xyupload.com Open in urlscan Pro
2606:4700:3030::ac43:a128 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Submission: On September 16 via manual (September 16th 2021, 5:52:58 am UTC) from IN — Scanned from DE

Summary HTTP 83 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 30 IPs in 7 countries across 29 domains to perform 83 HTTP transactions. The main IP is 2606:4700:3030::ac43:a128, located in United States and belongs to CLOUDFLARENET, US. The main domain is xyupload.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 17th 2021. Valid for: a year.

This is the only time xyupload.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3030::ac43:a128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	139.45.197.15 139.45.197.15	9002 (RETN-AS) (RETN-AS)
4 9	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
6	109.206.162.83 109.206.162.83	50245 (SERVEREL-AS) (SERVEREL-AS)
4	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	139.45.197.235 139.45.197.235	9002 (RETN-AS) (RETN-AS)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
6	154.51.131.141 154.51.131.141	174 (COGENT-174) (COGENT-174)
1	2a00:1450:400... 2a00:1450:400d:805::200a	15169 (GOOGLE) (GOOGLE)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2606:4700:10:... 2606:4700:10::6816:ec6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	139.45.197.89 139.45.197.89	9002 (RETN-AS) (RETN-AS)
5	94.31.29.128 94.31.29.128	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
1	139.45.197.188 139.45.197.188	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3036::ac43:a640	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	5.178.65.245 5.178.65.245	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1 6	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.168.193.183 108.168.193.183	36351 (SOFTLAYER) (SOFTLAYER)
83	30

12 2606:4700:3030::ac43:a128 (United States)

ASN13335 (CLOUDFLARENET, US)

xyupload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.15 (United Kingdom)

ASN9002 (RETN-AS, GB)

in-page-push.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 173.192.101.24 (Dallas, United States) 4 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

p336138.clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mybetterdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net

mailwithcash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stagepopkek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ilusors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.235 (United Kingdom)

ASN9002 (RETN-AS, GB)

native.propellerclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 154.51.131.141 (Windsor, United Kingdom)

ASN174 (COGENT-174, US)

tags.h12-media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bidder.h12-media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:ec6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bncloudfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.89 (United Kingdom)

ASN9002 (RETN-AS, GB)

hoawhaum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 94.31.29.128 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net

p336138.mycdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

otrwaram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.188 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:a640 (United States)

ASN13335 (CLOUDFLARENET, US)

f.h12-media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.245 (Woerden, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.132.78 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.168.193.183 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: b7.c1.a86c.ip4.static.sl-reverse.com

xyuploadcom.imageshack.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	xyupload.com xyupload.com	137 KB
7	h12-media.com tags.h12-media.com f.h12-media.com bidder.h12-media.com	257 KB
6	mgid.com 1 redirects c.mgid.com s-img.mgid.com	71 KB
5	criteo.com 1 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	1 KB
5	mycdn.co p336138.mycdn.co	203 KB
5	cloudflare.com cdnjs.cloudflare.com	56 KB
5	mybetterdl.com mybetterdl.com	124 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com	91 KB
4	clksite.com 4 redirects p336138.clksite.com clksite.com	466 B
3	hoawhaum.net hoawhaum.net	1 KB
3	gstatic.com fonts.gstatic.com	55 KB
3	stagepopkek.com stagepopkek.com	43 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
3	in-page-push.com in-page-push.com	31 KB
2	e-planning.net 1 redirects ads.us.e-planning.net	2 KB
2	onmarshtompor.com onmarshtompor.com	3 KB
2	otrwaram.com otrwaram.com	23 KB
2	google-analytics.com ssl.google-analytics.com	17 KB
2	rtmark.net my.rtmark.net	1 KB
2	mailwithcash.com mailwithcash.com	29 KB
1	imageshack.host xyuploadcom.imageshack.host	489 B
1	adtelligent.com ghb.adtelligent.com	856 B
1	cdnativepush.com static.cdnativepush.com	3 KB
1	bncloudfl.com cdn.bncloudfl.com	4 KB
1	ilusors.com ilusors.com	190 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	propellerclick.com native.propellerclick.com
1	jsdelivr.net cdn.jsdelivr.net	4 KB
0	eergaroa.com Failed eergaroa.com Failed
83	29

