hitsxcash.com Open in urlscan Pro
2606:4700:3034::6815:1506 Public Scan

URL:
https://hitsxcash.com/
Submission: On May 19 via manual (May 19th 2021, 12:09:50 pm UTC) from PH

Summary HTTP 92 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 13 domains to perform 92 HTTP transactions. The main IP is 2606:4700:3034::6815:1506, located in United States and belongs to CLOUDFLARENET, US. The main domain is hitsxcash.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2020. Valid for: a year.

This is the only time hitsxcash.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3034::6815:1506	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:f820:425::3 2a00:f820:425::3	34549 (MEER-AS m...) (MEER-AS meerfarbig GmbH & Co. KG)
2	104.21.55.158 104.21.55.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
2	44.239.233.229 44.239.233.229	16509 (AMAZON-02) (AMAZON-02)
5	85.10.200.158 85.10.200.158	24940 (HETZNER-AS) (HETZNER-AS)
11	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	213.239.209.209 213.239.209.209	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
8	178.79.227.24 178.79.227.24	22822 (LLNW) (LLNW)
92	18

18 2606:4700:3034::6815:1506 (United States)

ASN13335 (CLOUDFLARENET, US)

hitsxcash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:f820:425::3 (Germany)

ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE)

ra.revolvermaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rf.revolvermaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.55.158 (United States)

ASN13335 (CLOUDFLARENET, US)

adhitzads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p3.adhitzads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.239.233.229 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-233-229.us-west-2.compute.amazonaws.com

counter1.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 85.10.200.158 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 85-10-200-158.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.239.209.209 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 213-239-209-209.clients.your-server.de

static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.79.227.24 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-227-24.vie.llnw.net

counter1-cdn-ssl.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com tpc.googlesyndication.com	300 KB
18	hitsxcash.com hitsxcash.com	353 KB
12	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	127 KB
11	revolvermaps.com ra.revolvermaps.com rf.revolvermaps.com	19 KB
10	fc2.com counter1.fc2.com counter1-cdn-ssl.fc2.com	6 KB
7	a-ads.com ad.a-ads.com static.a-ads.com	408 KB
6	googletagservices.com www.googletagservices.com	192 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	google.com adservice.google.com www.google.com	165 B
2	adhitzads.com adhitzads.com p3.adhitzads.com	1 KB
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	406 B
1	paypalobjects.com www.paypalobjects.com	6 KB
92	13

	Domain	Requested by
18	hitsxcash.com	hitsxcash.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net hitsxcash.com c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com
8	counter1-cdn-ssl.fc2.com	hitsxcash.com
6	ra.revolvermaps.com	hitsxcash.com ra.revolvermaps.com
6	www.googletagservices.com	hitsxcash.com pagead2.googlesyndication.com securepubads.g.doubleclick.net c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com
5	ad.a-ads.com	hitsxcash.com c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com
5	rf.revolvermaps.com	hitsxcash.com rf.revolvermaps.com
5	pagead2.googlesyndication.com	hitsxcash.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	hitsxcash.com www.google-analytics.com
2	static.a-ads.com	ad.a-ads.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	counter1.fc2.com	hitsxcash.com counter1.fc2.com
1	www.google.com	securepubads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	p3.adhitzads.com	adhitzads.com
1	www.paypalobjects.com	hitsxcash.com
1	adhitzads.com	hitsxcash.com
92	21

This site contains links to these domains. Also see Links.

Domain
www.paypal.com
payeer.com
stripe.com
counter.fc2.com
www.revolvermaps.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-10` - `2021-07-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.revolvermaps.com R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-04-28` - `2022-01-11`	9 months	crt.sh
*.fc2.com Amazon	`2021-04-10` - `2022-05-09`	a year	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://hitsxcash.com/
Frame ID: 6C7F9BC82C318DF1E66BC068EC4EA234
Requests: 52 HTTP requests in this frame

Frame: https://ad.a-ads.com/1152685?size=728x90&background_color=000000&text_color=ffffff&title_color=ffffff&link_color=ffffff
Frame ID: 65CC087419884EA03E022B161C2F6535
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1152679?size=250x250&background_color=000000&text_color=ffffff&title_color=ffffff&title_hover_color=ffffff&link_color=ffffff&link_hover_color=ffffff
Frame ID: B707C4C999751D67707987714CDF5945
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1152685?size=728x90
Frame ID: 2197D083248604BA032EED0F0015C2B0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: 89B1F42B37682FF170D223F1273F7BF2
Requests: 1 HTTP requests in this frame

Frame: https://ra.revolvermaps.com/w/6/a/b.php?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30
Frame ID: 566F3AA39DA2F8C83CBCBD54F1FE5504
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6101907629147976&output=html&adk=1812271804&adf=3025194257&lmt=1621426173&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhitsxcash.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621426173457&bpp=3&bdt=198&idt=103&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=512161944409&frm=20&pv=2&ga_vid=1337564889.1621426174&ga_sid=1621426174&ga_hid=2135992764&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060710%2C31060840&oid=3&pvsid=4152840547011751&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=139
Frame ID: A5F3D990D7231ACC9F4019ACB2265E66
Requests: 1 HTTP requests in this frame

Frame: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BB1D7A4E7EB3B7FC0F1E2D39668ABF30
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5M3bbqCQTSxMJz-0lOFhMwlkDPF30O8rcbNeLB7O5i05gyH2SD-4FMdKSnz6wWl6mhFtpKASpA4AAfwM1y2JunLG7wx0s4MgRTBaxHdqhCLQomfUTDJZfCgHGqqHkKOGUIClV62XmsON5vwJPfXW4Hh2eWEb4u3wihszZ5ejj0zhX0N6Eo58dZhxrwcABwZS0W14aa3lNjTXo8mveeFgxZPq42WT99QArKOgaGSFVVYACmK-85twFelLwj4_1JALSYQiDsK_NwKrO2cbf9bMTO0-eK5PHBKnsFoArVwUf-DQ&sig=Cg0ArKJSzHCSgn1yJa2EEAE&adurl=
Frame ID: DD0D2D6E906E04E7F0F57DEF22E65312
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK1iR6978c2Es6ONPu6VWeWGsBhQqudCSrWKi_-YBMj7uqRdmyn-0mM-8bXH1bdnjNrOheNHWIRIyNoOpb_3GRGolWjj9scYc8wKzXBcspF0w0U1gIO-2B8JIWcZc2zXWZav2e3pytVivltQ3M9L18qQXnFh6zhyWw3z8oj-sgbc4Qo8cxqzQMXMJQ-DEBasnodoY82WNBJGrXKq9ZMFdSyxA_3n40FVVgQwOgT2HzrV23EJLquO7ilQ-JqPOCAE9pXepAEy5ioWnzApiHyoKn0uKtNvnMcI9AwCNw8GETTA&sig=Cg0ArKJSzF7ZoDPRwB6fEAE&adurl=
Frame ID: 86E0BCA122A43A88B553F1423296DDB0
Requests: 8 HTTP requests in this frame

Frame: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E8F79AA50C0CF72A4148F8CB777655CD
Requests: 6 HTTP requests in this frame

Frame: https://ad.a-ads.com/1336649?size=300x250
Frame ID: 0E3E17F7A93B48C190CDA5B68B8851F3
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1336637?size=728x90
Frame ID: 26357CC6CAE6982E130FCE66030DF243
Requests: 1 HTTP requests in this frame

Frame: https://rf.revolvermaps.com/w24/a/a.php?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
Frame ID: 0637205AA279F4DD32EAC5A9596573E3
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 7DF253E50D78F3E584F3A09750EA332B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

92
Requests

100 %
HTTPS

59 %
IPv6

13
Domains

21
Subdomains

18
IPs

2
Countries

1432 kB
Transfer

2593 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.paypal.com/
Title:

Search URL Search Domain Scan URL

URL: https://payeer.com/08366959
Title:

Search URL Search Domain Scan URL

URL: https://stripe.com/
Title:

Search URL Search Domain Scan URL

URL: https://counter.fc2.com/

Search URL Search Domain Scan URL

URL: https://www.revolvermaps.com/?target=enlarge&i=0wmj1wrp35c
Title: RevolverMaps Live Stats

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

92 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hitsxcash.com/ 13 KB
5 KB 265ms
238ms Document
text/html 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hitsxcash.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7c26cbada08081bb62c627fddcdf21f30b15a794949f01dde72ac00df2b1b53

