hitsxcash.com Open in urlscan Pro
2606:4700:3035::ac43:c3a0 Public Scan

URL:
http://hitsxcash.com/
Submission: On May 20 via manual (May 20th 2021, 9:20:47 am UTC) from PH

Summary HTTP 103 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 13 domains to perform 103 HTTP transactions. The main IP is 2606:4700:3035::ac43:c3a0, located in United States and belongs to CLOUDFLARENET, US. The main domain is hitsxcash.com.

This is the only time hitsxcash.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3035::ac43:c3a0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:f820:425::3 2a00:f820:425::3	34549 (MEER-AS m...) (MEER-AS meerfarbig GmbH & Co. KG)
8	104.21.55.158 104.21.55.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
2	44.239.233.229 44.239.233.229	16509 (AMAZON-02) (AMAZON-02)
6	148.251.53.118 148.251.53.118	24940 (HETZNER-AS) (HETZNER-AS)
10	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	5.9.10.165 5.9.10.165	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
9	95.140.236.130 95.140.236.130	22822 (LLNW) (LLNW)
103	21

18 2606:4700:3035::ac43:c3a0 (United States)

ASN13335 (CLOUDFLARENET, US)

hitsxcash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:f820:425::3 (Germany)

ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE)

ra.revolvermaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rf.revolvermaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.21.55.158 (United States)

ASN13335 (CLOUDFLARENET, US)

adhitzads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p3.adhitzads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.239.233.229 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-233-229.us-west-2.compute.amazonaws.com

counter1.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 148.251.53.118 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.118.53.251.148.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.9.10.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.10.9.5.clients.your-server.de

static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 95.140.236.130 (United States)

ASN22822 (LLNW, US)
PTR: https-95-140-236-130.fra.llnw.net

counter1-cdn-ssl.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	googlesyndication.com pagead2.googlesyndication.com 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com tpc.googlesyndication.com	257 KB
18	hitsxcash.com hitsxcash.com	305 KB
12	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	127 KB
11	fc2.com counter1.fc2.com counter1-cdn-ssl.fc2.com	6 KB
11	revolvermaps.com ra.revolvermaps.com rf.revolvermaps.com	19 KB
10	a-ads.com ad.a-ads.com static.a-ads.com	1 MB
8	adhitzads.com adhitzads.com p3.adhitzads.com	346 KB
6	googletagservices.com www.googletagservices.com	192 KB
3	google.com adservice.google.com www.google.com	287 B
2	google-analytics.com www.google-analytics.com	19 KB
2	google.de adservice.google.de	287 B
1	googleadservices.com partner.googleadservices.com	263 B
1	paypalobjects.com www.paypalobjects.com	11 KB
103	13

	Domain	Requested by
18	hitsxcash.com	hitsxcash.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net hitsxcash.com 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
9	counter1-cdn-ssl.fc2.com	hitsxcash.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com
7	p3.adhitzads.com	adhitzads.com p3.adhitzads.com hitsxcash.com
6	ad.a-ads.com	hitsxcash.com 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
6	ra.revolvermaps.com	hitsxcash.com ra.revolvermaps.com
6	www.googletagservices.com	hitsxcash.com pagead2.googlesyndication.com securepubads.g.doubleclick.net 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
5	rf.revolvermaps.com	hitsxcash.com rf.revolvermaps.com
5	pagead2.googlesyndication.com	hitsxcash.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	static.a-ads.com	ad.a-ads.com
2	www.google-analytics.com	hitsxcash.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	counter1.fc2.com	hitsxcash.com counter1.fc2.com
1	www.google.com	securepubads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.paypalobjects.com	hitsxcash.com
1	adhitzads.com	hitsxcash.com
103	21

This site contains links to these domains. Also see Links.

Domain
www.paypal.com
payeer.com
stripe.com
counter.fc2.com
www.revolvermaps.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-19` - `2022-05-18`	a year	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2021-04-29` - `2021-12-13`	8 months	crt.sh
*.fc2.com Amazon	`2021-04-10` - `2022-05-09`	a year	crt.sh
*.revolvermaps.com R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2020-12-02` - `2022-01-02`	a year	crt.sh

This page contains 17 frames:

Primary Page: http://hitsxcash.com/
Frame ID: 2044EC762C345525A50B91AC03E7EBB9
Requests: 58 HTTP requests in this frame

Frame: http://ad.a-ads.com/1152685?size=728x90&background_color=000000&text_color=ffffff&title_color=ffffff&link_color=ffffff
Frame ID: 4BD82FF160EA92FD38F387DC68FF26BA
Requests: 3 HTTP requests in this frame

Frame: http://ad.a-ads.com/1152679?size=250x250&background_color=000000&text_color=ffffff&title_color=ffffff&title_hover_color=ffffff&link_color=ffffff&link_hover_color=ffffff
Frame ID: 8166844EE52FA7B8A5F893A1F3617651
Requests: 3 HTTP requests in this frame

Frame: http://ad.a-ads.com/1152685?size=728x90
Frame ID: E93D2695B5658C2EB6FE7AC62E8CE050
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: FFB344CBC7079B17C361FF1FA2452997
Requests: 1 HTTP requests in this frame

Frame: http://ra.revolvermaps.com/w/6/a/b.php?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30
Frame ID: 80D84A55C652D59A17528F0798132C07
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6101907629147976&output=html&adk=1812271804&adf=3025194257&lmt=1621502426&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fhitsxcash.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1621502426020&bpp=3&bdt=130&idt=75&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4033602378474&frm=20&pv=2&ga_vid=1229641411.1621502426&ga_sid=1621502426&ga_hid=1235919184&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1091557246004375&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=103
Frame ID: F15D06544022595D3FBD14864A23851F
Requests: 1 HTTP requests in this frame

Frame: https://p3.adhitzads.com/60a629da2b24b497690164ghitsxcash.com212003
Frame ID: CF681CA0C4C92A45D45B14A8ED07C95C
Requests: 3 HTTP requests in this frame

Frame: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8F32F380559C3632BCED1BA1DE7BBF71
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuW5tcVcp_BezQzGjOOzp915b2KDi7kY_kGSOEFWGVhvpVcS56iwUHzg8DHlhbiV1A13w6e4hX0Mr4j3En1o0qYtIoh02fKvCy2Bru-yprcLwITvCbSfpfsdkrtuy9mDbyihlvc_A2__Gz00PeJ4ct7-Ep4BdIcTn_TJry_XZzkMyugPdPoFZgLfFw1iGgEoZbrrm8eq5UA3sxfqHwXw6-oGfe7bCKzO3ZvJSFSAZRg40ZpDGFdsX1TjDQe-2g4lSBmhYNnN2Fu6DlkinJPzHQMNWaS-_W3J-xLcavTw-YMUKw&sig=Cg0ArKJSzLkJukBcVqlhEAE&adurl=
Frame ID: 5184658BA0DC0B9FA869DEBD44ABC4CC
Requests: 8 HTTP requests in this frame

Frame: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7877C9FE1E4F396D439CABFEDEABF33E
Requests: 6 HTTP requests in this frame

Frame: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CD3E6167E2F63ECF2E5C603D72EDD155
Requests: 6 HTTP requests in this frame

Frame: http://rf.revolvermaps.com/w24/a/a.php?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
Frame ID: D4175647D531DBCD8629CC0895CFB789
Requests: 4 HTTP requests in this frame

Frame: https://ad.a-ads.com/1336649?size=300x250
Frame ID: C9BB0587A166058447E55ED870A4292C
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1336637?size=728x90
Frame ID: 262F395D16F480C6AB7B2A77AAC0F0EA
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1336649?size=300x250
Frame ID: 742A5F865604EA848D4CE7AC62512ABD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: D978777707C903AA6AB5D6DBC30AB151
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

103
Requests

65 %
HTTPS

60 %
IPv6

13
Domains

21
Subdomains

21
IPs

2
Countries

2366 kB
Transfer

3505 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.paypal.com/
Title:

Search URL Search Domain Scan URL

URL: https://payeer.com/08366959
Title:

Search URL Search Domain Scan URL

URL: https://stripe.com/
Title:

Search URL Search Domain Scan URL

URL: https://counter.fc2.com/

Search URL Search Domain Scan URL

URL: https://www.revolvermaps.com/?target=enlarge&i=0wmj1wrp35c
Title: RevolverMaps Live Stats

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

103 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
hitsxcash.com/ 12 KB
5 KB 227ms
212ms Document
text/html 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de386181543637d4513d50941ca055569b04bac761a7c0a94d52933a04da114

Request headers

Host: hitsxcash.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 4284
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache no-cache
Set-Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
cf-request-id: 0a2aac924a0000c2db0bab0000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6keUMEJq0%2Bif8LIEZujxRcuM4JfYsny2BQr79M2M1wcIHs2Q6EjjoWorGryc6lEb%2BV6Mi%2BtN3EcPSID%2B3%2FoowAQzwM%2FXXA6Zw3SqiiHlOz6kIEeTX5KuCm9b"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 65247d307c75c2db-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK style.css
hitsxcash.com/theme/dark/ 53 KB
8 KB 15ms
14ms Stylesheet
text/css 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7d4639aab248e60f0134b4fbe21ad94db5b079f170e40f5d58e27eea7add427

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://hitsxcash.com/
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 532904
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7825
cf-request-id: 0a2aac93240000c2db7317c000000001
Last-Modified: Fri, 18 Dec 2020 11:06:30 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b8bsXkBCy83JTuzhJAq7LCoB567g%2ByIseN8sUgksm6Jy%2FdscIQzgeZrKiPCF%2FKuaOL95rK%2BcjOoMxhpc0jWdwvCYenBg68F9hdJTeuTLuTiDSBUgkgKmHlyj"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=604800, proxy-revalidate
Accept-Ranges: bytes
CF-RAY: 65247d31ded7c2db-FRA
Expires: Fri, 21 May 2021 05:18:40 GMT

