urlscan.io logo urlscan.io
SecurityTrails logo

hitsandcash.com Open in urlscan Pro
151.106.100.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://signaturebannerads.com/
Effective URL: https://hitsandcash.com/signaturebannerads/
Submission: On May 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 14 domains to perform 20 HTTP transactions. The main IP is 151.106.100.77, located in Asheville, United States and belongs to AS-HOSTINGER, CY. The main domain is hitsandcash.com.
TLS certificate: Issued by R3 on April 22nd 2024. Valid for: 3 months.
This is the only time hitsandcash.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.142.173 16509 (AMAZON-02)
4 151.106.100.77 47583 (AS-HOSTINGER)
5 99.86.4.79 16509 (AMAZON-02)
1 172.67.74.109 13335 (CLOUDFLAR...)
1 184.164.131.234 20454 (SSASN2)
1 199.232.192.193 54113 (FASTLY)
1 194.145.180.52 24971 (MASTER-AS...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.251.111.202 6461 (ZAYO-6461)
1 192.185.28.200 19871 (NETWORK-S...)
1 50.28.104.67 53824 (LIQUIDWEB)
1 74.118.181.235 46309 (TONAQUINT-DC)
1 52.117.55.82 36351 (SOFTLAYER)
20 13
1    15.197.142.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
signaturebannerads.com
4    151.106.100.77 (Asheville, United States)

ASN47583 (AS-HOSTINGER, CY)
PTR: cpl85.hosting24.com
hitsandcash.com
5    99.86.4.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-79.fra6.r.cloudfront.net
files.secure.website
1    172.67.74.109 (United States)

ASN13335 (CLOUDFLARENET, US)
www.sfimg.com
1    184.164.131.234 (Phoenix, United States)

ASN20454 (SSASN2, US)
PTR: lfmserver.com
www.instantbannercreator.com
1    199.232.192.193 (United States)

ASN54113 (FASTLY, US)
i.imgur.com
1    194.145.180.52 (Czech Republic)

ASN24971 (MASTER-AS Czech Republic www.master.cz, CZ)
PTR: 194-145-180-52.static.masterinter.net
www.mlmgateway.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
1    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
1    104.251.111.202 (Toronto, Canada)

ASN6461 (ZAYO-6461, US)
PTR: cp2.hostsilo.com
7dollarpayments.com
1    192.185.28.200 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-28-200.unifiedlayer.com
www.mlmrecruitondemand.com
1    50.28.104.67 (United States)

ASN53824 (LIQUIDWEB, US)
PTR: host.freeadvertisingforyou.com
freeadvertisingforyou.com
1    74.118.181.235 (United States)

ASN46309 (TONAQUINT-DC, US)
PTR: top.tesblast.com
topsurfer.com
1    52.117.55.82 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 52.37.7534.ip4.static.sl-reverse.com
static.easyhits4u.com
Subject Issuer Validity Valid
hitsandcash.com
R3		 2024-04-22 -
2024-07-21		 3 months crt.sh
static.secure.website
Amazon RSA 2048 M02		 2023-11-28 -
2024-12-25		 a year crt.sh
sfimg.com
E1		 2024-05-06 -
2024-08-04		 3 months crt.sh
instantbannercreator.com
cPanel, Inc. Certification Authority		 2024-05-15 -
2024-08-13		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
www.mlmgateway.com
Sectigo RSA Organization Validation Secure Server CA		 2024-01-24 -
2025-01-24		 a year crt.sh
*.googleusercontent.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
misc-sni.blogspot.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
7dollarpayments.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-28 -
2024-11-27		 a year crt.sh
*.mlmrecruitondemand.com
R3		 2024-03-20 -
2024-06-18		 3 months crt.sh
freeadvertisingforyou.com
cPanel, Inc. Certification Authority		 2024-04-21 -
2024-07-20		 3 months crt.sh
topsurfer.com
R3		 2024-04-09 -
2024-07-08		 3 months crt.sh
static.easyhits4u.com
R3		 2024-04-19 -
2024-07-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hitsandcash.com/signaturebannerads/
Frame ID: BA47E0D2F6F2656F74EC2AD3BC348C04
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SIGNATURE BANNER ADS

Page URL History Show full URLs

  1. http://signaturebannerads.com/ HTTP 307
    https://signaturebannerads.com/ HTTP 307
    http://signaturebannerads.com/ HTTP 301
    https://hitsandcash.com/signaturebannerads/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <img [^>]*src="[^/]*//[^/]*eway\.com
Overall confidence: 100%
Detected patterns
  • <img [^>]*src="[^/]*//[^/]*eway\.com