Request headers

:method: GET
:authority: hitsxcash.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-type: text/html; charset=UTF-8
content-length: 4321
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate private, no-cache, no-store, proxy-revalidate, no-transform
pragma: no-cache no-cache
set-cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-request-id: 0a26210c5a00002b4d03332000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dAF5Ms8WwLhBojKLK0%2BWImRcfAh%2FK7B16tZuL53UPyi78Z%2BHWgss%2BfbihiHivS8BFXaeySbfJO6OzBETUJqZfYtusAmUcwYAJ7XjGSPyOrYb%2BQU53uifibgN"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 651d378d5bba2b4d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 style.css
hitsxcash.com/theme/dark/ 53 KB
8 KB 44ms
32ms Stylesheet
text/css 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7d4639aab248e60f0134b4fbe21ad94db5b079f170e40f5d58e27eea7add427

Request headers

:path: /theme/dark/style.css?v=1.1.1
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hitsxcash.com
referer: https://hitsxcash.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 456652
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a26210d5800005363321d9000000001
last-modified: Fri, 18 Dec 2020 11:06:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UBdNGdwTY9miAq15nGUgD3gBOV9BwE3J3%2FSHuHykTucCfO7ufGQTfGuKuYQT9UKSsi%2BZ9ELPYGgpM6FGlslTFINgIkX0l1X8%2B20AcH%2FhVBXreUHfMhvi9pKL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800, proxy-revalidate
cf-ray: 651d378ef8735363-FRA
expires: Fri, 21 May 2021 05:18:40 GMT

GET
H3-29 200 jquery.js Show response
hitsxcash.com/js/ 82 KB
29 KB 57ms
45ms Script
application/javascript 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hitsxcash.com/js/jquery.js
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e9945d7ebf431506391edb3431741c9007f4248bbb09dd451f54d67da1ef01e

Request headers

:path: /js/jquery.js
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hitsxcash.com
referer: https://hitsxcash.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 456652
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a26210d580000536316298000000001
last-modified: Sun, 14 Apr 2019 07:33:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=an4TWvVxLzsRZvM7Y7BXxFuhkh4YVs%2BA%2BV8F54L4Wuuo5YHCiHUiSERTGkhw814nxgg1zyETODHhDT6Rg1HNvhhqmbZwh8s1ZxrFebDM3AuHo8o%2FSi3OX%2BGk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800, proxy-revalidate
cf-ray: 651d378ef8765363-FRA
expires: Fri, 21 May 2021 05:18:40 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58b90f5b80e8c6b23a42d1dcec8456b6dc7c5659bac6b94f8570758f34ef8c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "876 / 316 of 1000 / last-modified: 1621422696"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21268
x-xss-protection: 0
expires: Wed, 19 May 2021 12:09:33 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 49ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f488ba69b34a8b4d924f46e58cbbe62ad1031ee74af785d328ccb54c4cd9b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47946
x-xss-protection: 0
server: cafe
etag: 18260956113010957495
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 May 2021 12:09:33 GMT

GET
H3-29 200 logo.png
hitsxcash.com/theme/dark/images/ 8 KB
9 KB 28ms
21ms Image
image/png 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hitsxcash.com/theme/dark/images/logo.png
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ed686f1bd077aa87d839427fc1785524d2d5ea942e0dd20bbdafa98bdfb44b

Request headers

:path: /theme/dark/images/logo.png
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hitsxcash.com
referer: https://hitsxcash.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2271277
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8262
cf-request-id: 0a26210da000005363dea16000000001
last-modified: Mon, 15 Apr 2019 08:43:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o6LVLpoPc4w4dA3JO2GnQdk%2Fu%2FFZ8INQX2GzQ0dkYxHWUEMp0Nq%2BmjsFEeUXxmSnym2LjUTYCLbjH3NIFkqujAmP1PzTIVTxj2QFyqfsXBsOy2INEI5xaZcQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3024000
accept-ranges: bytes
cf-ray: 651d378f69f35363-FRA
expires: Fri, 28 May 2021 05:14:56 GMT

GET
H/1.1 200
OK 6.js Show response
ra.revolvermaps.com/0/0/ 2 KB
1 KB 29ms
6ms Script
application/javascript 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.revolvermaps.com/0/0/6.js?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4eb36b4ee54c1737b5489d7b05d3c88a9914c5828fbb7bb358165cee347437e8

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 12:09:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Jun 2017 15:59:45 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=100
Content-Length: 975

GET
H3-29 200 traffic-3.jpg
hitsxcash.com/img/ 35 KB
36 KB 20ms
14ms Image
image/jpeg 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hitsxcash.com/img/traffic-3.jpg
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b13674337c0507935efb569e0e17c718c83c604a9410e343520db2249ca133dd

Request headers

:path: /img/traffic-3.jpg
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hitsxcash.com
referer: https://hitsxcash.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2271277
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36053
cf-request-id: 0a26210da1000053630b1af000000001
last-modified: Sun, 05 May 2019 11:40:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W43JC2vj5U21MeCSnqYSKE1jMZBKpm1zP5badYmAx6En5YcRSXGiQ247dhZHkNviKZjmT8vmC756xTGIS6yYOm3vkQ6pa7JzSqiVIjd3sGUHMRENfft8fWSu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=3024000
accept-ranges: bytes
cf-ray: 651d378f69f85363-FRA
expires: Fri, 28 May 2021 05:14:56 GMT

GET
H3-29 200 Get-Instant-Access-Button-2.png
hitsxcash.com/img/ 17 KB
17 KB 34ms
27ms Image
image/png 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hitsxcash.com/img/Get-Instant-Access-Button-2.png
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd5149cd6f510a974d58194fde5e095bc0472b91fda3f5616dd7653bd6a79c40

Request headers

:path: /img/Get-Instant-Access-Button-2.png
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hitsxcash.com
referer: https://hitsxcash.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2271276
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17233
cf-request-id: 0a26210da100005363019f4000000001
last-modified: Sun, 05 May 2019 11:57:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T5vfA4XyOvZkr0%2BA0bUHHQEH3qHr7O1jqUw9hsaWrRbZLT2qlPO5wvtS0RAnMyZaAir5djKBSJ5hF9ObYOFytVZYZH1Um8WkjIetcxo0pQtBYxW9lD4I5Di7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3024000
accept-ranges: bytes
cf-ray: 651d378f69fa5363-FRA
expires: Fri, 28 May 2021 05:14:57 GMT

GET
H3-29 200 banner.png
hitsxcash.com/img/ 77 KB
78 KB 30ms
24ms Image
image/png 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hitsxcash.com/img/banner.png
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d284bd418bf30e8d82d9aaf0eeae47d3849fec189e61d2be0bd75bf33ce16651

Request headers

:path: /img/banner.png
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hitsxcash.com
referer: https://hitsxcash.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2271276
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79214
cf-request-id: 0a26210da100005363f4a7f000000001
last-modified: Sun, 05 May 2019 10:12:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vJoqpUZZt%2B73PT1T%2B2oWPTOthyVGk5P7eFlqCNRwRA3yPzE6MCixJIHysgxyZIgpsg%2F5y9eFBOwvtxT4Yvy5HzfsDEWGwa0Ge4oPdE19yObjp%2BHnZBVYWRWk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3024000
accept-ranges: bytes
cf-ray: 651d378f69fb5363-FRA
expires: Fri, 28 May 2021 05:14:57 GMT

GET
H3-29 200 main.png
hitsxcash.com/img/ 93 KB
94 KB 36ms
30ms Image
image/png 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hitsxcash.com/img/main.png
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b0768d793bc792cd39e2c7344723829ee9e9789e2267ed8403502131997b67

Request headers

:path: /img/main.png
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hitsxcash.com
referer: https://hitsxcash.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2271276
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95210
cf-request-id: 0a26210da300005363033cf000000001
last-modified: Wed, 12 Jun 2019 07:29:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=30UtPbASKp6uNige3u9V6aR2VTUl%2B2Hh7%2BjQjr4TZxu0VFd3vKuK0ExjW5nGwgYaxxAZF26A3cH931sxU%2Fd99K2f1dqBtYDBIwPIdW9pvlxUvcnid0fMxS8g"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3024000
accept-ranges: bytes
cf-ray: 651d378f69fe5363-FRA
expires: Fri, 28 May 2021 05:14:57 GMT

GET
H3-29 200 b-3813_648x60_kgh9tdjgyf.gif
hitsxcash.com/files/banners/ 36 KB
36 KB 42ms
37ms Image
image/gif 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hitsxcash.com/files/banners/b-3813_648x60_kgh9tdjgyf.gif
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba8c9081fe27a1fa4e120eea7890c37edb35083a9b254cd70ad69f9e19caa84f

Request headers

:path: /files/banners/b-3813_648x60_kgh9tdjgyf.gif
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hitsxcash.com
referer: https://hitsxcash.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1364615
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36573
cf-request-id: 0a26210da100005363d92a3000000001
last-modified: Mon, 03 May 2021 16:53:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KCDu%2FzipaVe8rLGUoJV18X6ZdM10zx6U%2FEFMfx8HdcW89TbfGl0EIGMNUEstJZ670qz%2BGszf342K%2BdHGuxrAYlEkmegYFI0w%2FTjrX67zSDtmVt0F9y9Z6%2F%2Ft"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=3024000
accept-ranges: bytes
cf-ray: 651d378f6a005363-FRA
expires: Mon, 07 Jun 2021 17:05:58 GMT