GET
H/1.1 200
OK jquery.js Show response
hitsxcash.com/js/ 82 KB
30 KB 29ms
23ms Script
application/javascript 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hitsxcash.com/js/jquery.js
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e9945d7ebf431506391edb3431741c9007f4248bbb09dd451f54d67da1ef01e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://hitsxcash.com/
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 532904
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 29530
cf-request-id: 0a2aac93290000d6d5d625a000000001
Last-Modified: Sun, 14 Apr 2019 07:33:52 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k4ckcixg5BcNI10ab9Hymw8PaxjdMPF4kVrCkQaYNtV6KaFzNPPgqsi6uFaLkdrSTVWn0FdBt3fHp3gzjYx3VR%2Fban7zhQfSUmU9pxy%2B5OesLNIq0du0x3m9"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=604800, proxy-revalidate
Accept-Ranges: bytes
CF-RAY: 65247d31db64d6d5-FRA
Expires: Fri, 21 May 2021 05:18:40 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

531066f916c0d0c983b091a5acac71d48d29003395d52d577b35f9e4b2589b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "877 / 241 of 1000 / last-modified: 1621462429"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21284
x-xss-protection: 0
expires: Thu, 20 May 2021 09:20:25 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 30ms
23ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 20 May 2021 09:20:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 4501822382306722350
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 47950
X-XSS-Protection: 0
Expires: Thu, 20 May 2021 09:20:25 GMT

GET
H/1.1 200
OK logo.png
hitsxcash.com/theme/dark/images/ 8 KB
9 KB 28ms
26ms Image
image/png 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hitsxcash.com/theme/dark/images/logo.png
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ed686f1bd077aa87d839427fc1785524d2d5ea942e0dd20bbdafa98bdfb44b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hitsxcash.com/
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2347529
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 8262
cf-request-id: 0a2aac93510000d6d5c434d000000001
Last-Modified: Mon, 15 Apr 2019 08:43:54 GMT
Server: cloudflare
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GnVjFW4tgzlMS%2FfmbCPOfETP0Uf6JBnj2Ho5hADmLXIQCZQWiey%2BjqBavkcnnnbOvXoZHTNAPiCP7pIbfy4ejsjYuIwd9siuwzR3FduW10Z8xUGh3Q0gRoGr"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=3024000
Accept-Ranges: bytes
CF-RAY: 65247d321bdfd6d5-FRA
Expires: Fri, 28 May 2021 05:14:56 GMT

GET
H/1.1 200
OK 6.js Show response
ra.revolvermaps.com/0/0/ 2 KB
1 KB 19ms
6ms Script
application/javascript 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: http://ra.revolvermaps.com/0/0/6.js?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4eb36b4ee54c1737b5489d7b05d3c88a9914c5828fbb7bb358165cee347437e8

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Jun 2017 15:59:45 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=100
Content-Length: 975

GET
H/1.1 200
OK traffic-3.jpg
hitsxcash.com/img/ 35 KB
36 KB 15ms
14ms Image
image/jpeg 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hitsxcash.com/img/traffic-3.jpg
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b13674337c0507935efb569e0e17c718c83c604a9410e343520db2249ca133dd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hitsxcash.com/
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2347529
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 36053
cf-request-id: 0a2aac93520000c2dbf81aa000000001
Last-Modified: Sun, 05 May 2019 11:40:57 GMT
Server: cloudflare
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Kf1Rcn43zTkag5ETqIYk1xVg4kWZfdVXEgBrcu17vVG7dhD1U29bc0GRPtJ4lUghYooes8%2Baqy7q5VslLuCi4wceYKmZBBBwxG%2FZQvM3sg3dEaUMgR2YudJY"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=3024000
Accept-Ranges: bytes
CF-RAY: 65247d321f47c2db-FRA
Expires: Fri, 28 May 2021 05:14:56 GMT

GET
H/1.1 200
OK Get-Instant-Access-Button-2.png
hitsxcash.com/img/ 17 KB
18 KB 25ms
18ms Image
image/png 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hitsxcash.com/img/Get-Instant-Access-Button-2.png
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd5149cd6f510a974d58194fde5e095bc0472b91fda3f5616dd7653bd6a79c40

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hitsxcash.com/
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2347528
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 17233
cf-request-id: 0a2aac93560000062124a88000000001
Last-Modified: Sun, 05 May 2019 11:57:34 GMT
Server: cloudflare
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w%2BfdAQOKfqQQq4voMAiixdk%2FfCvvLAmFfKv2qHr%2BkaX1sZHqjN%2FZG4%2F8Sj%2FFW4vfizM0VKgWnu0y3uPpsyq68bSogX3tkyI4ItDkNj2X9Sxix%2B14bglqPaj5"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=3024000
Accept-Ranges: bytes
CF-RAY: 65247d322c920621-FRA
Expires: Fri, 28 May 2021 05:14:57 GMT

GET
H/1.1 200
OK banner.png
hitsxcash.com/img/ 77 KB
78 KB 39ms
32ms Image
image/png 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hitsxcash.com/img/banner.png
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d284bd418bf30e8d82d9aaf0eeae47d3849fec189e61d2be0bd75bf33ce16651

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hitsxcash.com/
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2347528
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 79214
cf-request-id: 0a2aac93560000d6d133bce000000001
Last-Modified: Sun, 05 May 2019 10:12:50 GMT
Server: cloudflare
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AMoVUVPgmuNxtujHBQkTewmf4iPu7LoWclzH1SOr0mOS94HTOM61mi3bGIK7iDXn38JLIVxMffRh2vM8LK%2FguypNZKW4h8nu3eJJEhXkMHAbZiVeT%2FlcyWxE"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=3024000
Accept-Ranges: bytes
CF-RAY: 65247d322dc3d6d1-FRA
Expires: Fri, 28 May 2021 05:14:57 GMT

GET
H/1.1 200
OK main.png
hitsxcash.com/img/ 93 KB
94 KB 42ms
36ms Image
image/png 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hitsxcash.com/img/main.png
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b0768d793bc792cd39e2c7344723829ee9e9789e2267ed8403502131997b67

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hitsxcash.com/
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2347528
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 95210
cf-request-id: 0a2aac935700002c323019f000000001
Last-Modified: Wed, 12 Jun 2019 07:29:52 GMT
Server: cloudflare
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9%2B9tfKlit0YBwiEZorjdLGfkJNfEhBt5QvkeWoPh615YSjeGSAu6eHuOAI4u8R27sfnRwVqcliTGQmytJphYjriFmBVZbXCQYY1clpSVLdjapRQmBX2vx1uj"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=3024000
Accept-Ranges: bytes
CF-RAY: 65247d3228302c32-FRA
Expires: Fri, 28 May 2021 05:14:57 GMT

GET
H/1.1 200
OK b-1_728x90_0oe0l76.gif
hitsxcash.com/files/banners/ 10 KB
11 KB 19ms
18ms Image
image/gif 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hitsxcash.com/files/banners/b-1_728x90_0oe0l76.gif
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d661eb57b8a2b456c8c3542171f14e35941b0eacb13745b0d8346c81dfbe3a2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hitsxcash.com/
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2319361
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 10202
cf-request-id: 0a2aac93600000c2db6a09e000000001
Last-Modified: Mon, 22 Feb 2021 08:13:21 GMT
Server: cloudflare
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=juTqdmNXyq0TvC1QMo0La5HRfa9susPWjCicN%2Bta%2B%2F%2FAB1n8lEUeD%2F%2BCf%2Bvli9ohKgmWJZ%2FrqPBr9Hehc6%2FX0u0yLeObSoD43u1w99BvKfcY7RrDQiY8MMYd"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: public, max-age=3024000
Accept-Ranges: bytes
CF-RAY: 65247d323f73c2db-FRA
Expires: Fri, 28 May 2021 13:04:24 GMT

GET
H2 200 1124911 Show response
adhitzads.com/ 448 B
894 B 161ms
88ms Script
text/html 104.21.55.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adhitzads.com/1124911
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc00c599aa0902fa44e23d4ab87ffeb9fbaa747e095275f985f0b771494cb12

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9IfA3IxnBlPRcJeu6yob6grh56%2BQCnXP8w3m1jcXqkzztHPj%2BWOAp%2BF7O5mcGnjMFxoUXtystz4D0rOscFIb8r%2F325HaxCSRzApLZJF6"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=3600, public
cf-ray: 65247d328c501d02-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2aac939400001d0265834000000001
expires: Thu, 20 May 2021 10:20:26 GMT

GET
H2 200 PP_AcceptanceMarkTray-NoDiscover_243x40.png
www.paypalobjects.com/webstatic/mktg/logo/ 11 KB
11 KB 337ms
197ms Image
image/png 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/mktg/logo/PP_AcceptanceMarkTray-NoDiscover_243x40.png

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

47d0fb9951a509e50996f670b4f5950340f842def39af3d06af286f58cc0aff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, MISS
fastly-io-info: ifsz=36421 idim=243x40 ifmt=png ofsz=10752 odim=243x40 ofmt=png
paypal-debug-id: 23b373c3c733
fastly-stats: io=1
dc: phx-origin-www-2.paypal.com
content-length: 10752
x-served-by: cache-sjc10044-SJC, cache-fra19133-FRA
x-timer: S1621502426.121630,VS0,VE153
etag: "MEpjsXjWUC1dpVtzNQCGaoVycXWtBA/v9SAlO0oAKa8"
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H/1.1 200
OK payeer.png
hitsxcash.com/img/ 5 KB
6 KB 48ms
41ms Image
image/png 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hitsxcash.com/img/payeer.png
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cad40e4825640461c5fabaf7112e150acdf88d61536e7ec12fd96dd0c654eef2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hitsxcash.com/
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2347528
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5080
cf-request-id: 0a2aac93690000177a0230f000000001
Last-Modified: Sat, 03 Oct 2020 07:36:42 GMT
Server: cloudflare
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=63DXfCaOTRnWVWLFPceSn6vwbwkBgOdyqn1khaiuma6Z%2FTOzGCjnOwGNhFp7rubL2U9xBQxJu5eBBV%2B%2F66x0OGOVS29bRFJhrVWT9%2FEa0dzYi4XlYusKVbY4"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=3024000
Accept-Ranges: bytes
CF-RAY: 65247d324ca6177a-FRA
Expires: Fri, 28 May 2021 05:14:57 GMT