	Domain	Requested by
12	xyupload.com	xyupload.com static.cloudflareinsights.com
5	s-img.mgid.com	bidder.h12-media.com
5	p336138.mycdn.co	p336138.clksite.com p336138.mycdn.co clksite.com
5	cdnjs.cloudflare.com	xyupload.com
5	mybetterdl.com	xyupload.com p336138.mycdn.co
4	tags.h12-media.com	xyupload.com tags.h12-media.com
4	maxcdn.bootstrapcdn.com	xyupload.com maxcdn.bootstrapcdn.com
3	hoawhaum.net	xyupload.com
3	fonts.gstatic.com	fonts.googleapis.com
3	stagepopkek.com	xyupload.com stagepopkek.com
3	in-page-push.com	xyupload.com in-page-push.com
2	bidder.h12-media.com	tags.h12-media.com
2	ads.us.e-planning.net	1 redirects
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	onmarshtompor.com	otrwaram.com
2	otrwaram.com	xyupload.com
2	ssl.google-analytics.com	xyupload.com
2	clksite.com	2 redirects
2	my.rtmark.net	in-page-push.com onmarshtompor.com
2	fonts.googleapis.com	xyupload.com
2	mailwithcash.com	xyupload.com mailwithcash.com
2	p336138.clksite.com	2 redirects
1	xyuploadcom.imageshack.host
1	c.mgid.com	1 redirects
1	ghb.adtelligent.com	tags.h12-media.com
1	bidder.criteo.com	tags.h12-media.com
1	f.h12-media.com	tags.h12-media.com
1	static.cdnativepush.com
1	cdn.bncloudfl.com	xyupload.com
1	ilusors.com	mailwithcash.com
1	ajax.googleapis.com	xyupload.com
1	static.cloudflareinsights.com	xyupload.com
1	native.propellerclick.com	xyupload.com
1	cdn.jsdelivr.net	xyupload.com
0	eergaroa.com Failed	xyupload.com
83	36

This site contains links to these domains. Also see Links.

Domain
www.repaircontact.com
en.gravatar.com
hotarucms.org
sigmakom.com
vida.mk
www.intango.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-17` - `2022-04-16`	a year	crt.sh
in-page-push.com R3	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.mybetterdl.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-26` - `2022-04-26`	a year	crt.sh
mailwithcash.com R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
stagepopkek.com R3	`2021-08-02` - `2021-10-31`	3 months	crt.sh
propellerclick.com R3	`2021-09-05` - `2021-12-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.h12-media.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-07` - `2021-09-18`	a year	crt.sh
ilusors.com R3	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
hoawhaum.net R3	`2021-07-28` - `2021-10-26`	3 months	crt.sh
*.mycdn.co Sectigo RSA Domain Validation Secure Server CA	`2020-10-13` - `2021-10-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
otrwaram.com R3	`2021-08-12` - `2021-11-10`	3 months	crt.sh
cdnativepush.com R3	`2021-07-14` - `2021-10-12`	3 months	crt.sh
onmarshtompor.com R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
ads.us.e-planning.net R3	`2021-08-01` - `2021-10-30`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-08-10` - `2021-11-08`	3 months	crt.sh
*.imageshack.host Sectigo RSA Domain Validation Secure Server CA	`2021-02-22` - `2022-03-03`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Frame ID: DBEFB08C41865C698433673D170716FD
Requests: 62 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/937/cd4/51a/937cd451aeb6215d274b679dd0c53ba2b7a09601.gif
Frame ID: 552E60B0F1A2FEF7DBF44728A7B767B3
Requests: 2 HTTP requests in this frame

Frame: https://tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%222a01%3A4f8%3A212%3A78e%3A30%3A%3A1%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickysmart%22%2C%22pubid%22%3A%225cdaacef9be0bc5b971260214ca88323%22%2C%22adunitid%22%3A%2222440%22%2C%22topurl%22%3A%22https%3A%2F%2Fxyupload.com%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22lnzuxr11m39%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A4%2C%22hourofday%22%3A5%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22ltr%22%2C%22cdims%22%3A%5B1600%2C1200%5D%2C%22ddims%22%3A%5B1600%2C2075%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B0%2C50%5D%2C%22maxwidth%22%3A1600%2C%22maxheight%22%3A1200%7D&rnd=0.4159235455650778
Frame ID: A1F47931374F1B2C0DC6AF855A5A2E2C
Requests: 9 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=780e76e1149140889fcd85c90cedf7e8&oaidts=1631771574
Frame ID: 0FF50C85E5AF1EC24EF142ACD4BD58E1
Requests: 2 HTTP requests in this frame