GET
H3-29 200 b-3813_648x60_57e5zueb0um47h.jpg
hitsxcash.com/files/banners/ 28 KB
29 KB 46ms
41ms Image
image/jpeg 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hitsxcash.com/files/banners/b-3813_648x60_57e5zueb0um47h.jpg
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 920897495429ab8ca6c16d0022634319dc6516640d698e24e57b23e8639098cf

Request headers

:path: /files/banners/b-3813_648x60_57e5zueb0um47h.jpg
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hitsxcash.com
referer: https://hitsxcash.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2249190
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28879
cf-request-id: 0a26210da200005363d2968000000001
last-modified: Mon, 12 Apr 2021 22:20:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q4socZasWjt5EIoxSQcwkHl%2FYeAZNmNmx9nVwl9QHo8ub01XkPZORhAjT7Sa%2FaNY3XjFlCZrp%2BXkbSpGlsyEa1MchoWLpDhZK9JujUXLja%2B2trzUiccyNfvi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=3024000
accept-ranges: bytes
cf-ray: 651d378f6a025363-FRA
expires: Fri, 28 May 2021 11:23:03 GMT

GET
H2 200 1124911 Show response
adhitzads.com/ 448 B
897 B 76ms
37ms Script
text/html 104.21.55.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adhitzads.com/1124911
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc00c599aa0902fa44e23d4ab87ffeb9fbaa747e095275f985f0b771494cb12

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FcVpL8Oz07O3%2FCSk%2B9V27FTUDWtYvWp%2BiTwvQQCQYUuAD%2Br0q%2F1eXdKvIxnxf2CKlejX20DbXuxYU0PTBZVbktZoH48zhNzUks5pUbcS"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=3600, public
cf-ray: 651d378f7e8ac779-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a26210da80000c7796c9f0000000001
expires: Wed, 19 May 2021 13:09:33 GMT

GET
H2 200 PP_AcceptanceMarkTray-NoDiscover_243x40.png
www.paypalobjects.com/webstatic/mktg/logo/ 6 KB
6 KB 112ms
28ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/mktg/logo/PP_AcceptanceMarkTray-NoDiscover_243x40.png

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

e1279beb885d2f50cf6eed4644a6b163d82f0445ab2b54b3503a57c23c645287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Apr 2021 03:32:52 GMT
server: Akamai Image Manager
etag: "MEpjsXjWUC1dpVtzNQCGaoVycXWtBA/v9SAlO0oAKa8"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 5668
expires: Thu, 20 May 2021 00:09:33 GMT

GET
H3-29 200 payeer.png
hitsxcash.com/img/ 5 KB
6 KB 47ms
42ms Image
image/png 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hitsxcash.com/img/payeer.png
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cad40e4825640461c5fabaf7112e150acdf88d61536e7ec12fd96dd0c654eef2

Request headers

:path: /img/payeer.png
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hitsxcash.com
referer: https://hitsxcash.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2271276
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5080
cf-request-id: 0a26210da200005363431ac000000001
last-modified: Sat, 03 Oct 2020 07:36:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MamOSdCCM9ROeOsrlFe93JwvFRA6q49yr%2BSVSkb7OL6LOl07H4l2R1qzJ18QjY1cGvboJotIht%2BLWCUjEQGrrVCg3XqBmareYDCJUpzZqGyIo1WQ5PWXBRds"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3024000
accept-ranges: bytes
cf-ray: 651d378f6a045363-FRA
expires: Fri, 28 May 2021 05:14:57 GMT

GET
H3-29 200 stripe.png
hitsxcash.com/img/ 2 KB
3 KB 47ms
42ms Image
image/png 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hitsxcash.com/img/stripe.png
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c6786a0ba78045e5ed921459a722b6b9d68c6abebed9f8d11f5a73cd333deab

Request headers

:path: /img/stripe.png
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hitsxcash.com
referer: https://hitsxcash.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2271275
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2178
cf-request-id: 0a26210da200005363f51dd000000001
last-modified: Fri, 18 Dec 2020 11:22:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lPqUAzvJ3HLg1TvNpBJZyELNJ1B5g2YJdhI1Qc2P33YuYux%2B26R75VaIhC513OlYYINu7JLQ0puHkgU4%2BooxMXbU2Y%2BEfurafuFs0DU5KHKLRIBKw3dRajYN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3024000
accept-ranges: bytes
cf-ray: 651d378f6a065363-FRA
expires: Fri, 28 May 2021 05:14:57 GMT

GET
H/1.1 200
Ok counter.php Show response
counter1.fc2.com/ 3 KB
2 KB 740ms
184ms Script
application/x-javascript 44.239.233.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://counter1.fc2.com/counter.php?id=89431230
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.233.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-233-229.us-west-2.compute.amazonaws.com
Software: nginx/1.5.7 /
Resource Hash: 88413e9da5b59b4976312fded3957047ad987f1b254916426e2fe96e167f7d79

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 12:09:34 GMT
Content-Encoding: gzip
Server: nginx/1.5.7
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 1403
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 0.js Show response
rf.revolvermaps.com/0/0/ 1 KB
1 KB 26ms
6ms Script
application/javascript 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://rf.revolvermaps.com/0/0/0.js?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: c262f27abcd636af1c3c20b4b19c55e28b206e29b4c75269d3f1aed51710f81a

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 12:09:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Sep 2014 15:31:19 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=100
Content-Length: 720

GET
H/1.1 200
OK 9.js Show response
ra.revolvermaps.com/0/0/ 1 KB
994 B 26ms
7ms Script
application/javascript 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.revolvermaps.com/0/0/9.js?i=0wmj1wrp35c
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 94d3dd0782f347744d697af65457ec2b5d2cf770e1d7ce85aff3e00afd79a162

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 12:09:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Dec 2016 08:37:29 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=100
Content-Length: 659

GET
H/1.1 200
OK 1152685 Show response
ad.a-ads.com/ Frame 65CC 6 KB
2 KB 95ms
38ms Document
text/html 85.10.200.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1152685?size=728x90&background_color=000000&text_color=ffffff&title_color=ffffff&link_color=ffffff

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.10.200.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

85-10-200-158.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

bdc8d50727927e929c2ecb6e5a940de5502b480f97f9cecb5299f39db08e4c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hitsxcash.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hitsxcash.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 19 May 2021 12:09:33 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://hitsxcash.com/
Content-Encoding: gzip

GET
H3-29 200 back.png
hitsxcash.com/theme/dark/images/ 119 B
712 B 46ms
42ms Image
image/png 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hitsxcash.com/theme/dark/images/back.png
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7c787516f199fb142c07f23812292e03903ae3c43e481d7b4ee4aeef53fa795

Request headers

:path: /theme/dark/images/back.png
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hitsxcash.com
referer: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2271275
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 119
cf-request-id: 0a26210da300005363223c8000000001
last-modified: Sun, 14 Apr 2019 07:35:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tI4weW152FcJ9jSJVd2WLePvn4caiN9qoWtA52AlXADyAUhiVD10%2Fw2I6U1vjEJ1m2%2BOhLC37XJu%2Faq0q2ipqfcq7bpQOwdrjzFlJPbwp4zKOBxdJnf0jHeD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3024000
accept-ranges: bytes
cf-ray: 651d378f6a085363-FRA
expires: Fri, 28 May 2021 05:14:58 GMT

GET
H3-29 200 login_user.png
hitsxcash.com/theme/dark/images/ 146 B
737 B 47ms
47ms Image
image/png 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hitsxcash.com/theme/dark/images/login_user.png
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4776f6c55af827f8042c1cf9cd77a6ce64efbba1f8ab8f7b1aeccf14d3e3f129

Request headers

:path: /theme/dark/images/login_user.png
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hitsxcash.com
referer: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2271275
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 146
cf-request-id: 0a26210da30000536307a3e000000001
last-modified: Sun, 14 Apr 2019 07:35:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V5tAB6XAwNNpEedbCNp6aenErNBCRf5F13McHpYcdxPu1xWaPphs9Kggx1X9pqxynTd4uD5u6GpBco0at5atnhcR2Y%2BL6C4Y5%2FzktSDjdNpH7ruDMWSDXaIF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3024000
accept-ranges: bytes
cf-ray: 651d378f6a095363-FRA
expires: Fri, 28 May 2021 05:14:58 GMT

GET
H3-29 200 login_password.png
hitsxcash.com/theme/dark/images/ 136 B
736 B 47ms
47ms Image
image/png 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hitsxcash.com/theme/dark/images/login_password.png
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 331b98fb796877e585822c176cee5dd048adeb64500e79286b2b9bd85b55e278