GET
H/1.1 200
OK stripe.png
hitsxcash.com/img/ 2 KB
3 KB 12ms
12ms Image
image/png 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hitsxcash.com/img/stripe.png
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c6786a0ba78045e5ed921459a722b6b9d68c6abebed9f8d11f5a73cd333deab

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hitsxcash.com/
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2347527
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2178
cf-request-id: 0a2aac936a000006214f946000000001
Last-Modified: Fri, 18 Dec 2020 11:22:21 GMT
Server: cloudflare
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0HumB6D1CcOK%2BXC5OuHVcbZAcKNyARgqDLeZTPtFaZ83vkwRNzmUslsVGTBEZXpjVb2lt2OqDQUVkdS2bMHTiTjb0HwbacfPjOQatJy%2B7uIQH4Q0ERKjFp4U"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=3024000
Accept-Ranges: bytes
CF-RAY: 65247d324cd60621-FRA
Expires: Fri, 28 May 2021 05:14:57 GMT

GET
H/1.1 200
Ok counter.php Show response
counter1.fc2.com/ 3 KB
2 KB 804ms
201ms Script
application/x-javascript 44.239.233.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://counter1.fc2.com/counter.php?id=89431230
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.233.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-233-229.us-west-2.compute.amazonaws.com
Software: nginx/1.5.7 /
Resource Hash: 88413e9da5b59b4976312fded3957047ad987f1b254916426e2fe96e167f7d79

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 May 2021 09:20:26 GMT
Content-Encoding: gzip
Server: nginx/1.5.7
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 1403
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 0.js Show response
rf.revolvermaps.com/0/0/ 1 KB
1 KB 21ms
5ms Script
application/javascript 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://rf.revolvermaps.com/0/0/0.js?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: c262f27abcd636af1c3c20b4b19c55e28b206e29b4c75269d3f1aed51710f81a

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Sep 2014 15:31:19 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=100
Content-Length: 720

GET
H/1.1 200
OK 9.js Show response
ra.revolvermaps.com/0/0/ 1 KB
994 B 19ms
5ms Script
application/javascript 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.revolvermaps.com/0/0/9.js?i=0wmj1wrp35c
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 94d3dd0782f347744d697af65457ec2b5d2cf770e1d7ce85aff3e00afd79a162

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Dec 2016 08:37:29 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=100
Content-Length: 659

GET
H/1.1 200
OK 1152685 Show response
ad.a-ads.com/ Frame 4BD8 6 KB
2 KB 133ms
101ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1152685?size=728x90&background_color=000000&text_color=ffffff&title_color=ffffff&link_color=ffffff

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

HTTP/1.1

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.118.53.251.148.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

a8b0018c32528afdd176315ff63452e47d3f912d1881a230ddc48d2604788c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://hitsxcash.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://hitsxcash.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 20 May 2021 09:20:26 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: http://hitsxcash.com/
Content-Encoding: gzip

GET
H/1.1 200
OK back.png
hitsxcash.com/theme/dark/images/ 119 B
928 B 14ms
13ms Image
image/png 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hitsxcash.com/theme/dark/images/back.png
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7c787516f199fb142c07f23812292e03903ae3c43e481d7b4ee4aeef53fa795

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2347527
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 119
cf-request-id: 0a2aac93750000c2db5aa01000000001
Last-Modified: Sun, 14 Apr 2019 07:35:49 GMT
Server: cloudflare
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q%2FNZydcwV7eUjvy%2B7ugWW9JBWUBqTOSDEfbGjlKP29CYb8AXQCwwLMqjiLo87u9EUa8jdXXcfdVT0ydY4oSNrEpsVcmM12SWqmlxrziAyBksjSYMOHU6ptHK"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=3024000
Accept-Ranges: bytes
CF-RAY: 65247d325f9ec2db-FRA
Expires: Fri, 28 May 2021 05:14:58 GMT

GET
H/1.1 200
OK login_user.png
hitsxcash.com/theme/dark/images/ 146 B
955 B 12ms
10ms Image
image/png 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hitsxcash.com/theme/dark/images/login_user.png
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4776f6c55af827f8042c1cf9cd77a6ce64efbba1f8ab8f7b1aeccf14d3e3f129

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2347527
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 146
cf-request-id: 0a2aac9376000006214f947000000001
Last-Modified: Sun, 14 Apr 2019 07:35:52 GMT
Server: cloudflare
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZUdH141HHZ9S9Bf7v%2BYbvdZxLlNqfBXHiEkSjYZNOw8V5VQKHYsF2g7R1pc1pY5hqwCkF2hA6fvzCqIYBUGwbJ4IU%2FHnQY2XNe5fQNm3ilvs0b5LreJJLRsq"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=3024000
Accept-Ranges: bytes
CF-RAY: 65247d325d030621-FRA
Expires: Fri, 28 May 2021 05:14:58 GMT

GET
H/1.1 200
OK login_password.png
hitsxcash.com/theme/dark/images/ 136 B
945 B 15ms
14ms Image
image/png 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hitsxcash.com/theme/dark/images/login_password.png
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 331b98fb796877e585822c176cee5dd048adeb64500e79286b2b9bd85b55e278

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2347526
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 136
cf-request-id: 0a2aac93780000d6d5e08b7000000001
Last-Modified: Sun, 14 Apr 2019 07:35:52 GMT
Server: cloudflare
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aheCXPMY9x49NMiQ%2Fr3Yb1ygG2LMoix%2Boj0HmTOKpRkvY0zmvZmpUREpuKNlMtZpPp0NxsvJ1ExidHTvvqLgdo4OLZ9Zby7YYxIO7VCHwMYUwBh70PkAlSGo"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=3024000
Accept-Ranges: bytes
CF-RAY: 65247d325c4fd6d5-FRA
Expires: Fri, 28 May 2021 05:14:59 GMT

GET
H/1.1 200
OK 1152679 Show response
ad.a-ads.com/ Frame 8166 6 KB
2 KB 132ms
100ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1152679?size=250x250&background_color=000000&text_color=ffffff&title_color=ffffff&title_hover_color=ffffff&link_color=ffffff&link_hover_color=ffffff

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

HTTP/1.1

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.118.53.251.148.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

b806215646a993ac4420aa7f97ab4995365a2d734f6b01bc8976f430af570f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://hitsxcash.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://hitsxcash.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 20 May 2021 09:20:26 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: http://hitsxcash.com/
Content-Encoding: gzip

GET
H/1.1 200
OK users.png
hitsxcash.com/theme/dark/images/ 415 B
1 KB 19ms
19ms Image
image/png 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hitsxcash.com/theme/dark/images/users.png
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfa4fc594ac3fe337d1345d90cfa4e62ff956299c9f1c50c6a86058cdffe3871

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2347526
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 415
cf-request-id: 0a2aac93810000d6d1bfad5000000001
Last-Modified: Sun, 14 Apr 2019 07:35:54 GMT
Server: cloudflare
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uEQR%2BvQPzArlqMoex9a7DVHyfNDgGN3LIdWWbYVx6RZvTy0iY1LYiJuccHpHF7EYmkha0URCP8VPNr0pF9XDrUc8rKhHhaCIdQGblqQtFUXVSNs7hlvdzA%2Bd"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=3024000
Accept-Ranges: bytes
CF-RAY: 65247d326e36d6d1-FRA
Expires: Fri, 28 May 2021 05:14:59 GMT

GET
H/1.1 200
OK exchange.png
hitsxcash.com/theme/dark/images/ 470 B
1 KB 16ms
15ms Image
image/png 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hitsxcash.com/theme/dark/images/exchange.png
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2379959a22cd3e17009d3d8391377785ac80d40ab836687acd99f8f7dd75123c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2347526
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 470
cf-request-id: 0a2aac93820000c2db1a021000000001
Last-Modified: Sun, 14 Apr 2019 07:35:51 GMT
Server: cloudflare
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6lvDRavA5cvg2Z72qPkhadp5annhBtSDhm1g5QyqMwUVJR0gm%2FhY%2FUDW%2FRgTzrND09lASwXS7K9nwSP1j5Iqp%2Fq5esCacxk1fXfoA7c1y3XxHCRM%2BkS9pmY0"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=3024000
Accept-Ranges: bytes
CF-RAY: 65247d326fc3c2db-FRA
Expires: Fri, 28 May 2021 05:14:59 GMT

GET
H/1.1 200
OK cash.png
hitsxcash.com/theme/dark/images/ 458 B
1 KB 14ms
13ms Image
image/png 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hitsxcash.com/theme/dark/images/cash.png
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eaca3b397465e620123087585349af453a0948bfac1534e5af95b0deb806a74

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
Cookie: PHPSESSID=73e37783c2cbde6152808b51e2dfd1d1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hitsxcash.com/theme/dark/style.css?v=1.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:25 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2347526
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 458
cf-request-id: 0a2aac93830000062154270000000001
Last-Modified: Sun, 14 Apr 2019 07:35:50 GMT
Server: cloudflare
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EGkZbrHRghb3g0a93sZj%2BwYg51tLI8BZ0Le%2FK5kVb3yG%2FVtoJ7SXQioZqSpTXYK9adPMSOFSy4c3h%2FX3hbV1lDT6AnhqgkLTQT%2B0WNhv4yUagIUXcjmCoc5B"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=3024000
Accept-Ranges: bytes
CF-RAY: 65247d326d320621-FRA
Expires: Fri, 28 May 2021 05:14:59 GMT

GET
H/1.1 200
OK 1152685 Show response
ad.a-ads.com/ Frame E93D 6 KB
2 KB 137ms
106ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1152685?size=728x90

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

HTTP/1.1

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.118.53.251.148.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

ea23e6a58a0494ef80c20dc56ede92d9ee1c4621500a0ec86ae71d5f9ac21dae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://hitsxcash.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://hitsxcash.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 20 May 2021 09:20:26 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: http://hitsxcash.com/
Content-Encoding: gzip

