-fcd0aad8e787
cf-cache-status
HIT
etag
"cqtely3GIqOZyP5_A2hsPlu_mL2gu3baYkZxlvQ7iVE/RIjVkZTk3YWM3ZWFiY2RlZjAwZmYxYzYzMjFlNzhiODg4Ig"
age
412065
x-content-type-options
nosniff
expires
Sat, 01 Nov 2025 23:14:16 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 23:14:16 GMT
content-type
image/png
content-disposition
inline; filename="1*Xel6x-q83vAP8cYyHni4iA.png"
medium-fulfilled-by
miro-v2/main-20241009-233003-5bd962093e
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
script-src 'none'
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
153
x-envoy-decorator-operation
miro.miro-production.svc.cluster.local:80/*
cf-ray
8dbf948629eb4e12-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
109964
server
cloudflare
devices_pc.png
hello.redeemitems.com/new/assets/img/channels/
681 B
692 B
Image
General
Full URL
https://hello.redeemitems.com/new/assets/img/channels/devices_pc.png
Requested by
Host: hello.redeemitems.com
URL: https://hello.redeemitems.com/new/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
65.109.110.88 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.bitsboxhost.com
Software
nginx/1.27.2 /
Resource Hash
45d83e50760557547653ede73727bac3925ae841e92095210c6df0be87fbc56c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/new/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=315360000
content-encoding
gzip
etag
W/"61165a84-2a9"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
HIT from Backend
date
Fri, 01 Nov 2024 23:14:16 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Fri, 13 Aug 2021 11:41:56 GMT
server
nginx/1.27.2
vary
Accept-Encoding
apple_pc.png
hello.redeemitems.com/new/assets/img/channels/
4 KB
4 KB
Image
General
Full URL
https://hello.redeemitems.com/new/assets/img/channels/apple_pc.png
Requested by
Host: hello.redeemitems.com
URL: https://hello.redeemitems.com/new/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
65.109.110.88 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.bitsboxhost.com
Software
nginx/1.27.2 /
Resource Hash
b520df6dd615d3be012d98b9c1272944fae7b440181116b1f331641ba6e45f2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/new/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=315360000
content-encoding
gzip
etag
W/"61165a84-11ad"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
HIT from Backend
date
Fri, 01 Nov 2024 23:14:16 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Fri, 13 Aug 2021 11:41:56 GMT
server
nginx/1.27.2
vary
Accept-Encoding
android_pc.png
hello.redeemitems.com/new/assets/img/channels/
4 KB
4 KB
Image
General
Full URL
https://hello.redeemitems.com/new/assets/img/channels/android_pc.png
Requested by
Host: hello.redeemitems.com
URL: https://hello.redeemitems.com/new/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
65.109.110.88 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.bitsboxhost.com
Software
nginx/1.27.2 /
Resource Hash
ae442f714ccab6c299bc6c6a06448ec3be1da73c7cc75eeae7e3062e688fd5ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/new/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=315360000
content-encoding
gzip
etag
W/"61165a84-edf"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
HIT from Backend
date
Fri, 01 Nov 2024 23:14:16 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Fri, 13 Aug 2021 11:41:56 GMT
server
nginx/1.27.2
vary
Accept-Encoding
chromecast_pc.png
hello.redeemitems.com/new/assets/img/channels/
2 KB
3 KB
Image
General
Full URL
https://hello.redeemitems.com/new/assets/img/channels/chromecast_pc.png
Requested by
Host: hello.redeemitems.com
URL: https://hello.redeemitems.com/new/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
65.109.110.88 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.bitsboxhost.com
Software
nginx/1.27.2 /
Resource Hash
559239226f470da8d5d064a6d62566920ecfe3419bd875e14240cad7efb818a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/new/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=315360000
content-encoding
gzip
etag
W/"61165a84-9ea"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
HIT from Backend
date
Fri, 01 Nov 2024 23:14:16 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Fri, 13 Aug 2021 11:41:56 GMT
server
nginx/1.27.2
vary
Accept-Encoding
images
encrypted-tbn0.gstatic.com/
2 KB
3 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQJi-iuiJMGkIKV5omx6lwaGLTtzdegVbjX8Q&usqp=CAU
Requested by
Host: hello.redeemitems.com
URL: https://hello.redeemitems.com/new/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a2a4dc4a3c14c9ddfe995b329a66ad9582163f3bd5003e196bfdb0c36dd0bf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/