Frame: https://bidder.h12-media.com/iframe/?impdata=64BrtsxsLXFBpA7IhzEfgHoqGE_QAppH9GUAoB7IichiuIehU7vKCVIn4MUfzi5cFaZkH6-j44Uuizt4lHbjgGjW8EUcrSiONQsa1hlRIhvX1AbKAxik2gTnGVsL_roMl4QlOElIbSKaUDBCIGZeuOacAhLzQxhL8kqifGyUcvL3sn3uOyyynv2AKJko3huw-TeVMuJMUxBa4bvux8JnSqw-DNdHJ97oPZRuNiXDRFXz-VA3xK6U3unaDELjlEsBFo80zsRCHP4gOZZHfcy54gHmFT72x_KTV7G9vxdX7iyZvRRH3Pk91ntUSXGerIdjuJ1hn-t1Y_YS_cwIp7kUO7PbeVfegYVrf1y8ixH4OWNZzEdJtJwgQEWPv-iUunE8ssZz0XEE4t1WyWKanv0yfZk4KqLMokycg07tPbU5KG7VJ7nJdzGfPMVLF2s466czIxugTI1m9iYXPzC-3QUaLJxPMHGMxgCzXcZTwOiQMF35f45FFN0deGxEeK_3w_Z_-EDZBV0K8zZCsolI0SlC632NtKPZgUGuT-wd_Qjc_t2nC4gbu81qHP95gFRik5qEcOWEW4VjcTNfZBphNWwCWhPQx04xisH5UbEsZYssuYtOCWUG90CwuOrJoTjzKyikAxWVEgN2a5zLDsva6jAjs3ni-GCLWp7x6BeFVhr2OqVI31
Frame ID: 1A7AACABD0193686407EC3C55D1DF4E5
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Easy Ways To Fix QuickBooks 2021 Will Not Export To Excel « xyupload.com

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

83
Requests

98 %
HTTPS

45 %
IPv6

29
Domains

36
Subdomains

30
IPs

7
Countries

1191 kB
Transfer

3180 kB
Size

33
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.repaircontact.com/quickbooks-2021-will-not-export-to-excel.php
Title: Easy Ways To Fix QuickBooks 2021 Will Not Export To Excel

Search URL Search Domain Scan URL

URL: https://en.gravatar.com/
Title: Get Gravatar

Search URL Search Domain Scan URL

URL: http://hotarucms.org/

Search URL Search Domain Scan URL

URL: http://sigmakom.com/
Title: sigmakom.com

Search URL Search Domain Scan URL

URL: http://vida.mk/
Title: VIDA.mk

Search URL Search Domain Scan URL

URL: http://www.intango.com/adinfo/
Title: Page

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://p336138.clksite.com/adServe/banners?tid=336138_739198_2 HTTP 301
https://mybetterdl.com/adServe/banners?tid=336138_739198_2

Request Chain 12

https://p336138.clksite.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true HTTP 301
https://mybetterdl.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true

Request Chain 45

https://clksite.com/adServe/banners?tid=336138_654829_2&pause=5 HTTP 301
https://mybetterdl.com/adServe/banners?tid=336138_654829_2&pause=5

Request Chain 46

https://clksite.com/adServe/banners?tid=336138_654829_1&tagid=2 HTTP 301
https://mybetterdl.com/adServe/banners?tid=336138_654829_1&tagid=2

Request Chain 64

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxyupload.com%2F&domain=xyupload.com&gdprString=CPMnJUfPMnJUfAcACBENBVCsAP_AAH_AACiQHsNf_X__b39j-_59__t0eY1f9_7_v-0zjhfdt-8N2f_X_L8X42M7vF36pq4KuR4Eu3LBIQNlHOHUTUmw6okVrTPsak2Mr7NKJ7LEinMbe2dYGHtfn91TuZKYr_78_9fz__-__v___9f3r-3_3__p9X---_e_V399xLv9__wPVAJMNS-ACzEscGSaNKoUQIQrCQ6AUAFFCMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJUggWBkAAA.YAAAAAAAAAAA&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=FEvKKHxLWWdXVWRrZ3FpUXFzSUx5UGpENjlBSS9UazdJNkFxQ2Rid0pEdGprQzZqYTlZSnJ6QXpkRUNmbjhBZkhwNlV6eW1UbFZaYXZCMVRqS3NlYWdscHhWb1Z6aTB6UVoxWWU2dW05UERpano1L1B3TlpMR0FwZlVLckZDSXY0U20wd05vT0pBZDl4TnpIckdjZk1wQUJWdE1VZDhaY0lDZTllVnY3Vjlqb29mUGVoOWpMaDdidkJ1RDRUSk0vMUVmNFpFNFkrY3NPcGNySGt2dFgwc0d6QVFQdDFHZUNvRW05Mm4rSWlhZXRvNDZnPXw&cppv=2