GET
H/1.1 200
OK c.php
ra.revolvermaps.com/js/ 43 B
289 B 8ms
7ms Image
image/gif 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ra.revolvermaps.com/js/c.php?i=0wmj1wrp35c
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:26 GMT
Last-Modified: Thu, 20 May 2021 09:20:25 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=900
Connection: Keep-Alive
Keep-Alive: timeout=4, max=99
Content-Length: 43

GET
H/1.1 200
OK r.php
ra.revolvermaps.com/js/ 43 B
216 B 12ms
7ms Image
image/gif 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ra.revolvermaps.com/js/r.php?i=0wmj1wrp35c&l=http%3A%2F%2Fhitsxcash.com%2F&r=1621502425999
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:26 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=4, max=100
Content-Length: 43
Content-Type: image/gif

GET
H2 200 pubads_impl_2021051701.js Show response
securepubads.g.doubleclick.net/gpt/ 308 KB
109 KB 228ms
78ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

65bd64f93eeb0e9cac00f8ed11c2a9c4663907c5a96b7c80bfd2c7502141939b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 00:12:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110938
x-xss-protection: 0
expires: Thu, 20 May 2021 09:20:26 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ 231 KB
85 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6101907629147976&plah=hitsxcash.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87252
x-xss-protection: 0
server: cafe
etag: 5322897297824761394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 May 2021 09:20:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame FFB3 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210517/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://hitsxcash.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://hitsxcash.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 20 May 2021 01:00:52 GMT
expires: Thu, 03 Jun 2021 01:00:52 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 29974
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK a2.php Show response
ra.revolvermaps.com/w/6/a/ Frame 80D8 33 KB
11 KB 8ms
7ms Document
text/html 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: http://ra.revolvermaps.com/w/6/a/a2.php?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30
Requested by: Host: ra.revolvermaps.com
URL: http://ra.revolvermaps.com/0/0/6.js?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: efae543cf72bafecd8d2b7ccf25a2c8b089509fd40f3d9df2c4f666b7ee9d57e

Request headers

Host: ra.revolvermaps.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://hitsxcash.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://hitsxcash.com/

Response headers

Date: Thu, 20 May 2021 09:20:26 GMT
Server: Apache
Cache-Control: public, max-age=2592000
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=4, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK / Show response
p3.adhitzads.com/ 951 B
1 KB 109ms
76ms Script
text/javascript 104.21.55.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://p3.adhitzads.com/?z=1124911&p=1144840513&l=http%3A//hitsxcash.com/&c=1
Requested by: Host: adhitzads.com
URL: https://adhitzads.com/1124911
Protocol: HTTP/1.1
Server: 104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 125c906356e6da5c21d4e42cb7a8f6bdc7dd246439425fb0b21427bf711fa649

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 20 May 2021 09:20:26 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
X-Powered-By: PHP/5.6.40
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2aac941e0000d87dbda57000000001
Pragma: no-cache
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PYiCl9mkiUPvVHbM9xq7GOzZsorePro3XSZwcGmixfxka7ZJuQ%2BnPLL9qPpUwk1WkIZkVT7m%2B9h6WXQpaDCU0uTpoH5j4TCuH%2FOyu5O7T%2BWQ"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
CF-RAY: 65247d336e9ad87d-CPH
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
263 B 69ms
68ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hitsxcash.com&callback=_gfp_s_&client=ca-pub-6101907629147976

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6101907629147976&plah=hitsxcash.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

00e55799a7b6fd5628f3b6117a96b63716fa3e1f9d166ca1a3d1526a829a6b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hitsxcash.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 09:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hitsxcash.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 09:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F15D 603 B
67 B 44ms
42ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6101907629147976&output=html&adk=1812271804&adf=3025194257&lmt=1621502426&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fhitsxcash.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1621502426020&bpp=3&bdt=130&idt=75&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4033602378474&frm=20&pv=2&ga_vid=1229641411.1621502426&ga_sid=1621502426&ga_hid=1235919184&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1091557246004375&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=103

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6101907629147976&output=html&adk=1812271804&adf=3025194257&lmt=1621502426&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fhitsxcash.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1621502426020&bpp=3&bdt=130&idt=75&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4033602378474&frm=20&pv=2&ga_vid=1229641411.1621502426&ga_sid=1621502426&ga_hid=1235919184&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1091557246004375&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=103
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://hitsxcash.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://hitsxcash.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 20 May 2021 09:20:26 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 20-May-2021 09:35:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424113157718"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Thu, 20 May 2021 09:20:26 GMT

GET
H/1.1 200
OK b.php Show response
ra.revolvermaps.com/w/6/a/ Frame 80D8 1 KB
911 B 7ms
5ms Document
text/html 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: http://ra.revolvermaps.com/w/6/a/b.php?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30
Requested by: Host: ra.revolvermaps.com
URL: http://ra.revolvermaps.com/w/6/a/a2.php?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: c0d80a3b13d197b70021100595dca269e9397406d471e2ccbafc4e09897e9bb1

Request headers

Host: ra.revolvermaps.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://ra.revolvermaps.com/w/6/a/a2.php?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ra.revolvermaps.com/w/6/a/a2.php?i=0wmj1wrp35c&m=0&c=ff0000&cr1=ffffff&f=arial&l=0&s=230&bv=100&hi=30

Response headers

Date: Thu, 20 May 2021 09:20:26 GMT
Server: Apache
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 635
Keep-Alive: timeout=4, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/132818/ Frame 4BD8 52 KB
53 KB 126ms
93ms Image
image/jpeg 5.9.10.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.a-ads.com/a-ads-banners/132818/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: http://ad.a-ads.com/1152685?size=728x90&background_color=000000&text_color=ffffff&title_color=ffffff&link_color=ffffff
Protocol: HTTP/1.1
Server: 5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.10.9.5.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ce1e17d0b803f89d349167f93d4694d21bda492179ca265b10bb6cd7b0162e79

Request headers

Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:26 GMT
Last-Modified: Tue, 17 Nov 2020 12:14:40 GMT
Server: nginx/1.14.0 (Ubuntu)
x-amz-request-id: D061EACF17A80445
ETag: "fb62ed43c948d958942bb6fdfe4d9986"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Content-Length: 53646
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: Xh8+XeN9WGVXje62ReWrI3AUxxiVjwl1SyjwKJ/j05qeHbn8W9ElRbDNMvGUlPysR/JOfTjPjhY=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 4BD8 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 250x250
static.a-ads.com/a-ads-banners/159667/ Frame 8166 301 KB
302 KB 127ms
96ms Image
image/gif 5.9.10.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.a-ads.com/a-ads-banners/159667/250x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: http://ad.a-ads.com/1152679?size=250x250&background_color=000000&text_color=ffffff&title_color=ffffff&title_hover_color=ffffff&link_color=ffffff&link_hover_color=ffffff
Protocol: HTTP/1.1
Server: 5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.10.9.5.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d40c1fe8ef73417a2b973c548cc09ec237557039d8d421d5aa3ebb1b0d97b764

Request headers

Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:26 GMT
Last-Modified: Wed, 19 May 2021 00:37:58 GMT
Server: nginx/1.14.0 (Ubuntu)
x-amz-request-id: XM6SEFZMN9484K3D
ETag: "5786aba13682a0bab5e53734b71c0dee"
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Content-Length: 308656
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: wvrV1OffNrWISXr6vUox4ZhFEFTuB_9g
x-amz-id-2: mCKNmvoVDkb5Ig0pvPbIKOyCdknib3WntWUEimkTV535oM6VHxDYVjm0DhAYXIiYOLthIRLfXqw=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/102743/ Frame E93D 544 KB
544 KB 120ms
89ms Image
image/gif 5.9.10.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.a-ads.com/a-ads-banners/102743/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: http://ad.a-ads.com/1152685?size=728x90
Protocol: HTTP/1.1
Server: 5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.10.9.5.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8f65891d2875887853b4f768f4988a53043514d21defeef43d7331c66d2361bd

Request headers

Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:26 GMT
Last-Modified: Mon, 09 Dec 2019 09:09:04 GMT
Server: nginx/1.14.0 (Ubuntu)
x-amz-request-id: D7EDC3AEB63A3DAF
ETag: "920264d7daa6ebd8214e677b5fad46a2"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 556679
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: ewCsHJ6Owr4fyfAJrTni34NTpBgNf0dS
x-amz-id-2: VqnGKJY3ahNcpjVv7aDHGThnUJnnSxaYW8KvfesdVYr00xN67W2LpKC/TzFYamwQ/fjjWp7ipro=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 8166 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E93D 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 60a629da2b24b497690164ghitsxcash.com212003 Show response
p3.adhitzads.com/ Frame CF68 2 KB
1 KB 157ms
157ms Document
text/html 104.21.55.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/60a629da2b24b497690164ghitsxcash.com212003
Requested by: Host: p3.adhitzads.com
URL: http://p3.adhitzads.com/?z=1124911&p=1144840513&l=http%3A//hitsxcash.com/&c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f7a3db81d16a32cfcf48e513b58f2111a365840a339798b8079cf68299515db

Request headers

:method: GET
:authority: p3.adhitzads.com
:scheme: https
:path: /60a629da2b24b497690164ghitsxcash.com212003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://hitsxcash.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://hitsxcash.com/

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 20 May 2021 09:50:26 GMT
cache-control: max-age=1800 private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0a2aac946f00001d02e134b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9cA8HE1VvfmYtAjHjKXRX4NmbEbOvCSWIqIx2Pj9KbKrnF9uc9qydmFc12%2F46a7%2B%2FnO7%2FUSAWrW4Z2951iGmdkP57PQ5l7CwASEB0vEIVIZu"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65247d33ee6a1d02-CPH
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1621472905_cmp_427507.gif
p3.adhitzads.com/s/ad_files/ 169 KB
169 KB 44ms
43ms Image
image/gif 104.21.55.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.adhitzads.com/s/ad_files/1621472905_cmp_427507.gif
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26861d78c3dacefb64dfd3f7aec3a3be5778138274823edf57fc418172c2556b