Response headers

age
44065
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options
nosniff
expires
Sat, 01 Nov 2025 10:59:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 10:59:51 GMT
last-modified
Fri, 20 Sep 2019 16:49:34 GMT
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
content-length
2149
x-xss-protection
0
server
sffe
jquery.min.js
hello.redeemitems.com/new/assets/js/
86 KB
30 KB
Script
General
Full URL
https://hello.redeemitems.com/new/assets/js/jquery.min.js
Requested by
Host: hello.redeemitems.com
URL: https://hello.redeemitems.com/new/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
65.109.110.88 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.bitsboxhost.com
Software
nginx/1.27.2 /
Resource Hash
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/new/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=315360000
content-encoding
gzip
etag
W/"61165a84-15851"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
HIT from Backend
date
Fri, 01 Nov 2024 23:14:16 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Fri, 13 Aug 2021 11:41:56 GMT
server
nginx/1.27.2
vary
Accept-Encoding
bootstrap.min.js
hello.redeemitems.com/new/assets/js/
48 KB
13 KB
Script
General
Full URL
https://hello.redeemitems.com/new/assets/js/bootstrap.min.js
Requested by
Host: hello.redeemitems.com
URL: https://hello.redeemitems.com/new/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
65.109.110.88 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.bitsboxhost.com
Software
nginx/1.27.2 /
Resource Hash
b00834c17c50af103e353ef86a69d90bbcaa819ed92b4d6ed670a425514e3c3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/new/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=315360000
content-encoding
gzip
etag
W/"61165a84-bf36"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
HIT from Backend
date
Fri, 01 Nov 2024 23:14:16 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Fri, 13 Aug 2021 11:41:56 GMT
server
nginx/1.27.2
vary
Accept-Encoding
htmlxf.4386723.d7fbd.0.js
d3ept9mddcbuhi.cloudfront.net/public/external/v2/
10 KB
11 KB
Script
General
Full URL
https://d3ept9mddcbuhi.cloudfront.net/public/external/v2/htmlxf.4386723.d7fbd.0.js
Requested by
Host: d9cshxmf0qazr.cloudfront.net
URL: https://d9cshxmf0qazr.cloudfront.net/7156dda.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6a00:8:5427:c580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
879d0b828158eec044eda57ca7bb9c3833450db4d17dee39ea07176a62036b81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/

Response headers

via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
VUqq6fX6vS-riWb9kW016NB3NUkVmwnd0kuERwidEHFnv0Z8I62dhA==
date
Fri, 01 Nov 2024 23:14:17 GMT
content-type
application/javascript
x-powered-by
PHP/7.4.11
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA53-C1
css_frontXF.css
d3ept9mddcbuhi.cloudfront.net/public/external/
6 KB
6 KB
Stylesheet
General
Full URL
https://d3ept9mddcbuhi.cloudfront.net/public/external/css_frontXF.css
Requested by
Host: d9cshxmf0qazr.cloudfront.net
URL: https://d9cshxmf0qazr.cloudfront.net/7156dda.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6a00:8:5427:c580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
60a0f85900cf8e56c1607c8c120f68064a4f8d22a40637b224774cb611e93c2f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/

Response headers

etag
"17f6-60315f0399d35"
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
6134
x-amz-cf-id
-VGYNaD7XWIPhgO2rqEV_5vPZs6WCglSA2QQs09T22teJvR3YWgyGg==
date
Fri, 01 Nov 2024 23:14:17 GMT
content-type
text/css
last-modified
Thu, 17 Aug 2023 03:23:39 GMT
server
Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA53-C1
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/
55 KB
56 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: hello.redeemitems.com
URL: https://hello.redeemitems.com/new/maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hello.redeemitems.com
Referer
https://hello.redeemitems.com/