Request headers

:path: /theme/dark/images/login_password.png
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hitsxcash.com
referer: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2271274
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 136
cf-request-id: 0a26210da300005363e98e1000000001
last-modified: Sun, 14 Apr 2019 07:35:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ECxb45wc7zxhj5OMzaLoFiQECSitW3a%2Bgk63stbjc%2BqVxDW%2BTlmSvvGXC%2BpJ18O%2FpdWQDgS%2BMXEbQHPIK5DwfjQQ42ECHGdbTwgCRvxpbNev3u7OVJfcgeyK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3024000
accept-ranges: bytes
cf-ray: 651d378f6a0a5363-FRA
expires: Fri, 28 May 2021 05:14:59 GMT

GET
H/1.1 200
OK 1152679 Show response
ad.a-ads.com/ Frame B707 7 KB
2 KB 93ms
39ms Document
text/html 85.10.200.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1152679?size=250x250&background_color=000000&text_color=ffffff&title_color=ffffff&title_hover_color=ffffff&link_color=ffffff&link_hover_color=ffffff

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.10.200.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

85-10-200-158.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

f16a1e3f5cbb2d9e3c40496cc9a8bb80b199090170383b0ad1993983b3f65b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hitsxcash.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hitsxcash.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 19 May 2021 12:09:33 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://hitsxcash.com/
Content-Encoding: gzip

GET
H3-29 200 users.png
hitsxcash.com/theme/dark/images/ 415 B
1011 B 30ms
26ms Image
image/png 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hitsxcash.com/theme/dark/images/users.png
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfa4fc594ac3fe337d1345d90cfa4e62ff956299c9f1c50c6a86058cdffe3871

Request headers

:path: /theme/dark/images/users.png
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hitsxcash.com
referer: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2271274
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 415
cf-request-id: 0a26210dd70000536307a41000000001
last-modified: Sun, 14 Apr 2019 07:35:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tKnMixX0r42%2Flhpmj0kImNzI08o78UdLsA4iLXgEAWtQ3T%2FxtveepQ2%2Bu1qqmhDv3coP%2FSqscuxbY7U%2FIWQja3KYZmZtN0cN1IoP7EgygsOxIc2qqwNuq3cV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3024000
accept-ranges: bytes
cf-ray: 651d378fbade5363-FRA
expires: Fri, 28 May 2021 05:14:59 GMT

GET
H3-29 200 exchange.png
hitsxcash.com/theme/dark/images/ 470 B
1 KB 24ms
22ms Image
image/png 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hitsxcash.com/theme/dark/images/exchange.png
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2379959a22cd3e17009d3d8391377785ac80d40ab836687acd99f8f7dd75123c

Request headers

:path: /theme/dark/images/exchange.png
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hitsxcash.com
referer: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2271274
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 470
cf-request-id: 0a26210dd800005363ca0cb000000001
last-modified: Sun, 14 Apr 2019 07:35:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vG%2Fm1SbnEvhdFe%2B1LsKqPwtMq4h1Gb30GBh4lBxvnZJPfHkInIUg1RVHFQMHGszjjksq2stOPsm8jAoaTd2NyqMPhLHOHbcbXJQhj3PA1I9j8cu6N%2FE0COZN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3024000
accept-ranges: bytes
cf-ray: 651d378fbae45363-FRA
expires: Fri, 28 May 2021 05:14:59 GMT

GET
H3-29 200 cash.png
hitsxcash.com/theme/dark/images/ 458 B
1 KB 33ms
30ms Image
image/png 2606:4700:3034::6815:1506
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hitsxcash.com/theme/dark/images/cash.png
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1506 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eaca3b397465e620123087585349af453a0948bfac1534e5af95b0deb806a74

Request headers

:path: /theme/dark/images/cash.png
pragma: no-cache
cookie: PHPSESSID=11080efb580dbdb830433d9be97e98ac
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hitsxcash.com
referer: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hitsxcash.com/theme/dark/style.css?v=1.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2271274
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 458
cf-request-id: 0a26210dd800005363e1934000000001
last-modified: Sun, 14 Apr 2019 07:35:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1AgZp%2BWR7gnA%2BMdHs8FBPFiOd%2B4kpp8368NUfdefjqsuyb%2BnIzg3J%2BTLoZLfaEAf8YGPHxmX5sf%2BwLwfextAVcFX0fNs3xDe4zbJef7Jf53EeiEEnKutXK1v"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3024000
accept-ranges: bytes
cf-ray: 651d378fbae95363-FRA
expires: Fri, 28 May 2021 05:14:59 GMT

GET
H/1.1 200
OK 1152685 Show response
ad.a-ads.com/ Frame 2197 6 KB
2 KB 56ms
34ms Document
text/html 85.10.200.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1152685?size=728x90

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.10.200.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

85-10-200-158.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

8e0fc961fbc5fc9b37593fe842b02d49200771db1d41274d86629b9f31b19631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hitsxcash.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hitsxcash.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 19 May 2021 12:09:33 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://hitsxcash.com/
Content-Encoding: gzip

GET
H2 200 / Show response
p3.adhitzads.com/ 0
323 B 40ms
37ms Script
text/html 104.21.55.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/?z=1124911&p=1096084273&l=https%3A//hitsxcash.com/&c=1
Requested by: Host: adhitzads.com
URL: https://adhitzads.com/1124911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e0oCR4R1wxMsaehRtb1IqniQvVE%2Bl07L43KL8xGqLIGDLz0Fv2z8rWgweGNsrEW%2FwemTP7IkOndo7nhh27zWHg4WW%2BD1WBIQTY6e9r6Osd8D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 651d378fff72c779-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a26210df90000c7792198f000000001

GET
H/1.1 200
OK c.php
ra.revolvermaps.com/js/ 43 B
289 B 7ms
6ms Image
image/gif 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.revolvermaps.com/js/c.php?i=0wmj1wrp35c
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 12:09:33 GMT
Last-Modified: Wed, 19 May 2021 12:09:33 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=900
Connection: Keep-Alive
Keep-Alive: timeout=4, max=99
Content-Length: 43

GET
H/1.1 200
OK r.php
ra.revolvermaps.com/js/ 43 B
215 B 6ms
6ms Image
image/gif 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.revolvermaps.com/js/r.php?i=0wmj1wrp35c&l=https%3A%2F%2Fhitsxcash.com%2F&r=1621426173424
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 12:09:33 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=4, max=99
Content-Length: 43
Content-Type: image/gif

GET
H2 200 pubads_impl_2021051701.js Show response
securepubads.g.doubleclick.net/gpt/ 308 KB
109 KB 84ms
30ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

65bd64f93eeb0e9cac00f8ed11c2a9c4663907c5a96b7c80bfd2c7502141939b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 00:12:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110938
x-xss-protection: 0
expires: Wed, 19 May 2021 12:09:33 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ 231 KB
85 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6101907629147976&plah=hitsxcash.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87252
x-xss-protection: 0
server: cafe
etag: 5322897297824761394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 May 2021 12:09:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame 89B1 10 KB
4 KB 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210517/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hitsxcash.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hitsxcash.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 18 May 2021 22:33:52 GMT
expires: Tue, 01 Jun 2021 22:33:52 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 48941
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK a2.php Show response
ra.revolvermaps.com/w/6/a/ Frame 566F 33 KB
11 KB 7ms
7ms Document
text/html 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.revolvermaps.com/w/6/a/a2.php?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30
Requested by: Host: ra.revolvermaps.com
URL: https://ra.revolvermaps.com/0/0/6.js?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: efae543cf72bafecd8d2b7ccf25a2c8b089509fd40f3d9df2c4f666b7ee9d57e

Request headers

Host: ra.revolvermaps.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hitsxcash.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hitsxcash.com/

Response headers

Date: Wed, 19 May 2021 12:09:33 GMT
Server: Apache
Cache-Control: public, max-age=2592000
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=4, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/144770/ Frame 65CC 204 KB
204 KB 109ms
35ms Image
image/gif 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/144770/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1152685?size=728x90&background_color=000000&text_color=ffffff&title_color=ffffff&link_color=ffffff
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1058f8dc17931806401374169633c7d2455fe16e9a28829c23457e1c6f1d5871

Request headers

Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 12:09:33 GMT
Last-Modified: Sat, 24 Apr 2021 10:03:57 GMT
Server: nginx/1.14.0 (Ubuntu)
x-amz-request-id: JXC33XEAX4J6MP7A
ETag: "657fd0be4acf3b23b76f55e585fb5bbc"
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Content-Length: 208517
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: e1zaAfzSlfTH2Cl28ki2R8QMGCC3ldYK
x-amz-id-2: cEL1HzE72/QPxUtF/RhWhG4XqQ0iGwqF3fl3iu00Xie/m/w0Kyqiky1W2nAgHfIz05u6yjKRTPM=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 65CC 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B707 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2197 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK b.php Show response
ra.revolvermaps.com/w/6/a/ Frame 566F 1 KB
911 B 7ms
5ms Document
text/html 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.revolvermaps.com/w/6/a/b.php?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30
Requested by: Host: ra.revolvermaps.com
URL: https://ra.revolvermaps.com/w/6/a/a2.php?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: c0d80a3b13d197b70021100595dca269e9397406d471e2ccbafc4e09897e9bb1