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5991
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 172663
cf-request-id: 0a2aac946f00001d02753f5000000001
last-modified: Thu, 20 May 2021 01:08:25 GMT
server: cloudflare
etag: "60a5b689-2a277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j7Em4tzRJuzoWva64no86G8SZ%2BLR%2BvqL9k%2Bz728pzj4Ag2dYG4rMR2u0Y89rt8J0gP7Kc%2FJCif8ztOt3U6MR4cjKggqwrU0wVdPnt1PLUj2k"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 65247d33ee661d02-CPH
expires: Sat, 19 Jun 2021 07:40:35 GMT

GET
H2 200 bannerslink.png
p3.adhitzads.com/s/ 1 KB
2 KB 43ms
42ms Image
image/png 104.21.55.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.adhitzads.com/s/bannerslink.png
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c97c6711a3842ff47e9255b0d954eef44acb0ae4625ca9180e3f5bcde4f0f8b1

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2308312
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1323
cf-request-id: 0a2aac946e00001d02e091b000000001
last-modified: Thu, 20 May 2010 21:29:39 GMT
server: cloudflare
etag: "4bf5a9c3-52b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NUKdhIoNUWzhdTySeTLtwoIdmLWKZL7ssmb7Jtxl437AD5hOHuUODO0YciR%2B6JhWRaGK3K5Tnizp13WdLLYTf%2BvjulT49TcgOxMZEGQ6WNGH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 65247d33ee641d02-CPH
expires: Sun, 23 May 2021 16:08:34 GMT

GET
H2 200 bannerslink_hover.png
p3.adhitzads.com/s/ 596 B
910 B 44ms
43ms Image
image/png 104.21.55.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.adhitzads.com/s/bannerslink_hover.png
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e886ca7137283c676a0af2a3e2f120df39d976823726e6216d95f738b140d242

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2308312
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 596
cf-request-id: 0a2aac946f00001d027f8fd000000001
last-modified: Thu, 18 Nov 2010 20:43:06 GMT
server: cloudflare
etag: "4ce58fda-254"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=12m4%2F21YgOP9n9W63DlRQTk%2B2a8TCYgA3lajtolTtf%2Bjzflbp3bawfdX5vI3rP3Jc%2FXg8aEn1XA%2FsFFv1ZStNrfNWjZ7GpA3yF6G%2FXt9BS6L"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 65247d33ee681d02-CPH
expires: Sun, 23 May 2021 16:08:34 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 24ms
23ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hitsxcash.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 09:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 22ms
21ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hitsxcash.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 09:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
13 KB 221ms
142ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1091557246004375&correlator=1653938363855156&output=ldjh&impl=fifs&eid=31060790%2C31061160%2C31061220%2C31061199&vrg=2021051701&ptt=17&sc=0&sfv=1-0-38&ecs=20210520&iu_parts=4271109%2Chxc-footer-left%2Chxc-footer-center%2Chxc-footer-right%2Chxc-sidebar%2Chxc-footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x250%2C300x250%2C300x250%2C250x250%2C728x90&cookie=ID%3Dc463e9e88a276857-221a181046c80045%3AT%3D1621502426%3ART%3D1621502426%3AS%3DALNI_MaY1fR84KFyuXPkyvbSLUEdGMMviQ&bc=23&abxe=1&lmt=1621502426&dt=1621502426369&dlt=1621502425890&idt=459&frm=20&biw=1600&bih=1200&oid=3&adxs=323%2C650%2C977%2C300%2C436&adys=2336%2C2336%2C2336%2C965%2C2038&adks=1389735155%2C3491682591%2C301578011%2C2735474544%2C3211837662&ucis=1%7C2%7C3%7C4%7C5&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fhitsxcash.com%2F&vis=1&scr_x=0&scr_y=0&psz=327x270%7C327x270%7C328x270%7C262x500%7C982x270&msz=300x-1%7C300x-1%7C300x-1%7C250x-1%7C728x-1&ga_vid=1229641411.1621502426&ga_sid=1621502426&ga_hid=1235919184&ga_fc=false&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&btvi=1%7C2%7C3%7C0%7C4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ac423b2641f75e165507eb25380ba5e5e01f20a3827865b7c996367400c64a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13658
x-xss-protection: 0
google-lineitem-id: 5317934870,5317934870,5317934870,-2,5317934870
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138304890755,138304894463,138305264155,-2,138267536780
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://hitsxcash.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 66ms
13ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 1621472905_cmp_427507.gif
p3.adhitzads.com/s/ad_files/ Frame CF68 169 KB
169 KB 77ms
40ms Image
image/gif 104.21.55.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.adhitzads.com/s/ad_files/1621472905_cmp_427507.gif
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/60a629da2b24b497690164ghitsxcash.com212003
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26861d78c3dacefb64dfd3f7aec3a3be5778138274823edf57fc418172c2556b

Request headers

Referer: https://p3.adhitzads.com/60a629da2b24b497690164ghitsxcash.com212003
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5991
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 172663
cf-request-id: 0a2aac954b000010b51d13a000000001
last-modified: Thu, 20 May 2021 01:08:25 GMT
server: cloudflare
etag: "60a5b689-2a277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kdSUCjZdYH9SZm5TWhCsxdSV26NmzOgMY46SO7yRPsW9TMr9q7t%2Fdd2Ju6nmkjMmNzPnOpzO3zHAkr8KkQJh0s9OWZIbO2X8snGSLfhP5I0K"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 65247d354a3210b5-CPH
expires: Sat, 19 Jun 2021 07:40:35 GMT

GET
H3-29 200 bannerslink.png
p3.adhitzads.com/s/ Frame CF68 1 KB
2 KB 142ms
105ms Image
image/png 104.21.55.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.adhitzads.com/s/bannerslink.png
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/60a629da2b24b497690164ghitsxcash.com212003
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c97c6711a3842ff47e9255b0d954eef44acb0ae4625ca9180e3f5bcde4f0f8b1

Request headers

Referer: https://p3.adhitzads.com/60a629da2b24b497690164ghitsxcash.com212003
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2308312
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1323
cf-request-id: 0a2aac954b000010b5fbbb3000000001
last-modified: Thu, 20 May 2010 21:29:39 GMT
server: cloudflare
etag: "4bf5a9c3-52b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IuJiSkmVNW%2BJYXpPsv1V4fyqhaD%2FY6h5WmXFMslu2oaX2EgXnYhi0SUKEGMLCE5MCSJDl9SkTRMtPG7VaaTWFGBrxoIyVfcDWiboSob6AtUj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 65247d354a2f10b5-CPH
expires: Sun, 23 May 2021 16:08:34 GMT

GET
H3-29 200 container.html Show response
10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8F32 6 KB
3 KB 21ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://hitsxcash.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://hitsxcash.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 20 May 2021 09:20:26 GMT
expires: Fri, 20 May 2022 09:20:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5184 0
0 106ms
105ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuW5tcVcp_BezQzGjOOzp915b2KDi7kY_kGSOEFWGVhvpVcS56iwUHzg8DHlhbiV1A13w6e4hX0Mr4j3En1o0qYtIoh02fKvCy2Bru-yprcLwITvCbSfpfsdkrtuy9mDbyihlvc_A2__Gz00PeJ4ct7-Ep4BdIcTn_TJry_XZzkMyugPdPoFZgLfFw1iGgEoZbrrm8eq5UA3sxfqHwXw6-oGfe7bCKzO3ZvJSFSAZRg40ZpDGFdsX1TjDQe-2g4lSBmhYNnN2Fu6DlkinJPzHQMNWaS-_W3J-xLcavTw-YMUKw&sig=Cg0ArKJSzLkJukBcVqlhEAE&adurl=

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 09:20:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 5184 17 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jun 2021 09:10:50 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 5184 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jun 2021 09:18:55 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5184 118 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424119306032"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36804
x-xss-protection: 0
expires: Thu, 20 May 2021 09:20:26 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame 5184 0
0 14ms
13ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaT_JW0lCSZofelJF2HL5QXzoJZBi_X7yAhPje1UDJ9kiYAqzFQuG4lGtO1fIBPL52EUqwa0ejMzjTQ4yvz8WdtGkk2_tg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220
Protocol: HTTP/1.1
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 5697672659398159810
tpc.googlesyndication.com/simgad/ Frame 5184 61 KB
62 KB 17ms
17ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5697672659398159810

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43f70114d42f5fd84c937506790e3e305066c624bc486e5a354ea710f781735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 05:31:56 GMT
x-content-type-options: nosniff
age: 100110
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62957
x-xss-protection: 0
last-modified: Mon, 02 Mar 2020 09:58:18 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 05:31:56 GMT

GET
H3-29 200 container.html Show response
10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7877 6 KB
3 KB 21ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://hitsxcash.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://hitsxcash.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 20 May 2021 09:20:26 GMT
expires: Fri, 20 May 2022 09:20:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CD3E 6 KB
3 KB 21ms
9ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://hitsxcash.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://hitsxcash.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 20 May 2021 09:20:26 GMT
expires: Fri, 20 May 2022 09:20:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5184 0
0 187ms
107ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHhgKs7_nPsx8kIFSTA7jwb6EGn3O8zHc3SFldBgSJP0FYmXTVXBGSJMWzND0fTZimMKVyjeTuJeEHgmc82yFBAZjk5VjkH0HZ_nGXdiqIACDOZHdYkbxIm2c45E5VoL_6oH26BS7QIf19EFtdOYnFCEWIsMfbKnJ5vNx79c1O8ymAiW-u9FFq2vctoicUDJSOnQvKWo2a4eZ9ofc6AbuS6-tEgcPlzMs8dTQYnZyG223rqqZQlEr8higu_MEJ5ys5L2hq42dET_IRCIuYT0SPeK_WhwbBLmIl-5cr5jTIfCltqA&sig=Cg0ArKJSzJ6kw3_l3XujEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 09:20:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 20 May 2021 09:20:26 GMT

GET
DATA 200
OK truncated
/ Frame 5184 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9cb36feceb77c8384d980b8bc1ad9df00fd5f26eb96296b3aca70da4882ecd6