Response headers

cdn-status
200
cf-cache-status
HIT
etag
"97493d3f11c0a3bd5cbd959f5d19b699"
age
412065
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 23:14:17 GMT
content-type
font/woff2
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat
10/31/2023 18:48:19
cdn-cache
HIT
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
1
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
677c0bb9e6029853db299bfab233e133
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8dbf94896c248d5e-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
56780
cdn-edgestorageid
722
server
cloudflare
cdn-requestcountrycode
DE
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: hello.redeemitems.com
URL: https://hello.redeemitems.com/new/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/

Response headers

cache-control
max-age=28800
content-encoding
gzip
cf-cache-status
HIT
etag
"-375139978"
age
73886
cf-ray
8dbf9489cb148db0-HEL
accept-ranges
bytes
content-length
4547
date
Fri, 01 Nov 2024 23:14:17 GMT
content-type
text/javascript
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
vary
Accept-Encoding
server
cloudflare
0.php
s4.histats.com/stats/
51 B
185 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4905220&@f16&@g1&@h1&@i1&@j1730502857280&@k0&@l1&@mWatch%20Trending%20Leaked%20Viral%20Full%20Video&@n0&@ohttps%3A%2F%2Fnew-viral365.blogspot.com%2F&@q0&@r0&@s0&@tfi-FI&@u1600&@b1:-68898641&@b3:1730502857&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fhello.redeemitems.com%2Fnew%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.129 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534297.ip-149-56-240.net
Software
/
Resource Hash
8c9fa1cf9b66d5ea726c1d048d616590d40add5112b6aa0f83bbe281ea4bcb2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/

Response headers

Content-Length
51
Date
Fri, 01 Nov 2024 23:14:17 GMT
Content-Type
text/html;charset=UTF-8
Connection
close
cssXF.css
d3ept9mddcbuhi.cloudfront.net/public/clockers/PrimeApps/
2 KB
2 KB
Stylesheet
General
Full URL
https://d3ept9mddcbuhi.cloudfront.net/public/clockers/PrimeApps/cssXF.css
Requested by
Host: d9cshxmf0qazr.cloudfront.net
URL: https://d9cshxmf0qazr.cloudfront.net/7156dda.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6a00:8:5427:c580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
e6959d5cfed508bcc278587c05b26b361bc678f8a7f0502ca6f8ce01f2838cd5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/

Response headers

etag
"70c-6031617008ead"
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
1804
x-amz-cf-id
SyTgJGhb2y-IKpCAgkvp9CJdsi0N467bT1nDFTcSulSy755CyrAvJQ==
date
Fri, 01 Nov 2024 23:14:17 GMT
content-type
text/css
last-modified
Thu, 17 Aug 2023 03:34:30 GMT
server
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA53-C1
favicon.png
hello.redeemitems.com/new/
36 KB
23 KB
Other
General
Full URL
https://hello.redeemitems.com/new/favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
65.109.110.88 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.bitsboxhost.com
Software
nginx/1.27.2 /
Resource Hash
9f8d2130f7071be7671bc92639d545713bf85403cc80a371e6f71c6333a9282b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/new/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=315360000
content-encoding
gzip
etag
W/"61165a84-90a8"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
HIT from Backend
date
Fri, 01 Nov 2024 23:14:17 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Fri, 13 Aug 2021 11:41:56 GMT
server
nginx/1.27.2
vary
Accept-Encoding
favicon.png
hello.redeemitems.com/new/
36 KB
0
Other
General
Full URL
https://hello.redeemitems.com/new/favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
65.109.110.88 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.bitsboxhost.com
Software
nginx/1.27.2 /
Resource Hash
9f8d2130f7071be7671bc92639d545713bf85403cc80a371e6f71c6333a9282b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/new/