Request Chain 65

https://ads.us.e-planning.net/pbjs/1/2d2a6/1/xyupload.com/ROS?rnd=0.119616918668223&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x600%2B250x250_0%3A250x250%2B970x250_0%3A970x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90%2B468x60_0%3A468x60&ur=https%3A%2F%2Fxyupload.com%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F&r=pbjs&pbv=4.39.0&ncb=1&vs=FFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fxyupload.com%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F&gdpr=1&gdprcs=CPMnJUfPMnJUfAcACBENBVCsAP_AAH_AACiQHsNf_X__b39j-_59__t0eY1f9_7_v-0zjhfdt-8N2f_X_L8X42M7vF36pq4KuR4Eu3LBIQNlHOHUTUmw6okVrTPsak2Mr7NKJ7LEinMbe2dYGHtfn91TuZKYr_78_9fz__-__v___9f3r-3_3__p9X---_e_V399xLv9__wPVAJMNS-ACzEscGSaNKoUQIQrCQ6AUAFFCMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJUggWBkAAA.YAAAAAAAAAAA&pubcid=62acced1-4488-491b-87f2-5adeb3639e52 HTTP 302
https://ads.us.e-planning.net/hb/1/2d2a6/1/xyupload.com/ROS?ct=1&r=pbjs&rnd=0.119616918668223&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x600%2B250x250_0%3A250x250%2B970x250_0%3A970x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90%2B468x60_0%3A468x60&ur=https%3A%2F%2Fxyupload.com%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F&r=pbjs&pbv=4.39.0&ncb=1&vs=FFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fxyupload.com%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F&gdpr=1&gdprcs=CPMnJUfPMnJUfAcACBENBVCsAP_AAH_AACiQHsNf_X__b39j-_59__t0eY1f9_7_v-0zjhfdt-8N2f_X_L8X42M7vF36pq4KuR4Eu3LBIQNlHOHUTUmw6okVrTPsak2Mr7NKJ7LEinMbe2dYGHtfn91TuZKYr_78_9fz__-__v___9f3r-3_3__p9X---_e_V399xLv9__wPVAJMNS-ACzEscGSaNKoUQIQrCQ6AUAFFCMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJUggWBkAAA.YAAAAAAAAAAA&pubcid=62acced1-4488-491b-87f2-5adeb3639e52

Request Chain 75

https://c.mgid.com/c?pv=2&v=0|0|0|mmaR3q6xKhu8PkG49HC8e_gv0QM5XZOb0ny_ggD2dUb4sJ7rJi4bN1eX6FJPGQDK&cid=1056819&f=1&h2=6ByAVn8qW3qBJXZTwx0IeoQQtQY-vO2_oDLBb86WAx8*&rid=560a25e9-16b2-11ec-a8c3-e4434b374c12&psid=784654&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzkyODYzMzcvMzI4eDMyOC8tL2FIUjBjRG92TDJOc0xtbHRaMmh2YzNSekxtTnZiUzlwYldkb0wybHRZV2RsTDJabGRHTm9MMkZ5WHpFNk1TeGpYMlpwYkd3c1pWOXphR0Z5Y0dWdU9qRXdNQ3htWDJwd1p5eG5YMlpoWTJWek9tRjFkRzhzZDE4NU5qQXZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qRXRNRFV2TkRNd05EZzBMemRrWW1Wa1pURmxPVEExWlRZMVltUTBPREEwT1RNMFlXUXdNV0U1TmpnMkxtcHdaV2Mud2VicD92PTE2MzE3NzE1NzQtdW5HRGdyVHdVNWdDYVo2SXdLaFo5M0tEM0l0SVFuTXRuT0JqYVkybXNaaw== HTTP 301
https://s-img.mgid.com/g/9286337/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDUvNDMwNDg0LzdkYmVkZTFlOTA1ZTY1YmQ0ODA0OTM0YWQwMWE5Njg2LmpwZWc.webp?v=1631771574-unGDgrTwU5gCaZ6IwKhZ93KD3ItIQnMtnOBjaY2msZk