Page Statistics

20
Requests

100 %
HTTPS

14 %
IPv6

14
Domains

14
Subdomains

13
IPs

4
Countries

12296 kB
Transfer

12278 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://signaturebannerads.com/ HTTP 307
    https://signaturebannerads.com/ HTTP 307
    http://signaturebannerads.com/ HTTP 301
    https://hitsandcash.com/signaturebannerads/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hitsandcash.com/signaturebannerads/
Redirect Chain
  • http://signaturebannerads.com/
  • https://signaturebannerads.com/
  • http://signaturebannerads.com/
  • https://hitsandcash.com/signaturebannerads/
11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hitsandcash.com/signaturebannerads/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.106.100.77 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
cpl85.hosting24.com
Software
LiteSpeed /
Resource Hash
195cf00de1d6da1aa9a18be18c1bcd5d2dc6b7df3ba2834a71014a92c01d2c35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
2993
content-type
text/html
date
Sun, 19 May 2024 10:34:17 GMT
last-modified
Fri, 17 May 2024 14:06:47 GMT
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
78
Content-Type
text/html; charset=utf-8
Date
Sun, 19 May 2024 10:34:17 GMT
Location
https://hitsandcash.com/signaturebannerads/
Server
ip-100-74-4-151.eu-west-2.compute.internal
Vary
Accept-Encoding
X-Request-Id
dc1eaafa-444b-4c9a-a036-57685c0a8f75
dreams-are-meant-to-be-achieved.gif
files.secure.website/wscfus/10781167/32403717/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.secure.website/wscfus/10781167/32403717/dreams-are-meant-to-be-achieved.gif
Requested by
Host: hitsandcash.com
URL: https://hitsandcash.com/signaturebannerads/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-79.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb7bf433c6b02b44756dc3bb21fe5b873453c71f5f8d57dba8be4f226a4c3611

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 03:27:22 GMT
x-amz-version-id
null
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified
Wed, 24 Apr 2024 06:44:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
198416
etag
"ba6bc3674a84ddbc6add3900ef904871"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
37466
x-amz-cf-id
Tx9PvFNuB7-_W3n1AT42fczy5sg7IYSOE6jNgUo28QGpCBhLCAuVtw==
banners.txt
hitsandcash.com/signaturebannerads/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hitsandcash.com/signaturebannerads/banners.txt
Requested by
Host: hitsandcash.com
URL: https://hitsandcash.com/signaturebannerads/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.106.100.77 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
cpl85.hosting24.com
Software
LiteSpeed /
Resource Hash
3d84a5365ccefe51c255bce10d7672a9b25f44e00d51d4695a498196b7d3c583
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/signaturebannerads/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:34:17 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Sun, 19 May 2024 06:49:54 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/plain
accept-ranges
bytes
content-length
1217
x-xss-protection
1; mode=block
favicon.ico
hitsandcash.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hitsandcash.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.106.100.77 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
cpl85.hosting24.com
Software
LiteSpeed /
Resource Hash
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/signaturebannerads/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 19 May 2024 10:34:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
LiteSpeed
vary
User-Agent
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
1251
x-xss-protection
1; mode=block
add-a-heading-4.gif
files.secure.website/wscfus/10781167/32447433/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.secure.website/wscfus/10781167/32447433/add-a-heading-4.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-79.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eed8d616a11691309fbf1e986d60597f90e04ebf784931ea461ec5fd77789c2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 05:49:25 GMT
x-amz-version-id
null
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified
Sun, 19 May 2024 05:36:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
17093
etag
"3a8a5dcf7108688e5df53ea9d7e04cfe"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2116259
x-amz-cf-id
Ca8uGF_YXYv59oLmdKprHYHR9TN72eyNqTJjluqjZcAP85DY83EAmw==
video-marketing-2.gif
files.secure.website/wscfus/10781167/32415829/ 		173 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.secure.website/wscfus/10781167/32415829/video-marketing-2.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-79.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d58ebbf6f285b202c3ba0ddc1a9bd299353a3bf9d632f38ff6f483ba8c17705f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 10:08:33 GMT
x-amz-version-id
null
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified
Wed, 01 May 2024 01:08:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
87944
etag
"499da034eed7922639c9648cb41994e7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
177431
x-amz-cf-id
0l-EiwhauRmGoDu08-JcmQQfG7yM7SPf5-6Gg_T1IVL1WxrzHJQdpw==
its-raining-25-payments-1.gif
files.secure.website/wscfus/10781167/32421200/ 		9 MB
9 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.secure.website/wscfus/10781167/32421200/its-raining-25-payments-1.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-79.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f4fdf629b898b46bcf63b05ac2fca4611dc2877d42b642f15547b83ef457d54