Request headers

Host: ra.revolvermaps.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ra.revolvermaps.com/w/6/a/a2.php?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ra.revolvermaps.com/w/6/a/a2.php?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30

Response headers

Date: Wed, 19 May 2021 12:09:33 GMT
Server: Apache
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 635
Keep-Alive: timeout=4, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
406 B 31ms
30ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hitsxcash.com&callback=_gfp_s_&client=ca-pub-6101907629147976

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6101907629147976&plah=hitsxcash.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

6729ffff53b0ddba24401f309552ade8efa6c003c196c01b08269c03a69f216b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hitsxcash.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hitsxcash.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A5F3 603 B
67 B 35ms
33ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6101907629147976&output=html&adk=1812271804&adf=3025194257&lmt=1621426173&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhitsxcash.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621426173457&bpp=3&bdt=198&idt=103&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=512161944409&frm=20&pv=2&ga_vid=1337564889.1621426174&ga_sid=1621426174&ga_hid=2135992764&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060710%2C31060840&oid=3&pvsid=4152840547011751&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=139

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6101907629147976&output=html&adk=1812271804&adf=3025194257&lmt=1621426173&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhitsxcash.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621426173457&bpp=3&bdt=198&idt=103&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=512161944409&frm=20&pv=2&ga_vid=1337564889.1621426174&ga_sid=1621426174&ga_hid=2135992764&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060710%2C31060840&oid=3&pvsid=4152840547011751&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=139
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hitsxcash.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hitsxcash.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 19 May 2021 12:09:33 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 19-May-2021 12:24:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a138f5a790f47f9c8e1b3b6c88ea4fecb1abd1b1011a7d842b721d2fa943ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621251140663589"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Wed, 19 May 2021 12:09:33 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
14 KB 125ms
95ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4152840547011751&correlator=3527597018109808&output=ldjh&impl=fifs&eid=31061225%2C31060976%2C31060840&vrg=2021051701&ptt=17&sc=1&sfv=1-0-38&ecs=20210519&iu_parts=4271109%2Chxc-footer-left%2Chxc-footer-center%2Chxc-footer-right%2Chxc-sidebar%2Chxc-footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x250%2C300x250%2C300x250%2C250x250%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1621426173&dt=1621426173632&dlt=1621426173259&idt=355&frm=20&biw=1600&bih=1200&oid=3&adxs=323%2C650%2C977%2C300%2C436&adys=2216%2C2216%2C2216%2C965%2C2008&adks=1389735155%2C3491682591%2C301578011%2C2735474544%2C3211837662&ucis=1%7C2%7C3%7C4%7C5&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhitsxcash.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=327x270%7C327x270%7C328x270%7C262x500%7C982x180&msz=300x-1%7C300x-1%7C300x-1%7C250x-1%7C728x-1&ga_vid=1337564889.1621426174&ga_sid=1621426174&ga_hid=2135992764&ga_fc=false&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&btvi=1%7C2%7C3%7C0%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

45913d6ac3e59a80db423229348369158075e8f7b34f64f39620c66bb502eb85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14170
x-xss-protection: 0
google-lineitem-id: 5317934870,5317934870,5317934870,-2,5317934870
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138304890755,138305267182,138304894463,-2,138267536780
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hitsxcash.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 50ms
14ms Other
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 28ms
7ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html Show response
c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BB1D 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hitsxcash.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hitsxcash.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 19 May 2021 12:09:33 GMT
expires: Thu, 19 May 2022 12:09:33 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DD0D 0
0 57ms
57ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5M3bbqCQTSxMJz-0lOFhMwlkDPF30O8rcbNeLB7O5i05gyH2SD-4FMdKSnz6wWl6mhFtpKASpA4AAfwM1y2JunLG7wx0s4MgRTBaxHdqhCLQomfUTDJZfCgHGqqHkKOGUIClV62XmsON5vwJPfXW4Hh2eWEb4u3wihszZ5ejj0zhX0N6Eo58dZhxrwcABwZS0W14aa3lNjTXo8mveeFgxZPq42WT99QArKOgaGSFVVYACmK-85twFelLwj4_1JALSYQiDsK_NwKrO2cbf9bMTO0-eK5PHBKnsFoArVwUf-DQ&sig=Cg0ArKJSzHCSgn1yJa2EEAE&adurl=

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 12:09:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame DD0D 17 KB
7 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 11:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Jun 2021 11:59:52 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame DD0D 2 KB
1 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Jun 2021 12:08:38 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD0D 118 KB
36 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621251134821955"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36689
x-xss-protection: 0
expires: Wed, 19 May 2021 12:09:33 GMT

GET
H3-29 200 5506902008031269633
tpc.googlesyndication.com/simgad/ Frame DD0D 45 KB
45 KB 29ms
8ms Image
image/gif 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5506902008031269633

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f891b6d255b1dc9198152c08d5e27fd4b6de60f11853dc211f017b95c34bdf0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 02:16:09 GMT
x-content-type-options: nosniff
age: 381204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46326
x-xss-protection: 0
last-modified: Mon, 02 Mar 2020 10:14:36 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 May 2022 02:16:09 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 86E0 0
0 57ms
56ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK1iR6978c2Es6ONPu6VWeWGsBhQqudCSrWKi_-YBMj7uqRdmyn-0mM-8bXH1bdnjNrOheNHWIRIyNoOpb_3GRGolWjj9scYc8wKzXBcspF0w0U1gIO-2B8JIWcZc2zXWZav2e3pytVivltQ3M9L18qQXnFh6zhyWw3z8oj-sgbc4Qo8cxqzQMXMJQ-DEBasnodoY82WNBJGrXKq9ZMFdSyxA_3n40FVVgQwOgT2HzrV23EJLquO7ilQ-JqPOCAE9pXepAEy5ioWnzApiHyoKn0uKtNvnMcI9AwCNw8GETTA&sig=Cg0ArKJSzF7ZoDPRwB6fEAE&adurl=

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 12:09:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 86E0 17 KB
7 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 11:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Jun 2021 11:59:52 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 86E0 2 KB
1 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Jun 2021 12:08:38 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86E0 118 KB
36 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621251134821955"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36689
x-xss-protection: 0
expires: Wed, 19 May 2021 12:09:33 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 86E0 0
0 16ms
13ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRFKcRXk80sBvyk8X7MYjb8_qPHb7hpzO6v2nwAb8SCmdeRM96WBekgV1PWrNp6tjaU3ULKJXicoZmNjkYJgo0ROAwZug
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 5697672659398159810
tpc.googlesyndication.com/simgad/ Frame 86E0 61 KB
62 KB 26ms
11ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5697672659398159810

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43f70114d42f5fd84c937506790e3e305066c624bc486e5a354ea710f781735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 05:31:56 GMT
x-content-type-options: nosniff
age: 23857
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62957
x-xss-protection: 0
last-modified: Mon, 02 Mar 2020 09:58:18 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 05:31:56 GMT

GET
H3-29 200 container.html Show response
c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E8F7 6 KB
3 KB 8ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hitsxcash.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hitsxcash.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 19 May 2021 12:09:33 GMT
expires: Thu, 19 May 2022 12:09:33 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 86E0 0
0 85ms
56ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfNM66VURmvdZD_370wPsa1Dzssg0TGkRBHY3_TE2JZ3h-C0f0aQGclq1XRfoOBohV46njJled5TE55VF2RmpxbN1zgNnJptNS5NvePfL4WuWG0pknEeA70xRCvmHm-8RaZ4izbMFEQrc5i3PfL4yxVlzhMTPhOMITAVMpnDFqa0xX3-Uw7vmGFH-CSStXiAy9rUB62dajDB4BOjjVt-ooNLkCy9iROCc7Cx1FVwjUE2oPmjQvG_AGSaXWzCsoRET1nfg9EHbNuHCh_ZVnzqhAhAFD5GuEeBIxGwU4053nPd-V&sig=Cg0ArKJSzB6_5dihiw1UEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 12:09:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 19 May 2021 12:09:33 GMT

GET
DATA 200
OK truncated
/ Frame 86E0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75b914420679d436cca9edf40bbfeacd33fe247836600fb4110641b4b9f99248