83 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/ 298 KB
72 KB 1027ms
977ms Document
text/html 2606:4700:3030::ac43:a128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: 148d0f79a488658a0eb9112e8f509dfb2b9dc3f403694d305c6ac4759d874228

Request headers

:method: GET
:authority: xyupload.com
:scheme: https
:path: /easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 16 Sep 2021 05:52:52 GMT
content-type: text/html; utf8_unicode_ci;charset=UTF-8
x-powered-by: PHP/5.3.3
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=ccmtoqucodrq7p1a4dfefv6he2; path=/
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndMHUvMHjbFLoJUEaAILV8dyfk6kGVhls8CfWyb1vfikZwKgzTv6jsj2faH9M4jpCM9P0jpgGpXZJJIA5C6iJ5g6vmNQKPR18D9rnT2baI4GPafdV1G9Y2wMhw%2F5nSw4Ei6txR65eZkYWlI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68f7d4c0adfa4abd-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 3680812 Show response
in-page-push.com/400/ 84 KB
30 KB 63ms
22ms Script
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/400/3680812

Requested by

Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ef5b19f00d99790b3ae72b877e77a601d3d42c87e9fcfc8b8918c7428eab206b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 21573f1e736a4cd3063f66a21e43e0d0
pragma: no-cache
date: Thu, 16 Sep 2021 05:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2

200

banners Show response
mybetterdl.com/adServe/
Redirect Chain

https://p336138.clksite.com/adServe/banners?tid=336138_739198_2
https://mybetterdl.com/adServe/banners?tid=336138_739198_2

81 KB
31 KB

659ms
388ms

Script
text/javascript

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://mybetterdl.com/adServe/banners?tid=336138_739198_2
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 3ab0d7ff87f9dfd69967824595b8f452493ed798d65d581612ff38c9a1ebe7a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://mybetterdl.com/adServe/banners?tid=336138_739198_2
date: Thu, 16 Sep 2021 05:52:52 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 tghr.js Show response
mailwithcash.com/aas/r45d/vki/1789854/ 68 KB
27 KB 91ms
12ms Script
application/javascript 109.206.162.83
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mailwithcash.com/aas/r45d/vki/1789854/tghr.js
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 83.162.serverel.net
Software: nginx /
Resource Hash: eae07e608fb2a8262ae998424e55afe79d12808df1587e4c7a3c7c214700fbcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 15:15:35 GMT
server: nginx
etag: W/"6130ea97-10fdf"
vary: Accept-Encoding
content-type: application/javascript
timing-allow-origin: *

GET
H2 200 style.css
xyupload.com/content/themes/slightlyyellow/css/ 6 KB
2 KB 14ms
11ms Stylesheet
text/css 2606:4700:3030::ac43:a128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xyupload.com/content/themes/slightlyyellow/css/style.css
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef311b836fc30fc9c7d6a0c75db64eafe1a0e572d315d1a41f6bd21821710acd

Request headers

:path: /content/themes/slightlyyellow/css/style.css
pragma: no-cache
cookie: PHPSESSID=ccmtoqucodrq7p1a4dfefv6he2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: xyupload.com
referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 116608
cf-polished: origSize=7524
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 14 Sep 2021 21:29:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oR9uqArzMKugBWJCM4dV84HHlv%2FagVwAg4%2BIZTXJCD0Hn9s39E6sr0BfmiEQpjohdZzL2tQPK%2FBKCiqu9f2MWHuyOUxl2Q0IicKko%2Fok6MeOXE51IJdl3%2BqPP74g8iS2DdvJPWDq4amJn%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 68f7d4c6fe844abd-FRA
cf-bgj: minify

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 34ms
14ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 15324654
cdn-cachedat: 2021-03-11 11:57:55
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a9f1136dc57a7605179530d5ffb85493
cf-ray: 68f7d4c70ae26916-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 115 KB
19 KB 42ms
23ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

Requested by

Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 15324998
cdn-cachedat: 2021-03-11 11:59:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3635dc8c77fba3315be6707289c4e04d
cf-ray: 68f7d4c70ae56916-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 summernote.min.css
cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/ 10 KB
2 KB 37ms
19ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/summernote.min.css