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 07:03:59 GMT
x-amz-version-id
null
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified
Sat, 04 May 2024 21:33:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
271819
etag
"c4fb5a5f27ff13cb69122f5244111b3b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9383590
x-amz-cf-id
hGqRSy6yZzQkIGyhlKxqSSgqttnCYDr03ivhkMan9VZNDTFVfc_VDA==
1.gif
hitsandcash.com/banners/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hitsandcash.com/banners/1.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.106.100.77 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
cpl85.hosting24.com
Software
LiteSpeed /
Resource Hash
ae2e837436e897edfe51d23c2f46e469dab455f36961e024880275b6c69077b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/signaturebannerads/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:34:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 30 Jun 2002 15:15:20 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4712
x-xss-protection
1; mode=block
expires
Sun, 26 May 2024 10:34:17 GMT
banner414.jpg
www.sfimg.com/SFIBanners/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sfimg.com/SFIBanners/banner414.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14946059006cc94c349a997c68a25d1307f901f327c9aff3af8633abf7b5ecf5
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:34:18 GMT
strict-transport-security
max-age=31540000
cf-cache-status
MISS
last-modified
Wed, 01 Jul 2020 16:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5efcc07b-396b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CynaGOcAtso7YzNwlTY4R4FJs5Did3OnHoy1%2BX6AA7ziwWbkM0KDg30QuBLzjpVtGLvq6qFSQ%2FJ6otoCygKN%2B96g4LtDGAwjnGYHlQJUqtldJiu9p78vgwBvLYesPP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
88636f044fec9073-FRA
alt-svc
h3=":443"; ma=86400
content-length
14699
banner-23802.png
www.instantbannercreator.com/images/members/85184/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.instantbannercreator.com/images/members/85184/banner-23802.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.164.131.234 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
lfmserver.com
Software
Apache /
Resource Hash
7c42851412a531c4ab7d6172385904002f0c525002f8bf25d9401b7ba05c62f4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 19 May 2024 10:34:18 GMT
Last-Modified
Tue, 06 Apr 2021 12:52:13 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
22379
Content-Type
image/png
iCJW9NL.jpg
i.imgur.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/iCJW9NL.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
62c70ff7b6851f9c6f4a22e95704fa3219f4b57dc734a2cb52fe327ac645f70e
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:34:17 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
ATL58-P8
age
163609
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
8721
x-served-by
cache-iad-kiad7000063-IAD, cache-fra-etou8220143-FRA
last-modified
Fri, 17 May 2024 13:07:30 GMT
server
cat factory 1.0
x-timer
S1716114858.637742,VS0,VE2
etag
"c51b4761c9069f137331d7ab7efe28ed"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
V9F6bANrpuekP_rPUgpPt_LMUkdrsdf-rRyuEEj7M8vaNbiNWD062g==
x-cache-hits
17, 0
468x60.gif
www.mlmgateway.com/images/banners/mlmgateway/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlmgateway.com/images/banners/mlmgateway/468x60.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.145.180.52 , Czech Republic, ASN24971 (MASTER-AS Czech Republic www.master.cz, CZ),
Reverse DNS
194-145-180-52.static.masterinter.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
b6bf0fa37ad049ee23936d04fdba22b310d2b0bdb823556e4bbeda186892d187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 19 May 2024 10:34:17 GMT
Strict-Transport-Security
max-age=31536000; preload
Last-Modified
Thu, 02 Jun 2016 09:35:10 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"ccc8-53448528bf241"
Vary
User-Agent
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
52424
/
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7KYb4Zzx8GbFZvcb47zKAqWua_ykeR-TbZ_jA3MS-dlwuhia6s7XSRzAHjSxuj9ak75rwFHFS6WJsQSJm9Xj2JtkbHRMoWJgiy6o8ggt9Wn_EhERJpT7QQaflLZlGrod9zDXnhDW0ckcXSmXP... 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7KYb4Zzx8GbFZvcb47zKAqWua_ykeR-TbZ_jA3MS-dlwuhia6s7XSRzAHjSxuj9ak75rwFHFS6WJsQSJm9Xj2JtkbHRMoWJgiy6o8ggt9Wn_EhERJpT7QQaflLZlGrod9zDXnhDW0ckcXSmXPGyCHXFmXvKtmBu9DjmVLteb0XSsUzIbD-CLNSMv4/w640-h80/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