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DD0D 0
0 70ms
55ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOMoGSLD_6JVt97bNNUByYGnZssMj2fLdmjnMehqCFtc1dim6vMXttU7Kzk5TydjzDs2pPF7IbTZbTDqfD6WooyrUvkqcK4IAo8QcPQU9ZPvi90czRQ4eEYtzGoYwyQtWP1kmo2wwLV5Yk-8peTrDs9NNA46cCeEl2U4ux3IfAzI4r8wAWUy32IuRFMF1mhzMt1Fi0vvMtTOgHmMLHWSjskOnlT18Pk0xM-t4qF7-Pdui6usmFdbKQHOR7WI0wYtAA-0Jc4VA6sl2gl6Ml1ga_yQJhV9UCOI0XBEAyRNTiU_Fd6Q&sig=Cg0ArKJSzFicANDdTocXEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 12:09:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 19 May 2021 12:09:33 GMT

GET
DATA 200
OK truncated
/ Frame DD0D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b0cb9d23ced642a33a963e7e7798b06ac02e30cfa007940f7ade0c25e07a68a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame BB1D 22 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com
URL: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 11:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2822
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 11:22:31 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BB1D 118 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com
URL: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621251134821955"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36689
x-xss-protection: 0
expires: Wed, 19 May 2021 12:09:33 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E8F7 22 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com
URL: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 11:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2822
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 11:22:31 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8F7 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com
URL: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621251134821955"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36689
x-xss-protection: 0
expires: Wed, 19 May 2021 12:09:33 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame BB1D 0
0 56ms
56ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKEiVGCMs-GVIYsw4l1PW4FYHEgXFaW1PLLr1OzUYCI7N2YtW0c7OvZaZlL9EYKPLOH91WCVhxBwLjP9uZR87Ltvd0k1y10l47KfU-2d3vY5cW3Um0nA11hBMpFcH67ceM4vBIFNgiHr55uh5bOJGllE8ZbJBNdzn3ehf1ouO4IBHbIbaHrpgUCfzg6-5RTMvBgavtCyMdwJYEBGs7x7cgigphURJjBgtv7P1e3WhqA6xqKUKY5hKB6JJzaEbiD189Bha-30Xj7zrzvPFDtjV15dYqXnF1QuscgrbG0D3J&sig=Cg0ArKJSzEChpd-k4CimEAE&urlfix=1&adurl=

Requested by

Host: c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com
URL: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 12:09:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK 1336649 Show response
ad.a-ads.com/ Frame 0E3E 6 KB
2 KB 31ms
31ms Document
text/html 85.10.200.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1336649?size=300x250

Requested by

Host: c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com
URL: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.10.200.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

85-10-200-158.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

312dd36ccce9c9f9e939877485ff271d916db99ed4250be6fea2159c28766264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 19 May 2021 12:09:33 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/
Content-Encoding: gzip

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame BB1D 0
0 55ms
55ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyUwTja0hioJADLOagkr0Kl5cZeZuc2dPshLzkv8hgv-qZLFE5l5tKy9ipf3wDW0IavSD_3BUwPiCj1sit6_7aFg8xGQY2sbGfkoLYAyETIoQzb5Q3FP-E3xtEC7AOz6lNJaXcCY4-S0Z8QeBeMSk2XTHq0oAGfN1zMI1ta_RitSTCC-ln9fMluBrvfYDoPrVWNw7G3rAIfqYtcOMpajK5LwaT-03WCrrKCwOqwwS49SmEzutrPoQYb8j2z4G45EKrVrk9yVrFif0lpd1gcW_dFhgoqoqJU7qkM50ZM6Md524&sig=Cg0ArKJSzHnnTiyHMHjxEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 12:09:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 19 May 2021 12:09:33 GMT

GET
DATA 200
OK truncated
/ Frame BB1D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67f74c9305069c40e52735dc773a7e98fb7aa75621106fe1932724a3373cc320

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E8F7 0
0 61ms
61ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzjJ9rUwD2NCIJiKhVj-Ss4hu5eBXLpyN3BV4YJNhDL7vh0CV6iomBeYAXOAOrCfwJGuntPPR25l8Luv4OGzfgAYtgq4Bv-ykkcbh9Ml4X6jFLZZ9D7Ps9aNrngBygtnjK6GX7HQ6fLQ1YJ3yf9jVKOEoT0NDNmRqllP6TpOztoYQdx1DK4MmVaNUcBhpX8C-fIb94gChpfpMru2uAKajm7nxaiOKbxa2AoAt96v6IfgQthuTTm4IYQfzoOCMgH7JOWlK1m0aDRvAvlUONBX8-HNYEnCGm&sig=Cg0ArKJSzJQQGoGCOnXSEAE&urlfix=1&adurl=

Requested by

Host: c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com
URL: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 12:09:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 577 1336637 Show response
ad.a-ads.com/ Frame 2635 0
128 B 24ms
23ms Document
text/plain 85.10.200.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.a-ads.com/1336637?size=728x90
Requested by: Host: c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com
URL: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.10.200.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 85-10-200-158.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 19 May 2021 12:09:33 GMT
Content-Length: 0
Connection: keep-alive

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E8F7 0
0 57ms
56ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGzGNel-Li1MInFRrbJWKCzWeb0NHwvGi3M611qwAMQuwWgKC8ufOW4nLvhuu0kmHAWgyzZB7hdg_DW6ycxCeheARSAoOMbgP4HB-Q_DLtms542oO5R4oGPyWiL9gbuwjM68drXE10Cdk22zE4P2B-g3FBz16wz26uuUnS8LumDpML_OAcsOyk2oGCm-htL8-FoQKDfMe2jlSsEI-9L7EySkgeOba85zLRdQUIZMksrqeZUdThq6USKrKQrYRMIXIEG7olH5A5c2wGPaNdbcR_t4c-gIyn2QE&sig=Cg0ArKJSzM4SD6PFQOe5EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 12:09:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 19 May 2021 12:09:33 GMT

GET
DATA 200
OK truncated
/ Frame E8F7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef406a7a191ced877e47be390cd75de40f6d123503bc624620d0c8e878d6bd90

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 300x250
static.a-ads.com/a-ads-banners/135512/ Frame 0E3E 194 KB
194 KB 27ms
26ms Image
image/png 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/135512/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1336649?size=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e9e59493910307e7a11610d4e9aa3eb29827894ad1ed3016e4751630d6d91a1a

Request headers

Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 12:09:34 GMT
Last-Modified: Sun, 27 Dec 2020 19:14:05 GMT
Server: nginx/1.14.0 (Ubuntu)
x-amz-request-id: BF56332D6762AE81
ETag: "81edcdd6bf4dabcd21d3d1bcb8f9afcf"
Content-Type: image/png
Cache-Control: max-age=315360000
Content-Length: 198368
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: JvSvY5FgknDiDQNdSwsvPbIDpvfOb246yxwLlCc1DtVqdLcV9VWJQ3wG/AULnOrL38XflIfppJM=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 0E3E 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
Ok counter_js.php Show response
counter1.fc2.com/ 7 KB
988 B 185ms
185ms Script
application/x-javascript 44.239.233.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://counter1.fc2.com/counter_js.php?id=89431230&main=0&lang=0&visitor=2
Requested by: Host: counter1.fc2.com
URL: https://counter1.fc2.com/counter.php?id=89431230
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.233.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-233-229.us-west-2.compute.amazonaws.com
Software: nginx/1.5.7 /
Resource Hash: 090adb14f480a17268364fe8c0b08264fdcdc488609881b583079dc3d8dc1af2

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 12:09:34 GMT
Content-Encoding: gzip
Server: nginx/1.5.7
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 639
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2378
date: Wed, 19 May 2021 11:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 19 May 2021 13:29:56 GMT

GET
H/1.1 200
OK a.php Show response
rf.revolvermaps.com/w24/a/ Frame 0637 4 KB
2 KB 7ms
6ms Document
text/html 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://rf.revolvermaps.com/w24/a/a.php?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
Requested by: Host: rf.revolvermaps.com
URL: https://rf.revolvermaps.com/0/0/0.js?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 13ce26a16a7f42afd0e61c3a3f6cc69c446375a552398ee8ecbc7096b5dab6a5

Request headers

Host: rf.revolvermaps.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hitsxcash.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hitsxcash.com/

Response headers

Date: Wed, 19 May 2021 12:09:34 GMT
Server: Apache
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1862
Keep-Alive: timeout=4, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2135992764&t=pageview&_s=1&dl=https%3A%2F%2Fhitsxcash.com%2F&ul=en-us&de=UTF-8&dt=HitsXCash.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1254019716&gjid=1078672980&cid=1337564889.1621426174&tid=UA-536562-121&_gid=541335438.1621426174&_r=1&_slc=1&z=1092605166