Requested by

Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ed9119918adf7c9541d700ee80910ef8d0220ff312ebce648c5bec1e663fd8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1997223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1821
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fde-296a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntzueh3PPTvkTSpteyXWs5bY7u199IY%2Fm2ASy1Mg0hXzBTWHibptLszqGUDW2ND5W8EB4j3qH2tnrIYv6Z1EJfZBW8Ok%2BWhhkLlJit7EJDw1aKV1e0UEYuTBP78BUFySBBwLn7zWQnzAj96NNQB0DuJp"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68f7d4c70f304ebc-FRA
expires: Tue, 06 Sep 2022 05:52:52 GMT

GET
H2 200 summernote-bs3.min.css
cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/ 108 KB
13 KB 35ms
17ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/summernote-bs3.min.css

Requested by

Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f115537e496e739219369c034a7f579774a7e280d9121d450b397e1fae14839

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12472122
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12311
cf-request-id: 09a75dd52400002c3651aca000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fde-1af7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wtr16MVqx5%2FT22wUTXikyDXYB24%2BI4hteYBVz2xyEptxhwWvrOYHMJWo8etuK6ygs%2BzvUPj4pUzzDcnYyTNEWBShsy%2FKKxNkqywP3RbzpTjm%2FZEymKIQcxNT11jn3FBuCb7ztlqR%2BQJSP4XmruTw9hTY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68f7d4c70f334ebc-FRA
expires: Tue, 06 Sep 2022 05:52:52 GMT

GET
H2 200 animate.min.css
cdn.jsdelivr.net/animatecss/3.2.0/ 56 KB
4 KB 24ms
6ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/animatecss/3.2.0/animate.min.css

Requested by

Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

75e515b760b09638008dcdea00101f2d8d09135f9306d11eafac21c64f5e31c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 570322
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4206
etag: W/"e088-Z3HZuX6HLe1CG5UU2FfQAcLxUuI"
x-served-by: cache-fra19150-FRA
date: Thu, 16 Sep 2021 05:52:52 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 hotaru_css_1579520224.css
xyupload.com/cache/css_js_cache/ 10 KB
3 KB 16ms
14ms Stylesheet
text/css 2606:4700:3030::ac43:a128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xyupload.com/cache/css_js_cache/hotaru_css_1579520224.css
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a93a80a679bc28da6416099aa8d16eff66be8b91e7e7f00f0e5e732f2b7edd9

Request headers

:path: /cache/css_js_cache/hotaru_css_1579520224.css
pragma: no-cache
cookie: PHPSESSID=ccmtoqucodrq7p1a4dfefv6he2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: xyupload.com
referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 477666
cf-polished: origSize=10651
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 10 Sep 2021 17:11:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f162eeYaTqxYfr9vE66lZpZCH1BIGnBzWOwRIg2A3yhjt4fSqo%2FKPLsgz%2BLn0TwbG%2B%2FPcvoL4pcbE%2FeExLvgVc3Zho2f4yw%2BWu2UavA37KC5rvmnMixqSAPGWNpLY7bNBMoyHp6csr06M1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 68f7d4c6fe874abd-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 252ms
86ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,700,300

Requested by

Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd109685aad091ac9e233f99deedc4ff3aa2302a7d7d8a7064d6a14d1f87db77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 04:25:36 GMT
server: ESF
date: Thu, 16 Sep 2021 05:52:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Sep 2021 05:52:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
678 B 253ms
86ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,200,200italic,300,300italic,400italic,600,600italic,700,700italic,900&subset=latin,latin-ext

Requested by

Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e449283936daf9239f7c939da9e17d0d1f5819b822224b876085d00618f19ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 05:52:52 GMT
server: ESF
date: Thu, 16 Sep 2021 05:52:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Sep 2021 05:52:52 GMT

GET
H2

200

banners Show response
mybetterdl.com/adServe/
Redirect Chain

https://p336138.clksite.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true
https://mybetterdl.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true

80 KB
31 KB

406ms
134ms

Script
text/javascript

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://mybetterdl.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 863d70da2be85e093706c221a8b70493176d1a96401d187ef3cabe6f6b8e2462