aba79eb03a7ff56c27983f867ba53604b8599b88708dd980e35b8d3a5a5c732b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:34:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v8c5"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="fway. (1).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45653
x-xss-protection
0
expires
Mon, 20 May 2024 10:34:18 GMT
WAYLOADED.gif
1.bp.blogspot.com/-vJX2vt_4JfY/Xy4TmpSNhuI/AAAAAAAAGFs/KNWUKYka3z4iIFg2HBA8I9b4-2eHVKrLgCLcBGAsYHQ/s728/ 		243 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-vJX2vt_4JfY/Xy4TmpSNhuI/AAAAAAAAGFs/KNWUKYka3z4iIFg2HBA8I9b4-2eHVKrLgCLcBGAsYHQ/s728/WAYLOADED.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8a3bd0720eb79aea6fcef3ff4db8f0d82d61412c338963362712e12c3d8db6a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 07:00:13 GMT
x-content-type-options
nosniff
age
12844
content-disposition
inline;filename="WAYLOADED.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248648
x-xss-protection
0
server
fife
etag
"v185c"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 May 2024 07:00:13 GMT
ff468.gif
7dollarpayments.com/images/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7dollarpayments.com/images/ff468.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.251.111.202 Toronto, Canada, ASN6461 (ZAYO-6461, US),
Reverse DNS
cp2.hostsilo.com
Software
LiteSpeed /
Resource Hash
b0ec6beb1c7237518025e8b1a390e1cab751c4599e3176b98322f4fa4d2495eb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:34:17 GMT
last-modified
Wed, 06 Mar 2024 17:37:43 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
78912
expires
Sun, 26 May 2024 10:34:17 GMT
468X60_1.png
www.mlmrecruitondemand.com/banners/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlmrecruitondemand.com/banners/468X60_1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.28.200 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-28-200.unifiedlayer.com
Software
Apache /
Resource Hash
9961f55b088495c09a21fe9a9433c2c98fe0165960c61568821b1331fb9381cf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:34:18 GMT
last-modified
Wed, 17 Sep 2014 01:06:30 GMT
server
Apache
accept-ranges
bytes
content-length
33362
content-type
image/png
FAFY-banner468x60-1.gif
freeadvertisingforyou.com/images/ 		185 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freeadvertisingforyou.com/images/FAFY-banner468x60-1.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
50.28.104.67 , United States, ASN53824 (LIQUIDWEB, US),
Reverse DNS
host.freeadvertisingforyou.com
Software
Apache /
Resource Hash
736ab1d6cb90d6dca22dae24f9236bbb59f87a03d32eec8988844a9eac8cec05
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 19 May 2024 10:34:18 GMT
Content-Security-Policy
upgrade-insecure-requests;
Last-Modified
Thu, 09 Nov 2017 20:10:44 GMT
Server
Apache
ETag
"2e5d0-55d9266271900"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
189904
Expires
Tue, 18 Jun 2024 10:34:18 GMT
161451_1687154918.gif
topsurfer.com/members/bannerimg/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://topsurfer.com/members/bannerimg/161451_1687154918.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.181.235 , United States, ASN46309 (TONAQUINT-DC, US),
Reverse DNS
top.tesblast.com
Software
Apache/2.4.6 /
Resource Hash
eeff80916623740224cdb9b8c26d6680593992611e3a64744c11a2b0cca3160d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 19 May 2024 10:34:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 19 Jun 2023 06:08:38 GMT
Server
Apache/2.4.6
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
max-age=2592000
Feature-Policy
geolocation 'self'; vibrate 'none'
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
43345
X-XSS-Protection
1; mode=block
Expires
max-age=2592000, public
1830078.gif
static.easyhits4u.com/user/banners/18/78/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.easyhits4u.com/user/banners/18/78/1830078.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.117.55.82 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
52.37.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
1b83e7c624e258bcf515dfa9ccf75f4b5d5fdb6d4915524ddf73b47df7401802