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 May 2021 12:09:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hitsxcash.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 293.png
rf.revolvermaps.com/w24/a/g/2/p/3/ Frame 0637 191 B
466 B 6ms
5ms Image
image/png 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rf.revolvermaps.com/w24/a/g/2/p/3/293.png
Requested by: Host: rf.revolvermaps.com
URL: https://rf.revolvermaps.com/w24/a/a.php?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4ec12e4d0fb3f80148992b9bbe979a7b7ff758017cdb79d73a820f914281cf04

Request headers

Referer: https://rf.revolvermaps.com/w24/a/a.php?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 12:09:34 GMT
Last-Modified: Wed, 15 Jul 2015 13:55:13 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=290304000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=98
Content-Length: 191

GET
H/1.1 200
OK 9.png
rf.revolvermaps.com/w24/a/g/2/b/0/ Frame 0637 163 B
438 B 7ms
6ms Image
image/png 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rf.revolvermaps.com/w24/a/g/2/b/0/9.png
Requested by: Host: hitsxcash.com
URL: https://hitsxcash.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 3a2d09f5fc7226a77c23d774bc83b118ca85e2c76a547db9581b3f4e0029261f

Request headers

Referer: https://rf.revolvermaps.com/w24/a/a.php?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 12:09:34 GMT
Last-Modified: Wed, 15 Jul 2015 13:51:43 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=290304000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=97
Content-Length: 163

GET
H/1.1 200
OK a.php Show response
rf.revolvermaps.com/w24/b/ Frame 0637 100 B
252 B 6ms
6ms XHR
text/plain 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://rf.revolvermaps.com/w24/b/a.php?i=0wmj1wrp35c&ujel
Requested by: Host: rf.revolvermaps.com
URL: https://rf.revolvermaps.com/w24/a/a.php?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 0c9c330905257b31bce11dba6e87a0ebbb735634b4add96bfbe11cdb8ea92359

Request headers

Referer: https://rf.revolvermaps.com/w24/a/a.php?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 12:09:34 GMT
Server: Apache
Connection: close
Content-Length: 100
Content-Type: text/plain;charset=UTF-8

GET
H2 200 l.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 151 B
423 B 122ms
32ms Image
image/gif 178.79.227.24
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/l.gif

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.24 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-227-24.vie.llnw.net

Software

nginx /

Resource Hash

742d45174f87049d5a8ab89a2c97100b91520fb8e947c6b0e015ddb64b84a4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1827321
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 151
x-llid: 5f8522b6d56528c3cbe2e98acad0e159
expires: Sat, 29 May 2021 08:34:13 GMT

GET
H2 200 0.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 104 B
374 B 123ms
32ms Image
image/gif 178.79.227.24
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/0.gif

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.24 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-227-24.vie.llnw.net

Software

nginx /

Resource Hash

b898c81de9e08d0e5d71886604218e3876e77d123e75071f4657e5e8b3c39972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1827321
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 104
x-llid: 2e0b0125d90703c102dd3cdb6a07e235
expires: Sat, 29 May 2021 08:34:13 GMT

GET
H2 200 3.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 100 B
372 B 124ms
34ms Image
image/gif 178.79.227.24
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/3.gif

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.24 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-227-24.vie.llnw.net

Software

nginx /

Resource Hash

c693d2fa00397a991e491562ae6926062e37546c91fc7181180660d44c5f7a1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1798694
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 100
x-llid: f07de67ccf23e43109238a1309bea5d0
expires: Sat, 29 May 2021 16:31:20 GMT

GET
H2 200 9.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 103 B
374 B 122ms
33ms Image
image/gif 178.79.227.24
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/9.gif

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.24 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-227-24.vie.llnw.net

Software

nginx /

Resource Hash

6fce823a0d1d3e7fc8004eb9ef0f4d84fc6e53119d1648a3f31743dfba900d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1798110
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 103
x-llid: dd52eb11e6cbfe77e9ee04b00837153a
expires: Sat, 29 May 2021 16:41:04 GMT

GET
H2 200 4.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 99 B
368 B 124ms
34ms Image
image/gif 178.79.227.24
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/4.gif

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.24 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-227-24.vie.llnw.net

Software

nginx /

Resource Hash

1c282935b69b1b8cbb25a4efe19c0639a9200a5c041c885807fd804dcd1629f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1779177
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 99
x-llid: c8a5c7feaec101c77a724402279b58d2
expires: Sat, 29 May 2021 21:56:37 GMT

GET
H2 200 1.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 85 B
355 B 122ms
33ms Image
image/gif 178.79.227.24
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/1.gif

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.24 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-227-24.vie.llnw.net

Software

nginx /

Resource Hash

469c28faf7e3a0f28229da578690572d0ebde3c651221e9969ba29a0a4b5258a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1779340
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 85
x-llid: 937c123c025db56a4236e30a1dc5579e
expires: Sat, 29 May 2021 21:53:54 GMT

GET
H2 200 5.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 99 B
370 B 34ms
33ms Image
image/gif 178.79.227.24
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/5.gif

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.24 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-227-24.vie.llnw.net

Software

nginx /

Resource Hash

7413938dd771a42e63d9c6803c0299a1847c8ea2f2037a8a6bac92d4093f480b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1810175
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 99
x-llid: 4554715f6c5e364e70c9ff5e66496b75
expires: Sat, 29 May 2021 13:19:59 GMT

GET
H2 200 r.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 64 B
334 B 33ms
32ms Image
image/gif 178.79.227.24
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/r.gif

Requested by

Host: hitsxcash.com
URL: https://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.24 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-227-24.vie.llnw.net

Software

nginx /

Resource Hash

ee40f64f02399f80d11bd73f0c366c451d09c1e07f4c749e79cc8bf1f69a54ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1827319
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 64
x-llid: de76bdb49d40bf1103952da0b735f5b7
expires: Sat, 29 May 2021 08:34:15 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 27ms
25ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343759aa0471f7b2e5ac0412000828d737fbb293ddad6e9cd39a7573920ad91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 12:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 19 May 2021 12:09:34 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7DF2 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hitsxcash.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hitsxcash.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 19 May 2021 12:07:24 GMT
expires: Thu, 19 May 2022 12:07:24 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 130
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7DF2 14 KB
6 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34406ede96a365d79736bcc131328aa43ae78e2864ca1e4df2e3005a56aecac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 09:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 8744
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5770
x-xss-protection: 0
expires: Thu, 19 May 2022 09:43:50 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=4152840547011751&bg=!kZKlktbNAAZ7hX_Ue4U7ACkAdvg8WlnepTv2ZQScjEK3MIIozXY3-76WlIhaSCwlw5BPnW8MkTYrYwIAAAC1UgAAAA5oAQcKAN05OdFojyPI4705v1zfwGwW7kNYkwFJwntgmsfyklkJ7b2Q3hjP81ORM-4_EYGeeuELYmwPT2QckW8LsyHEcefPL6WyFanL9hYTSJgdWYLxbD4xq2wSunPQwXTOsMfzlWAfsI6AmWDyEqdZUpA_45c3ZzEQse6V9eHUhY4H4SScVViLzCyXlwKdme2WdR3LTwsxx9zGx34YxppalCaaNsVR3Bg2IY13Pj4wJrdD5Cc3VyCSsWOyBSCyPklSzzcNtS6tkRKyWe2Gt7cIgG-Tg-WeRy-8g9hpSwjglpU9fpkCPXj09YOl72GAoQr4Izvxsekx8d2vaQJoAf9HPoNNaPmKRA9OrrhRQzYruzkljOiJvWNZbMNCrPuLzkLpFfqi2f76CXVlDK-yiiqoigLd9GOY_LK28foQEAfQO8apCjxKNEhpL4BYjCmQmaT7qw3TPFgj4GWMPV-YN3TpxfxfdrO40Z5vkPH0NyYSzrAeEYIs5WfU1unl8h4dMN4kSsoJoDpAUVpIUpALW7IvOpdhUazF4miLIpP1vb7Ak-26yy79PHrDv_WGNP8fwVBAdOM5Gdl9wohzpa7IN-O01WLfxbuykJPLTSugVe8qljvbQQkCEDcwrf3k_cXcowIeefUoHuo6uIFbtjEr3tErIK95vkOEyddIjlzNNU6aoYs34pgplnl5RWaQENC5P7Ghp8EZH8sZSucWRIKIRJLNrHpCIhaj3g1GYz4n8SjXbLFXSBl-Pex_mbP7bihKE20ncmp_HIBxwvelvcr1zxN8f-5Zkj3aesyLCIBJMi3RUy5jT6-qNfMNLZU6nyqSltL63tU46k42xo1gOWKSRyNwcrBIlMAg2qN6kpswXU_LpE7KU6C5BRhuQ7AFyDWkalaxA4jMlAovnRMO4bmysYZDWmYL7Eb1BfFsH5lqC5zHvrT_GhUTYHuWxoIe2dNmtaDs-X4LjF1kdptXQ4DxAVR16K1n9DLcfjV1fq6e_Oz2YrVpqEtJyNiwEqlLPCb6ORj91JI8BUyZ0rBQPaq-wxb_mOh6bSq-UuVlGRwev0TQD1zf7g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 12:09:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hitsxcash.com/	1970-01-19 18:23:46	Name: _gat Value: 1
.hitsxcash.com/	1970-01-19 18:25:12	Name: _gid Value: GA1.2.541335438.1621426174
.hitsxcash.com/	1970-01-20 11:54:58	Name: _ga Value: GA1.2.1337564889.1621426174
hitsxcash.com/	1970-01-19 19:06:58	Name: fc2cnt_89431230 Value: 1-1621426174
.doubleclick.net/	1970-01-20 03:45:22	Name: IDE Value: AHWqTUkqax6LxXzrb4lJD_mSAvIqhvazpgVacEs68U_hUNr59DUOo15x_i23GZhThWI
.hitsxcash.com/	1970-01-20 03:45:22	Name: __gads Value: ID=14489f623090c95c:T=1621426173:S=ALNI_MZlxyF-vmTlGlRzJ1jF58Wl59b8ug
hitsxcash.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 11080efb580dbdb830433d9be97e98ac