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://mybetterdl.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true
date: Thu, 16 Sep 2021 05:52:52 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 repaircontact99.jpg
xyupload.com/content/images/profile_images/ 49 KB
49 KB 58ms
57ms Image
image/jpeg 2606:4700:3030::ac43:a128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xyupload.com/content/images/profile_images/repaircontact99.jpg
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f42a7e2b5f954cadaec0fc92752290a954b361abbd11b59c1798f4c9b8bd880d

Request headers

:path: /content/images/profile_images/repaircontact99.jpg
pragma: no-cache
cookie: PHPSESSID=ccmtoqucodrq7p1a4dfefv6he2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: xyupload.com
referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
cf-cache-status: MISS
last-modified: Thu, 16 Sep 2021 05:52:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vixDg%2BvW2oXAiEMIyxpMFPThVvK5A1dEChj46rVHXO8tFlShP1BEsH6pEbd0OjfSdftdsdKTAIJoMkKHPaFtRSqxjZ1%2BgDCMgdktJvNJVxCyYY8453aF98wMuZ6SzeAZBA%2BHwmEm2dNPKMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 68f7d4cd6ecb4abd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 49893

GET
H2 200 code.js Show response
stagepopkek.com/lv/esnk/1832780/ 101 KB
42 KB 76ms
12ms Script
application/javascript 109.206.162.83
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stagepopkek.com/lv/esnk/1832780/code.js
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 83.162.serverel.net
Software: nginx /
Resource Hash: 8d20eb2ad044f061447795eab625c390875b4f0571deff00987efc5780e176a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 15:15:35 GMT
server: nginx
etag: W/"6130ea97-19277"
vary: Accept-Encoding
content-type: application/javascript
timing-allow-origin: *

GET
H2 404 1
native.propellerclick.com/ 0
0 61ms
13ms Script
text/plain 139.45.197.235
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://native.propellerclick.com/1?z=2871466
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.235 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
x-sc: 4KdnrdofxFOHMlcU
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers: X-Sc
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 7

GET
H2 404 Vancouver_Small..._1622960841_0669.jpg
xyupload.com/content/images/post_images/ 469 B
469 B 53ms
52ms Image
text/html 2606:4700:3030::ac43:a128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xyupload.com/content/images/post_images/Vancouver_Small..._1622960841_0669.jpg
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13d84faa34539f00dda4586c397c08bd09148f1f1d00155859fb235ca7291db1

Request headers

:path: /content/images/post_images/Vancouver_Small..._1622960841_0669.jpg
pragma: no-cache
cookie: PHPSESSID=ccmtoqucodrq7p1a4dfefv6he2; rhid_c=0
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: xyupload.com
referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtjZj5%2BAjdu2irlnsbohy5SPrecxbrEgqE8VLjqLz9sFpStAkFYPc77CwFKTQHC0wHQh69oCOnfGMd8ZWibGLcwaJmSmXjpV%2BjD7P89S8xZaD0oKcsi%2BVfE%2FHH9ltqEr5X3C4pjm8XG7nc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 68f7d4ce4fb14abd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 Sigmakom_com_Domaci_Filmovi_Domace_Serije_Turske_serije_Online_On_Line_1427919320_47.jpg
xyupload.com/content/images/post_images/ 2 KB
2 KB 13ms
12ms Image
image/jpeg 2606:4700:3030::ac43:a128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xyupload.com/content/images/post_images/Sigmakom_com_Domaci_Filmovi_Domace_Serije_Turske_serije_Online_On_Line_1427919320_47.jpg
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95d4656ced9485b7ce8789f7f737d7dd86e2a41501e6cfbbce5a2bd3188166bd

Request headers

:path: /content/images/post_images/Sigmakom_com_Domaci_Filmovi_Domace_Serije_Turske_serije_Online_On_Line_1427919320_47.jpg
pragma: no-cache
cookie: PHPSESSID=ccmtoqucodrq7p1a4dfefv6he2; rhid_c=0
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: xyupload.com
referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Aug 2021 21:21:23 GMT
server: cloudflare
age: 1845090
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRnfZWl3jcfzGItHBUzKeMMrbDbgzxY2pPNt6YZ5cBqzwIZGJ4Ww5GvkT8DyBhEPp65qN%2BG3lqzVs6g5ruxXJzTETO7voA58gzc9i6rtVN3FJqWLqmu7Ryd51ybMxujjwyMp37WuQlD6gUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 68f7d4ce4fb24abd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1804