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
Ok counter_js.php Show response
counter1.fc2.com/ 7 KB
985 B 200ms
199ms Script
application/x-javascript 44.239.233.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://counter1.fc2.com/counter_js.php?id=89431230&main=0&lang=0&visitor=2
Requested by: Host: counter1.fc2.com
URL: https://counter1.fc2.com/counter.php?id=89431230
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.233.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-233-229.us-west-2.compute.amazonaws.com
Software: nginx/1.5.7 /
Resource Hash: f6e77073b99ffa771ca6b7facd1a183e0770d43a37f39ade81380446172e503b

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 May 2021 09:20:26 GMT
Content-Encoding: gzip
Server: nginx/1.5.7
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 636
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

7ms
5ms

Script
text/javascript

2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6630
date: Thu, 20 May 2021 07:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 20 May 2021 09:29:56 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK a.php Show response
rf.revolvermaps.com/w24/a/ Frame D417 4 KB
2 KB 12ms
6ms Document
text/html 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: http://rf.revolvermaps.com/w24/a/a.php?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
Requested by: Host: rf.revolvermaps.com
URL: https://rf.revolvermaps.com/0/0/0.js?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 13ce26a16a7f42afd0e61c3a3f6cc69c446375a552398ee8ecbc7096b5dab6a5

Request headers

Host: rf.revolvermaps.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://hitsxcash.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://hitsxcash.com/

Response headers

Date: Thu, 20 May 2021 09:20:26 GMT
Server: Apache
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1862
Keep-Alive: timeout=4, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8F32 22 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
URL: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67052
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 14:42:54 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F32 118 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
URL: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424119306032"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36804
x-xss-protection: 0
expires: Thu, 20 May 2021 09:20:26 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7877 22 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
URL: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67052
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 14:42:54 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7877 118 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
URL: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424119306032"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36804
x-xss-protection: 0
expires: Thu, 20 May 2021 09:20:26 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CD3E 22 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
URL: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67052
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 14:42:54 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD3E 118 KB
36 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
URL: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424119306032"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36804
x-xss-protection: 0
expires: Thu, 20 May 2021 09:20:26 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1235919184&t=pageview&_s=1&dl=http%3A%2F%2Fhitsxcash.com%2F&ul=en-us&de=UTF-8&dt=HitsXCash.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=215172620&gjid=1600784521&cid=1229641411.1621502426&tid=UA-536562-121&_gid=518705528.1621502427&_r=1&_slc=1&z=871367584

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 May 2021 09:20:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hitsxcash.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8F32 0
0 105ms
105ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBghmyiY8D4hSMg4K4GjSnD8237ETNBl1KPjkq5ssMobpVeufueWA0zBPvZFH_4fDRGxb9uAU8VevnhEZmocpIh-oyjdywhBtn7rp_5axBG5bHIpZmDklYdemgJC__U3WYBRTqmRRA-5lcUmxeJhfEpVVc06oV_2NhQseEPrYNQszpKo0TXOX5fOL3HL6C2wXtqUkOsMvrTwt5U4RbVnRAxipoyviRf6y3gKJ4DY6tZoM-tNv-_Nw7IB0d1CBS8ljj4OjGQTeNJyHUFCzDY1Y2JE7T64A4SmsjleseRhJ1&sig=Cg0ArKJSzCX7lWsjVbOrEAE&urlfix=1&adurl=

Requested by

Host: 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
URL: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 09:20:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK 1336649 Show response
ad.a-ads.com/ Frame C9BB 6 KB
2 KB 196ms
69ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1336649?size=300x250

Requested by

Host: 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
URL: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.118.53.251.148.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

9d86c8e2d7d510e205b1cdce8d6072f1f9546b6eec8575ca1aff590b94d17321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 20 May 2021 09:20:26 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
Content-Encoding: gzip

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8F32 0
0 107ms
107ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuG4WoKsF8DE5afhL_6Si0wT5vwmUsU7HS7KUoF3ZAPvUM3Hg-PqgOs0vnayKDVp5BkyPO5FCybkDLTeqoKR3roXV114WLgD1rj2G_JoT58W82o_Mi5elETw2GUvsDspEN_dkVMqBCZG2V-QH6z6Uk2HnZ0uTjv1dVjfnoEshduznxhYt9SS9y12ouqjNq8tbL7fMqsz6rI3asUq6W379ompQRoEHCYKb3ay4P6DrwApEEG6yWLXE9WK6zcOZrKjRmfBY-3euKm8Hi2U32jaB7zHC-M3632FRWFyfTi98diLLI&sig=Cg0ArKJSzPiVD9h-b8EEEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 09:20:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 20 May 2021 09:20:26 GMT

GET
DATA 200
OK truncated
/ Frame 8F32 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2256d7b183f7bfaa48e54c0873e21a266ab8f7d48aade1efe41179b8036a505

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame CD3E 0
0 105ms
105ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQGP-Cfgh98h9pjO7Nliq4j7268IU3pAEa0CVHJe4cMcjWwG71NfC2N4_-rWP8nsBzRvDsxWfssHB-9zg_OxQugsHwmRtfeBNj-hH32CvSRL_5kiNr1vhLVkyMQwN-Z26QRslIE-WO-BO_8Sj9f8UIauVVNwdgCvypiE9L6W58tSTRROXFw4c1t3PZydE5GhochuQs7nn01mXZ9flU2g4FWmNBBaHBgN5qq6Iv0uM2Admf8FG4sqZBbMstRMzXnjMXqyaIumJqauZ5Y5LIdI2yY8LvRZLK&sig=Cg0ArKJSzAUq-0eeYF2iEAE&urlfix=1&adurl=

Requested by

Host: 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
URL: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 09:20:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 577 1336637 Show response
ad.a-ads.com/ Frame 262F 0
128 B 185ms
63ms Document
text/plain 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.a-ads.com/1336637?size=728x90
Requested by: Host: 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
URL: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 20 May 2021 09:20:27 GMT
Content-Length: 0
Connection: keep-alive

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7877 0
0 106ms
106ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1zwUW_NMt2sxpfNdYGZvczHH9GvHbhzVAYkYnFcKe2F5b_ZR9tdop1nZZQAdSQx5dOus6EeXgmMGS30HWEf2TrhAbtEQB51AJoGRjjTaALsOrhoohczOZl3WfK5r4kciVt_FjQPHKLYzHN6lzEH9UaMPAR0wJ4KWgQsVpXoQXRHC5OXrK-FrOr-g9oPygkG5jFOT2YdkH6jh5FA4ptshTkQfxR2-dB1FVZIK8cxIQFCuNAp9L9abJGt1Ybls_DgUDuPLRLFu_NNVTXYC8GLTZb7lZ6DWEXPW1NZQBd8h_dQ&sig=Cg0ArKJSzAkTqs2Waap4EAE&urlfix=1&adurl=

Requested by

Host: 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
URL: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 09:20:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 577 1336649 Show response
ad.a-ads.com/ Frame 742A 0
128 B 187ms
62ms Document
text/plain 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.a-ads.com/1336649?size=300x250
Requested by: Host: 10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
URL: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 20 May 2021 09:20:27 GMT
Content-Length: 0
Connection: keep-alive

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7877 0
0 107ms
106ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswU2JY4VhV-ve7iTnYYAVtFIb7deULvhcJKHzqGxZf0WcMz7vsqRcC02hK635O4tRhcK1ENsKbtL69vDw3_JbogJoY0TJKediaAtqYsjxrCoHJRwNBQN1yVBhCLdLJyS9-mwtjF7xcoOujWqMNATa2x6um4CcgfU2EPFCIj1VaDozvvN0vG2BxyK3d42EIP4rY3n9WLJW1xRwmGHIvutCDCXh_v3H1gofvMPnDSsLU3BHPRIDp0fggdWR4fTCir8teLYuTE7ftStrE2OeMgIF7jc9t8PJ5vBYuQ_R4va3UWVuf&sig=Cg0ArKJSzEZG5k1kxYuqEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 09:20:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 20 May 2021 09:20:26 GMT

GET
DATA 200
OK truncated
/ Frame 7877 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 157c78ec37f5b5250cfa4282b6ba21507ef15d379ac450354b7425b95a21e5a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame CD3E 0
0 107ms
106ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstM8yrWySWr40Eym0IHDO1pU-6K5nH7LWx9qMvDMmHt0Ra4_AFYsTJSyFWpvq0HWl7rOMOaQ620GaMBOnuZ0sVWTq3iZbM42QHAu6BbCLbxkT0ptpL6OYQCBBwvwV6XhSSjCEp8nCdxcuE1BXFdM5b8ul31uTBSbP1MYcwp7O5t8Tl9b9bdX1gDzRUcb_B8coKqgkBkbVIOxRL6Bn014rM1ulOcBiKhh_CNgazKU5ygrBh_ALPFiIB9xTHlHwwrhx826BjfxWJlyeO5BZys9Dhv93_BVvfFxB0&sig=Cg0ArKJSzEbk4bDJp1HIEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 09:20:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 20 May 2021 09:20:26 GMT

GET
DATA 200
OK truncated
/ Frame CD3E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d53e2f6f81cbfcff5b082409553822dc4998a6df9a36e15fa4e988b690faeff7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 293.png
rf.revolvermaps.com/w24/a/g/2/p/3/ Frame D417 191 B
466 B 6ms
6ms Image
image/png 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rf.revolvermaps.com/w24/a/g/2/p/3/293.png
Requested by: Host: rf.revolvermaps.com
URL: http://rf.revolvermaps.com/w24/a/a.php?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4ec12e4d0fb3f80148992b9bbe979a7b7ff758017cdb79d73a820f914281cf04

Request headers

Referer: http://rf.revolvermaps.com/w24/a/a.php?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:26 GMT
Last-Modified: Wed, 15 Jul 2015 13:55:13 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=290304000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=99
Content-Length: 191

GET
H/1.1 200
OK 9.png
rf.revolvermaps.com/w24/a/g/2/b/0/ Frame D417 163 B
438 B 6ms
5ms Image
image/png 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rf.revolvermaps.com/w24/a/g/2/b/0/9.png
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 3a2d09f5fc7226a77c23d774bc83b118ca85e2c76a547db9581b3f4e0029261f