Response headers

cache-control
max-age=315360000
content-encoding
gzip
etag
W/"61165a84-90a8"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
HIT from Backend
date
Fri, 01 Nov 2024 23:14:17 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Fri, 13 Aug 2021 11:41:56 GMT
server
nginx/1.27.2
vary
Accept-Encoding
ct
d3ept9mddcbuhi.cloudfront.net/public/ Frame E602
0
0
Document
General
Full URL
https://d3ept9mddcbuhi.cloudfront.net/public/ct?cpguid=&pr=0&it=4386723&w=1600&h=1200&key=d7fbd&m=0&r=%1D%01%01%05%06OZZ%1B%10%02X%03%1C%07%14%19FC@%5B%17%19%1A%12%06%05%1A%01%5B%16%1A%18Z
Requested by
Host: d9cshxmf0qazr.cloudfront.net
URL: https://d9cshxmf0qazr.cloudfront.net/7156dda.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6a00:8:5427:c580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash

Request headers

Referer
https://hello.redeemitems.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-transform
content-type
text/html; charset=UTF-8
date
Fri, 01 Nov 2024 23:14:18 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
via
1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
x-amz-cf-id
0szRwZ-6DK_0CoLg1ObCP3dtyYyXXMs27QU8205KUDTx65F_lIbyTg==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
x-powered-by
PHP/7.4.11
check.php
d3ept9mddcbuhi.cloudfront.net/public/external/
86 B
379 B
Script
General
Full URL
https://d3ept9mddcbuhi.cloudfront.net/public/external/check.php?it=4386723&time=1730502859633
Requested by
Host: d9cshxmf0qazr.cloudfront.net
URL: https://d9cshxmf0qazr.cloudfront.net/7156dda.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6a00:8:5427:c580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
7210e320c8e355ff714491a63b0af94b23bf1dce368ee6e1455000c368a125b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hello.redeemitems.com/

Response headers

via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
86
x-amz-cf-id
ozDnmfpha3vC2odKmFpAj_a-7saFnlx14SidZqBdFZURGPJUiPP3jw==
date
Fri, 01 Nov 2024 23:14:19 GMT
content-type
application/javascript
x-powered-by
PHP/7.4.11
server
Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA53-C1

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ZAnYS_rZS_vpJRVc object| xfContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| xfLock function| xfGetFeedURL function| xfGetIframeURL function| xfGetIframeHTML function| xfUnlock function| xfOfferComplete function| xfOffersComplete function| xfCheckForLead function| xfComplete function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| CPABuildComplete function| _RH function| _Vm function| _uj function| _Ew function| _HW function| _oy function| _Jf function| _Mz function| _EQ function| _ZU function| _lL function| _yk function| _Tm function| _Ht function| _nS function| _Xy function| _qr function| _Tt function| _du function| _OS function| _Ts function| _ET function| _om function| _Wi function| _xb function| _GK function| _CS function| _kt function| _iE function| _Ut function| _yi function| _TR function| _iD function| _aj function| _lI function| _Ri function| _Th function| _gD function| _iH function| _ff function| _uG function| _KE function| _VR function| _HL function| _VX function| _Nr function| _di function| _Ul function| _WT function| _Cd function| _cy function| _jb function| _tx function| _Yf function| _zl function| _Pg function| _CJ function| _Jl function| _GX function| _nO function| _JF function| _KB function| _VU function| _MS function| _cn function| _xA function| _Kx function| _eN function| _yy function| _bC function| _JW function| _cW function| _Cm function| _xY function| _Gi function| _Ns function| _bu function| _Ci function| _cZ function| _vH function| _ou function| _Tu function| _ux function| _xS function| _wg function| _vs function| _Nl function| _LF function| _gu function| _Yg function| _Hj function| _dS function| _VE function| _TG function| _qd function| _FD function| _rp function| _Hn function| _my function| _qW function| $ function| jQuery object| bootstrap function| launchIntoFullscreen function| exitFullscreen object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