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:34:17 GMT
last-modified
Wed, 15 May 2024 11:29:05 GMT
server
nginx
etag
"66449c81-8318"
content-type
image/gif
access-control-allow-origin
https://www.easyhits4u.com
cache-control
max-age=1209600
accept-ranges
bytes
content-length
33560
expires
Sun, 02 Jun 2024 10:34:17 GMT
dreams-are-meant-to-be-achievedpppppppppppiiii.gif
files.secure.website/wscfus/10781167/32444155/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.secure.website/wscfus/10781167/32444155/dreams-are-meant-to-be-achievedpppppppppppiiii.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-79.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c10445daabfe1e19d833a47d5210e89f62e53fcf2e9eaaaeafd8e5e83a753d66

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hitsandcash.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 04:29:05 GMT
x-amz-version-id
null
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified
Thu, 16 May 2024 21:38:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
194713
etag
"4d54673c855668eb448377ad4444cc4e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
67470
x-amz-cf-id
sxbfxXTGg0BKEATAk4IZ5ovKIE4Ccwol_UbNzyytH9C98rfWv1N45A==

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showSuccessMessage function| scrollToTop function| loadBanners function| isOneHourPassed function| setLastSubmissionTime function| getLastSubmissionTime

0 Cookies

5 Console Messages

Source Level URL
Text
security warning URL: https://hitsandcash.com/signaturebannerads/
Message:
Mixed Content: The page at 'https://hitsandcash.com/signaturebannerads/' was loaded over HTTPS, but requested an insecure element 'http://www.sfimg.com/SFIBanners/banner414.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hitsandcash.com/signaturebannerads/
Message:
Mixed Content: The page at 'https://hitsandcash.com/signaturebannerads/' was loaded over HTTPS, but requested an insecure element 'http://www.instantbannercreator.com/images/members/85184/banner-23802.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hitsandcash.com/signaturebannerads/
Message:
Mixed Content: The page at 'https://hitsandcash.com/signaturebannerads/' was loaded over HTTPS, but requested an insecure element 'http://www.mlmgateway.com/images/banners/mlmgateway/468x60.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hitsandcash.com/signaturebannerads/
Message:
Mixed Content: The page at 'https://hitsandcash.com/signaturebannerads/' was loaded over HTTPS, but requested an insecure element 'http://7dollarpayments.com/images/ff468.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://hitsandcash.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
7dollarpayments.com
blogger.googleusercontent.com
files.secure.website
freeadvertisingforyou.com
hitsandcash.com
i.imgur.com
signaturebannerads.com
static.easyhits4u.com
topsurfer.com
www.instantbannercreator.com
www.mlmgateway.com
www.mlmrecruitondemand.com
www.sfimg.com
104.251.111.202
15.197.142.173
151.106.100.77
172.67.74.109
184.164.131.234
192.185.28.200
194.145.180.52
199.232.192.193
2a00:1450:4001:809::2001
2a00:1450:4001:82f::2001
50.28.104.67
52.117.55.82
74.118.181.235
99.86.4.79
0eed8d616a11691309fbf1e986d60597f90e04ebf784931ea461ec5fd77789c2
14946059006cc94c349a997c68a25d1307f901f327c9aff3af8633abf7b5ecf5
195cf00de1d6da1aa9a18be18c1bcd5d2dc6b7df3ba2834a71014a92c01d2c35
1b83e7c624e258bcf515dfa9ccf75f4b5d5fdb6d4915524ddf73b47df7401802
1f4fdf629b898b46bcf63b05ac2fca4611dc2877d42b642f15547b83ef457d54
3d84a5365ccefe51c255bce10d7672a9b25f44e00d51d4695a498196b7d3c583
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
62c70ff7b6851f9c6f4a22e95704fa3219f4b57dc734a2cb52fe327ac645f70e
736ab1d6cb90d6dca22dae24f9236bbb59f87a03d32eec8988844a9eac8cec05
7c42851412a531c4ab7d6172385904002f0c525002f8bf25d9401b7ba05c62f4
8a3bd0720eb79aea6fcef3ff4db8f0d82d61412c338963362712e12c3d8db6a4
9961f55b088495c09a21fe9a9433c2c98fe0165960c61568821b1331fb9381cf
aba79eb03a7ff56c27983f867ba53604b8599b88708dd980e35b8d3a5a5c732b
ae2e837436e897edfe51d23c2f46e469dab455f36961e024880275b6c69077b6
b0ec6beb1c7237518025e8b1a390e1cab751c4599e3176b98322f4fa4d2495eb
b6bf0fa37ad049ee23936d04fdba22b310d2b0bdb823556e4bbeda186892d187
bb7bf433c6b02b44756dc3bb21fe5b873453c71f5f8d57dba8be4f226a4c3611
c10445daabfe1e19d833a47d5210e89f62e53fcf2e9eaaaeafd8e5e83a753d66
d58ebbf6f285b202c3ba0ddc1a9bd299353a3bf9d632f38ff6f483ba8c17705f
eeff80916623740224cdb9b8c26d6680593992611e3a64744c11a2b0cca3160d