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
adhitzads.com
adservice.google.com
adservice.google.de
c993d5402bd860e7f4cf5309f15c0312.safeframe.googlesyndication.com
counter1-cdn-ssl.fc2.com
counter1.fc2.com
googleads.g.doubleclick.net
hitsxcash.com
p3.adhitzads.com
pagead2.googlesyndication.com
partner.googleadservices.com
ra.revolvermaps.com
rf.revolvermaps.com
securepubads.g.doubleclick.net
static.a-ads.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.paypalobjects.com
104.111.228.123
104.21.55.158
172.217.23.98
178.79.227.24
213.239.209.209
2606:4700:3034::6815:1506
2a00:1450:4001:802::2001
2a00:1450:4001:802::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:f820:425::3
44.239.233.229
85.10.200.158
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
07ed686f1bd077aa87d839427fc1785524d2d5ea942e0dd20bbdafa98bdfb44b
090adb14f480a17268364fe8c0b08264fdcdc488609881b583079dc3d8dc1af2
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c9c330905257b31bce11dba6e87a0ebbb735634b4add96bfbe11cdb8ea92359
1058f8dc17931806401374169633c7d2455fe16e9a28829c23457e1c6f1d5871
13ce26a16a7f42afd0e61c3a3f6cc69c446375a552398ee8ecbc7096b5dab6a5
1c282935b69b1b8cbb25a4efe19c0639a9200a5c041c885807fd804dcd1629f8
1c6786a0ba78045e5ed921459a722b6b9d68c6abebed9f8d11f5a73cd333deab
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
2379959a22cd3e17009d3d8391377785ac80d40ab836687acd99f8f7dd75123c
2a138f5a790f47f9c8e1b3b6c88ea4fecb1abd1b1011a7d842b721d2fa943ed3
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
312dd36ccce9c9f9e939877485ff271d916db99ed4250be6fea2159c28766264
331b98fb796877e585822c176cee5dd048adeb64500e79286b2b9bd85b55e278
343759aa0471f7b2e5ac0412000828d737fbb293ddad6e9cd39a7573920ad91a
34406ede96a365d79736bcc131328aa43ae78e2864ca1e4df2e3005a56aecac6
3a2d09f5fc7226a77c23d774bc83b118ca85e2c76a547db9581b3f4e0029261f
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
45913d6ac3e59a80db423229348369158075e8f7b34f64f39620c66bb502eb85
469c28faf7e3a0f28229da578690572d0ebde3c651221e9969ba29a0a4b5258a
4776f6c55af827f8042c1cf9cd77a6ce64efbba1f8ab8f7b1aeccf14d3e3f129
4b0cb9d23ced642a33a963e7e7798b06ac02e30cfa007940f7ade0c25e07a68a
4eb36b4ee54c1737b5489d7b05d3c88a9914c5828fbb7bb358165cee347437e8
4ec12e4d0fb3f80148992b9bbe979a7b7ff758017cdb79d73a820f914281cf04
4f488ba69b34a8b4d924f46e58cbbe62ad1031ee74af785d328ccb54c4cd9b5f
58b90f5b80e8c6b23a42d1dcec8456b6dc7c5659bac6b94f8570758f34ef8c19
5eaca3b397465e620123087585349af453a0948bfac1534e5af95b0deb806a74
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
65bd64f93eeb0e9cac00f8ed11c2a9c4663907c5a96b7c80bfd2c7502141939b
6729ffff53b0ddba24401f309552ade8efa6c003c196c01b08269c03a69f216b
67f74c9305069c40e52735dc773a7e98fb7aa75621106fe1932724a3373cc320
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6fce823a0d1d3e7fc8004eb9ef0f4d84fc6e53119d1648a3f31743dfba900d0d
70b0768d793bc792cd39e2c7344723829ee9e9789e2267ed8403502131997b67
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7413938dd771a42e63d9c6803c0299a1847c8ea2f2037a8a6bac92d4093f480b
742d45174f87049d5a8ab89a2c97100b91520fb8e947c6b0e015ddb64b84a4d4
75b914420679d436cca9edf40bbfeacd33fe247836600fb4110641b4b9f99248
88413e9da5b59b4976312fded3957047ad987f1b254916426e2fe96e167f7d79
8e0fc961fbc5fc9b37593fe842b02d49200771db1d41274d86629b9f31b19631
8e9945d7ebf431506391edb3431741c9007f4248bbb09dd451f54d67da1ef01e
920897495429ab8ca6c16d0022634319dc6516640d698e24e57b23e8639098cf
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
94d3dd0782f347744d697af65457ec2b5d2cf770e1d7ce85aff3e00afd79a162
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
9fc00c599aa0902fa44e23d4ab87ffeb9fbaa747e095275f985f0b771494cb12
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d4639aab248e60f0134b4fbe21ad94db5b079f170e40f5d58e27eea7add427
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b13674337c0507935efb569e0e17c718c83c604a9410e343520db2249ca133dd
b898c81de9e08d0e5d71886604218e3876e77d123e75071f4657e5e8b3c39972
ba8c9081fe27a1fa4e120eea7890c37edb35083a9b254cd70ad69f9e19caa84f
bdc8d50727927e929c2ecb6e5a940de5502b480f97f9cecb5299f39db08e4c07
c0d80a3b13d197b70021100595dca269e9397406d471e2ccbafc4e09897e9bb1
c262f27abcd636af1c3c20b4b19c55e28b206e29b4c75269d3f1aed51710f81a
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c693d2fa00397a991e491562ae6926062e37546c91fc7181180660d44c5f7a1c
c7c787516f199fb142c07f23812292e03903ae3c43e481d7b4ee4aeef53fa795
cad40e4825640461c5fabaf7112e150acdf88d61536e7ec12fd96dd0c654eef2
cd5149cd6f510a974d58194fde5e095bc0472b91fda3f5616dd7653bd6a79c40
cfa4fc594ac3fe337d1345d90cfa4e62ff956299c9f1c50c6a86058cdffe3871
d284bd418bf30e8d82d9aaf0eeae47d3849fec189e61d2be0bd75bf33ce16651
e1279beb885d2f50cf6eed4644a6b163d82f0445ab2b54b3503a57c23c645287
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e59493910307e7a11610d4e9aa3eb29827894ad1ed3016e4751630d6d91a1a
ee40f64f02399f80d11bd73f0c366c451d09c1e07f4c749e79cc8bf1f69a54ee
ef406a7a191ced877e47be390cd75de40f6d123503bc624620d0c8e878d6bd90
efae543cf72bafecd8d2b7ccf25a2c8b089509fd40f3d9df2c4f666b7ee9d57e
f16a1e3f5cbb2d9e3c40496cc9a8bb80b199090170383b0ad1993983b3f65b6a
f43f70114d42f5fd84c937506790e3e305066c624bc486e5a354ea710f781735
f7c26cbada08081bb62c627fddcdf21f30b15a794949f01dde72ac00df2b1b53
f891b6d255b1dc9198152c08d5e27fd4b6de60f11853dc211f017b95c34bdf0e

hitsxcash.com Open in urlscan Pro 2606:4700:3034::6815:1506 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

92 Requests

100 %HTTPS

59 %IPv6

13 Domains

21 Subdomains

18 IPs

2 Countries

1432 kBTransfer

2593 kBSize

7 Cookies

5 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hitsxcash.com Open in urlscan Pro
2606:4700:3034::6815:1506 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

100 %
HTTPS

59 %
IPv6

13
Domains

21
Subdomains

18
IPs

2
Countries

1432 kB
Transfer

2593 kB
Size

7
Cookies

92 HTTP transactions
8 data transactions