11 Cookies

Domain/Path Name / Value
hello.redeemitems.com/ Name: betterlinks_visitor
Value: bl672560c7e6092
.medium.com/ Name: _cfuvid
Value: KzA0P1H27rHQw0WsdZpBwjjh3TuxehgvptZNU58HNHQ-1730502856680-0.0.1.1-604800000
hello.redeemitems.com/ Name: HstCfa4905220
Value: 1730502857280
hello.redeemitems.com/ Name: HstCla4905220
Value: 1730502857280
hello.redeemitems.com/ Name: HstCmu4905220
Value: 1730502857280
hello.redeemitems.com/ Name: HstPn4905220
Value: 1
hello.redeemitems.com/ Name: HstPt4905220
Value: 1
hello.redeemitems.com/ Name: HstCnv4905220
Value: 1
hello.redeemitems.com/ Name: HstCns4905220
Value: 1
hello.redeemitems.com/ Name: c_ref_4905220
Value: https%3A%2F%2Fnew-viral365.blogspot.com%2F
d3ept9mddcbuhi.cloudfront.net/ Name: avc
Value: 63bca778c7a1

3 Console Messages

Source Level URL
Text
recommendation warning URL: https://hello.redeemitems.com/new/
Message:
[DOM] Found 2 elements with non-unique id #password: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://hello.redeemitems.com/new/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://hello.redeemitems.com/new/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d3ept9mddcbuhi.cloudfront.net
d9cshxmf0qazr.cloudfront.net
encrypted-tbn0.gstatic.com
hello.redeemitems.com
maxcdn.bootstrapcdn.com
miro.medium.com
new-viral365.blogspot.com
s10.histats.com
s4.histats.com
104.18.10.207
149.56.240.129
2600:9000:214f:6a00:8:5427:c580:21
2600:9000:275d:600:d:dd3d:89c0:21
2606:4700:10::6814:345
2606:4700:7::a29f:9804
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200e
65.109.110.88
06ff1ad380e219ec72e9fc841313cae364dab0d84a366f292104f6ac81659035
0da99e6096b2185c9a334d0330010f3bf5abe4c227d9c16ba29b8b675392471c
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3a2a4dc4a3c14c9ddfe995b329a66ad9582163f3bd5003e196bfdb0c36dd0bf3
3e5a5f2f94969f8ffc45bfc7f31e7fb87fe57193aa325efff901ab5a9d01c5eb
45d83e50760557547653ede73727bac3925ae841e92095210c6df0be87fbc56c
49e0cd2748a5e48b28056987ae3c05827402197ce17ff27ce3818990d42718e0
559239226f470da8d5d064a6d62566920ecfe3419bd875e14240cad7efb818a2
60a0f85900cf8e56c1607c8c120f68064a4f8d22a40637b224774cb611e93c2f
7210e320c8e355ff714491a63b0af94b23bf1dce368ee6e1455000c368a125b5
879d0b828158eec044eda57ca7bb9c3833450db4d17dee39ea07176a62036b81
8c9fa1cf9b66d5ea726c1d048d616590d40add5112b6aa0f83bbe281ea4bcb2a
9f8d2130f7071be7671bc92639d545713bf85403cc80a371e6f71c6333a9282b
a4aa8f40c4e9114c0462f38455cc979f7f9b64d1522f18cdc3ce4976e8752d4c
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ae442f714ccab6c299bc6c6a06448ec3be1da73c7cc75eeae7e3062e688fd5ce
b00834c17c50af103e353ef86a69d90bbcaa819ed92b4d6ed670a425514e3c3a
b520df6dd615d3be012d98b9c1272944fae7b440181116b1f331641ba6e45f2e
e6959d5cfed508bcc278587c05b26b361bc678f8a7f0502ca6f8ce01f2838cd5
f1fd53524e47bcb31789dbb734a7f74a133ad56cf0c57ba8e2eddcdc12315a15