Request headers

Referer: http://rf.revolvermaps.com/w24/a/a.php?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:26 GMT
Last-Modified: Wed, 15 Jul 2015 13:51:43 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=290304000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=98
Content-Length: 163

GET
H2 200 l.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 151 B
422 B 187ms
55ms Image
image/gif 95.140.236.130
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/l.gif

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.140.236.130 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-95-140-236-130.fra.llnw.net

Software

nginx /

Resource Hash

742d45174f87049d5a8ab89a2c97100b91520fb8e947c6b0e015ddb64b84a4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1895530
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 151
x-llid: d7cc6e9dcd30ffac62bb376b2a7c1998
expires: Sat, 29 May 2021 10:48:17 GMT

GET
H2 200 0.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 104 B
374 B 188ms
56ms Image
image/gif 95.140.236.130
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/0.gif

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.140.236.130 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-95-140-236-130.fra.llnw.net

Software

nginx /

Resource Hash

b898c81de9e08d0e5d71886604218e3876e77d123e75071f4657e5e8b3c39972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1895530
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 104
x-llid: c9af46086e28903421b4cfac0c1144a6
expires: Sat, 29 May 2021 10:48:17 GMT

GET
H2 200 3.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 100 B
371 B 187ms
56ms Image
image/gif 95.140.236.130
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/3.gif

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.140.236.130 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-95-140-236-130.fra.llnw.net

Software

nginx /

Resource Hash

c693d2fa00397a991e491562ae6926062e37546c91fc7181180660d44c5f7a1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1853238
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 100
x-llid: 3481f82f2715f599cd0c16948a7dab3b
expires: Sat, 29 May 2021 22:33:09 GMT

GET
H2 200 9.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 103 B
374 B 187ms
55ms Image
image/gif 95.140.236.130
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/9.gif

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.140.236.130 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-95-140-236-130.fra.llnw.net

Software

nginx /

Resource Hash

6fce823a0d1d3e7fc8004eb9ef0f4d84fc6e53119d1648a3f31743dfba900d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1742438
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 103
x-llid: 17d5a6323648c43480de58b0c977ad83
expires: Mon, 31 May 2021 05:19:49 GMT

GET
H2 200 4.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 99 B
369 B 187ms
56ms Image
image/gif 95.140.236.130
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/4.gif

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.140.236.130 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-95-140-236-130.fra.llnw.net

Software

nginx /

Resource Hash

1c282935b69b1b8cbb25a4efe19c0639a9200a5c041c885807fd804dcd1629f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1721020
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 99
x-llid: c4b7035970c7f64dcec32b4b0a08d218
expires: Mon, 31 May 2021 11:16:47 GMT

GET
H2 200 6.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 102 B
374 B 184ms
54ms Image
image/gif 95.140.236.130
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/6.gif

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.140.236.130 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-95-140-236-130.fra.llnw.net

Software

nginx /

Resource Hash

92babb8f3456144f0b0e5011974209d8d78a9864ac15ffdeb36d6c4facadc6be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1853238
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 102
x-llid: 2bb2967058dcd9beef4d7a10eae588b8
expires: Sat, 29 May 2021 22:33:09 GMT

GET
H2 200 7.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 98 B
368 B 56ms
55ms Image
image/gif 95.140.236.130
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/7.gif

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.140.236.130 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-95-140-236-130.fra.llnw.net

Software

nginx /

Resource Hash

4c52dc85917b8a9df3304f008b98d6b7eb4cb4404928f88b55432db53d5c694c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1743144
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 98
x-llid: 3d2b85642b48e865bd2c1e9c7dd6e29e
expires: Mon, 31 May 2021 05:08:03 GMT

GET
H2 200 2.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 98 B
368 B 57ms
56ms Image
image/gif 95.140.236.130
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/2.gif

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.140.236.130 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-95-140-236-130.fra.llnw.net

Software

nginx /

Resource Hash

4ea6929851eb5e7650a2def3c2d32f5a8f09d0c6179977deeaa4e900528e5f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1742438
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 98
x-llid: 428b3ad9ef6901e19680ebce38bbd380
expires: Mon, 31 May 2021 05:19:49 GMT

GET
H2 200 r.gif
counter1-cdn-ssl.fc2.com/cimg/01/00075701/ 64 B
335 B 56ms
55ms Image
image/gif 95.140.236.130
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/01/00075701/r.gif

Requested by

Host: hitsxcash.com
URL: http://hitsxcash.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.140.236.130 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-95-140-236-130.fra.llnw.net

Software

nginx /

Resource Hash

ee40f64f02399f80d11bd73f0c366c451d09c1e07f4c749e79cc8bf1f69a54ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Feb 2011 07:50:51 GMT
server: nginx
age: 1895530
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 64
x-llid: 8b0724adbcd5d429dab3bfbf9748b736
expires: Sat, 29 May 2021 10:48:17 GMT

GET
H/1.1 200
OK a.php Show response
rf.revolvermaps.com/w24/b/ Frame D417 100 B
252 B 6ms
5ms XHR
text/plain 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: http://rf.revolvermaps.com/w24/b/a.php?i=0wmj1wrp35c&1m5y
Requested by: Host: rf.revolvermaps.com
URL: http://rf.revolvermaps.com/w24/a/a.php?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 253638abc9dba528b53258a1da09ef5f6bccb02d4d7c4bbc172ae07eaf72b11c

Request headers

Referer: http://rf.revolvermaps.com/w24/a/a.php?i=0wmj1wrp35c&d=2&p=3&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=fff600&c1=ffc000&c2=ebdada&ic0=0&ic1=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:26 GMT
Server: Apache
Connection: close
Content-Length: 100
Content-Type: text/plain;charset=UTF-8

GET
H/1.1 200
OK 300x250
static.a-ads.com/a-ads-banners/117610/ Frame C9BB 174 KB
174 KB 214ms
90ms Image
image/gif 5.9.10.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117610/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1336649?size=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.10.9.5.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 59e054acacbce0cfc6b7329639eb4ad898676b507b93a2b8a843ec7b5bd61202

Request headers

Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:27 GMT
Last-Modified: Sun, 19 Apr 2020 16:06:32 GMT
Server: nginx/1.14.0 (Ubuntu)
x-amz-request-id: 4D6F6A7C1A947989
ETag: "2a6b36df9c728e02224e7ba4bdbf0d0b"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 177867
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: jFCVeEcNUb1I4XrWAG0_SW45Q7ZsGNjK
x-amz-id-2: 10nQRrBer8vY7PHqJwfjAEnOkIxYNYXsajxwwvlD9TfgyjZsPuR85AcU9cR1a/5bhdRnvM4cE8o=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame C9BB 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 25ms
25ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

650fd471f07aa4a9c5f366739cbd74c3cb8b0cfb9d227c8df9b19ebe280d5363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 09:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7723
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 20 May 2021 09:20:27 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame D978 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://hitsxcash.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://hitsxcash.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 20 May 2021 09:17:32 GMT
expires: Fri, 20 May 2022 09:17:32 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 175
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response
pagead2.googlesyndication.com/bg/ Frame D978 14 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 08:34:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 2734
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
expires: Fri, 20 May 2022 08:34:53 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=1091557246004375&bg=!CAulC0_NAAZ7hX_Ue4U7ACkAdvg8WoUXVdUby-MaUNr0xjEKauRR_Rw37DduNV9Zd5tWaNmrPlsGJgIAAABdUgAAAAxoAQcKANei2sh_UzU8fQa3BR0YyXlIy9GcyDI_ijF_hUQGeQsO-J_gOn_HW-Yy5ZNj81AQSpTPeLnVgzUD--J_C_U7P51HYyCtPcfHpulSkeYSBy-6hkeMuaM6tlHAY4HYGe_JvRrPf18TLpj30WWMu_5w0fOvH6BjVrokC3ul3i1sSvCjkqk4xHKewj2c1rnNtMqFfF4kYouVuzGVeuwA0f3bt19Br5LjwTB7GP4Z6Ljrm3nbly42DlJUghgEvc9MDJka4BovgOqkGcK1w7uUar-CGp2bcHlk5HL6YZkCMknaazVrUGgDus4h01QXWmRQ024Phy4nLn4PdqQFH9cKp3NI4yK1kkiLnB10V1Ku_iTLtD_P7U0Ur7abJXT2lgjD9Jz4EGuUF_g2XQaQUrnxYtEbHG31HHpj2D-gekVBoIHNWikOlaxPYC-D05MUAgSYqEDck0cwrPeZChK7AQFqevK2lbfO2bzOxy9jT1iFN4AvTRRWA5VLrZj8BS9c1SqriAbg8YsK8a5cyfNd2GA_xvmkrWDRF3Zv_AU76M6d21LuvMxzr-dvngmXjWU2cJv2D5siZuVpoOxK24kbTiQx1oinIHklxZzHSg-im11jjdLKMzRw4yIGfk9cptyfMQ4Cfc5hdg6Mpx3yKebK98yE43BBpo6nr660rMeqphFelSeYYEu3WL3l2y7uFcf6EvNRc_vvC31urg6xgeLYQwlwfWpm_QtiZbrSFDShyO4Z_IWeI-fRyAUWZuMqaIf9E9k2xQCj7eWHuzVVu_3yr9_4iV9OsQ9iIYC7L28J-KdHWllX0FpCyxPfs4Dn0c7P9UYJ3IMxrAuB3MQnTEqjvxlE-4fsuSXdAEGR4zsOWAxZCf_Vl1GRv058u9dNyV0CSZZEcw-3BCx9YIBsOzinCKfBIUTlEpEKkmB8EW9MSK87QFAXo8rcra5wjVvP3X6WHniQw5immGsPh3AmH_sCjBMZIFljm_Ppgjn83wJIotU99EYFVXvuOUptK5dNXVyHFLIiaaPwZ9xExuKIQb6Qxgh6qiw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hitsxcash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 09:20:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set ajax.php Show response
hitsxcash.com/system/ 65 B
1 KB 184ms
184ms XHR
application/json 2606:4700:3035::ac43:c3a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hitsxcash.com/system/ajax.php?a=getSideStats&_=1621502425935
Requested by: Host: hitsxcash.com
URL: http://hitsxcash.com/js/jquery.js
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c3a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5366a62f1d6e597baa82df2aaf0a4b0436a74eb77cdfb7c057de9a112af39668

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hitsxcash.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: http://hitsxcash.com/
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cache-Control: no-cache
Accept: application/json, text/javascript, */*; q=0.01
Referer: http://hitsxcash.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 09:20:41 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 79
cf-request-id: 0a2aacd1190000177add319000000001
Pragma: no-cache no-cache
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S6SO%2FFyztTUYnQx5HNfbSU30TE1TplPz3xCX8B%2BIk1S%2FHFUsndEDv7jssPCOidS8CxFJJvNzgkbHBYer1uEaewHUjVhNOL1J%2FjG7dFFiJa19siSzEl%2BYBBiM"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json
Cache-Control: no-store, no-cache, must-revalidate private, no-cache, no-store, proxy-revalidate, no-transform
Set-Cookie: PHPSESSID=93eb286778bfc02bff68cc3dd05f2f2d; path=/
CF-RAY: 65247d94fe8b177a-FRA
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hitsxcash.com/	1970-01-19 18:25:02	Name: _gat Value: 1
.hitsxcash.com/	1970-01-19 18:26:28	Name: _gid Value: GA1.2.518705528.1621502427
.hitsxcash.com/	1970-01-20 11:56:14	Name: _ga Value: GA1.2.1229641411.1621502426
hitsxcash.com/	1970-01-19 19:08:14	Name: fc2cnt_89431230 Value: 1-1621502426
.doubleclick.net/	1970-01-20 03:46:38	Name: IDE Value: AHWqTUl-POOBLxM6Hb_LzOzcARHZ4ZetwpBs2GArznI80cHl0HVDGaUJuC_ai9tNmy4
.hitsxcash.com/	1970-01-20 03:46:38	Name: __gads Value: ID=c463e9e88a276857:T=1621502426:S=ALNI_MZwaA314k5EnpkwVVC1dLtQuHBOCg
hitsxcash.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 73e37783c2cbde6152808b51e2dfd1d1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10243583abd2fbfc2a84dc47d4e24c07.safeframe.googlesyndication.com
ad.a-ads.com
adhitzads.com
adservice.google.com
adservice.google.de
counter1-cdn-ssl.fc2.com
counter1.fc2.com
googleads.g.doubleclick.net
hitsxcash.com
p3.adhitzads.com
pagead2.googlesyndication.com
partner.googleadservices.com
ra.revolvermaps.com
rf.revolvermaps.com
securepubads.g.doubleclick.net
static.a-ads.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.paypalobjects.com
104.21.55.158
142.250.186.130
148.251.53.118
151.101.14.133
172.217.23.98
2606:4700:3035::ac43:c3a0
2a00:1450:4001:802::2004
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:f820:425::3
44.239.233.229
5.9.10.165
95.140.236.130
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00e55799a7b6fd5628f3b6117a96b63716fa3e1f9d166ca1a3d1526a829a6b7f
07ed686f1bd077aa87d839427fc1785524d2d5ea942e0dd20bbdafa98bdfb44b
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
125c906356e6da5c21d4e42cb7a8f6bdc7dd246439425fb0b21427bf711fa649
13ce26a16a7f42afd0e61c3a3f6cc69c446375a552398ee8ecbc7096b5dab6a5
157c78ec37f5b5250cfa4282b6ba21507ef15d379ac450354b7425b95a21e5a9
1c282935b69b1b8cbb25a4efe19c0639a9200a5c041c885807fd804dcd1629f8
1c6786a0ba78045e5ed921459a722b6b9d68c6abebed9f8d11f5a73cd333deab
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
2379959a22cd3e17009d3d8391377785ac80d40ab836687acd99f8f7dd75123c
253638abc9dba528b53258a1da09ef5f6bccb02d4d7c4bbc172ae07eaf72b11c
26861d78c3dacefb64dfd3f7aec3a3be5778138274823edf57fc418172c2556b
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
331b98fb796877e585822c176cee5dd048adeb64500e79286b2b9bd85b55e278
3a2d09f5fc7226a77c23d774bc83b118ca85e2c76a547db9581b3f4e0029261f
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
4776f6c55af827f8042c1cf9cd77a6ce64efbba1f8ab8f7b1aeccf14d3e3f129
47d0fb9951a509e50996f670b4f5950340f842def39af3d06af286f58cc0aff0
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
4c52dc85917b8a9df3304f008b98d6b7eb4cb4404928f88b55432db53d5c694c
4d661eb57b8a2b456c8c3542171f14e35941b0eacb13745b0d8346c81dfbe3a2
4de386181543637d4513d50941ca055569b04bac761a7c0a94d52933a04da114
4ea6929851eb5e7650a2def3c2d32f5a8f09d0c6179977deeaa4e900528e5f60
4eb36b4ee54c1737b5489d7b05d3c88a9914c5828fbb7bb358165cee347437e8
4ec12e4d0fb3f80148992b9bbe979a7b7ff758017cdb79d73a820f914281cf04
531066f916c0d0c983b091a5acac71d48d29003395d52d577b35f9e4b2589b0e
5366a62f1d6e597baa82df2aaf0a4b0436a74eb77cdfb7c057de9a112af39668
59e054acacbce0cfc6b7329639eb4ad898676b507b93a2b8a843ec7b5bd61202
5eaca3b397465e620123087585349af453a0948bfac1534e5af95b0deb806a74
5f7a3db81d16a32cfcf48e513b58f2111a365840a339798b8079cf68299515db
650fd471f07aa4a9c5f366739cbd74c3cb8b0cfb9d227c8df9b19ebe280d5363
65bd64f93eeb0e9cac00f8ed11c2a9c4663907c5a96b7c80bfd2c7502141939b
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6fce823a0d1d3e7fc8004eb9ef0f4d84fc6e53119d1648a3f31743dfba900d0d
70b0768d793bc792cd39e2c7344723829ee9e9789e2267ed8403502131997b67
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
742d45174f87049d5a8ab89a2c97100b91520fb8e947c6b0e015ddb64b84a4d4
88413e9da5b59b4976312fded3957047ad987f1b254916426e2fe96e167f7d79
8e9945d7ebf431506391edb3431741c9007f4248bbb09dd451f54d67da1ef01e
8f65891d2875887853b4f768f4988a53043514d21defeef43d7331c66d2361bd
92babb8f3456144f0b0e5011974209d8d78a9864ac15ffdeb36d6c4facadc6be
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
94d3dd0782f347744d697af65457ec2b5d2cf770e1d7ce85aff3e00afd79a162
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
9d86c8e2d7d510e205b1cdce8d6072f1f9546b6eec8575ca1aff590b94d17321
9fc00c599aa0902fa44e23d4ab87ffeb9fbaa747e095275f985f0b771494cb12
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a2256d7b183f7bfaa48e54c0873e21a266ab8f7d48aade1efe41179b8036a505
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d4639aab248e60f0134b4fbe21ad94db5b079f170e40f5d58e27eea7add427
a8b0018c32528afdd176315ff63452e47d3f912d1881a230ddc48d2604788c9a
ac423b2641f75e165507eb25380ba5e5e01f20a3827865b7c996367400c64a20
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b13674337c0507935efb569e0e17c718c83c604a9410e343520db2249ca133dd
b806215646a993ac4420aa7f97ab4995365a2d734f6b01bc8976f430af570f01
b898c81de9e08d0e5d71886604218e3876e77d123e75071f4657e5e8b3c39972
c0d80a3b13d197b70021100595dca269e9397406d471e2ccbafc4e09897e9bb1
c262f27abcd636af1c3c20b4b19c55e28b206e29b4c75269d3f1aed51710f81a
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c693d2fa00397a991e491562ae6926062e37546c91fc7181180660d44c5f7a1c
c7c787516f199fb142c07f23812292e03903ae3c43e481d7b4ee4aeef53fa795
c97c6711a3842ff47e9255b0d954eef44acb0ae4625ca9180e3f5bcde4f0f8b1
cad40e4825640461c5fabaf7112e150acdf88d61536e7ec12fd96dd0c654eef2
cd5149cd6f510a974d58194fde5e095bc0472b91fda3f5616dd7653bd6a79c40
ce1e17d0b803f89d349167f93d4694d21bda492179ca265b10bb6cd7b0162e79
cfa4fc594ac3fe337d1345d90cfa4e62ff956299c9f1c50c6a86058cdffe3871
d284bd418bf30e8d82d9aaf0eeae47d3849fec189e61d2be0bd75bf33ce16651
d40c1fe8ef73417a2b973c548cc09ec237557039d8d421d5aa3ebb1b0d97b764
d53e2f6f81cbfcff5b082409553822dc4998a6df9a36e15fa4e988b690faeff7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e886ca7137283c676a0af2a3e2f120df39d976823726e6216d95f738b140d242
e9cb36feceb77c8384d980b8bc1ad9df00fd5f26eb96296b3aca70da4882ecd6
ea23e6a58a0494ef80c20dc56ede92d9ee1c4621500a0ec86ae71d5f9ac21dae
ee40f64f02399f80d11bd73f0c366c451d09c1e07f4c749e79cc8bf1f69a54ee
efae543cf72bafecd8d2b7ccf25a2c8b089509fd40f3d9df2c4f666b7ee9d57e
f43f70114d42f5fd84c937506790e3e305066c624bc486e5a354ea710f781735
f6e77073b99ffa771ca6b7facd1a183e0770d43a37f39ade81380446172e503b

hitsxcash.com Open in urlscan Pro 2606:4700:3035::ac43:c3a0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

103 Requests

65 %HTTPS

60 %IPv6

13 Domains

21 Subdomains

21 IPs

2 Countries

2366 kBTransfer

3505 kBSize

7 Cookies

5 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hitsxcash.com Open in urlscan Pro
2606:4700:3035::ac43:c3a0 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

65 %
HTTPS

60 %
IPv6

13
Domains

21
Subdomains

21
IPs

2
Countries

2366 kB
Transfer

3505 kB
Size

7
Cookies

103 HTTP transactions
8 data transactions