GET
H2 404 Vatre_ivanjske_2014_Epizoda_65_1427899639_27.jpg
xyupload.com/content/images/post_images/ 479 B
479 B 49ms
48ms Image
text/html 2606:4700:3030::ac43:a128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xyupload.com/content/images/post_images/Vatre_ivanjske_2014_Epizoda_65_1427899639_27.jpg
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7648fa9444605cca1396f40ba1a2100ce5d9f24f4288cd168b6f2edff5769e38

Request headers

:path: /content/images/post_images/Vatre_ivanjske_2014_Epizoda_65_1427899639_27.jpg
pragma: no-cache
cookie: PHPSESSID=ccmtoqucodrq7p1a4dfefv6he2; rhid_c=0
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: xyupload.com
referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2Fu0gm4uB5pnluGvqIFJq%2FZp9%2FmH6NsPJxdWTVFMsobfhBKefLpk%2BP5iA%2BB3q59COTsrsnaI6KZzkh2TTf9%2Bybx53M1c3eNaS1cN3qWRv%2FASF9Bwd%2B6pvvIRCsXFNnqMD97E6kdQsogJOOY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 68f7d4ce4fb34abd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 hotarucms.png
xyupload.com/content/themes/slightlyyellow/images/ 304 B
817 B 14ms
13ms Image
image/png 2606:4700:3030::ac43:a128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xyupload.com/content/themes/slightlyyellow/images/hotarucms.png
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc1e86402ced8ca79531a86c299d37ebd3f1d41b506ec643bb9315b133600dfa

Request headers

:path: /content/themes/slightlyyellow/images/hotarucms.png
pragma: no-cache
cookie: PHPSESSID=ccmtoqucodrq7p1a4dfefv6he2; rhid_c=0
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: xyupload.com
referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Aug 2021 21:21:23 GMT
server: cloudflare
age: 1845090
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6%2FdTyvP8sv1VYWIV4gWrlwiqoMkISQ8ukpAEOSRDkCGwEWHXkHt2ewzA3HzK%2FLNQtRiz7FtjQSVIkYJLFVqjqqEE5CDTfAOxFN9oRAb3e8QqE5wCm%2B%2BGQgMYyscyhsc%2BwmLpAB3sSHk%2BLk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 68f7d4ce4fb44abd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 304

GET
H2 200 rocket-loader.min.js Show response
xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700:3030::ac43:a128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:a128 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma: no-cache
cookie: PHPSESSID=ccmtoqucodrq7p1a4dfefv6he2; rhid_c=0
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: xyupload.com
referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 12:26:08 GMT
server: cloudflare
etag: W/"61375a60-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfkc2yFfjoFmAGGBWSv%2B6fPiocN7kXA9%2B5%2F6R9eR4yuHObOBrBoWfhSFMtovzr6MNorq87PyBiO8AA93chVYE07sqg%2FbD%2BHt8W5%2FayYui1PpXjytNOIsZtpVlmV95%2F4XxwZ%2BPpE4ktW9uJM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f7d4ce4fb54abd-FRA
vary: Accept-Encoding
expires: Sat, 18 Sep 2021 05:52:53 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 59ms
42ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 15:43:35 GMT
server: cloudflare
etag: W/2021.8.2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 68f7d4ce6c342bf2-FRA

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v40/ 31 KB
31 KB 350ms
78ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v40/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xyupload.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 17:32:54 GMT
x-content-type-options: nosniff
age: 303599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31624
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:16:38 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 17:32:54 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 55 KB
56 KB 32ms
18ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Origin: https://xyupload.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 12602233
cdn-cachedat: 2021-04-23 10:04:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56780
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 68bfe85d20fbb4f76e6acc798e571872
accept-ranges: bytes
cf-ray: 68f7d4ce6b942b29-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v10/ 11 KB
12 KB 487ms
216ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v10/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,200,200italic,300,300italic,400italic,600,600italic,700,700italic,900&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xyupload.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 13:19:34 GMT
x-content-type-options: nosniff
age: 59599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11720
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 00:00:00 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 13:19:34 GMT

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v10/ 12 KB
12 KB 462ms
191ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v10/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,200,200italic,300,300italic,400italic,600,600italic,700,700italic,900&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fa20d91c9e94f0dcd1398f5e8909706c437748ca1800616ee76deb6cefbdf03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xyupload.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:09:49 GMT
x-content-type-options: nosniff
age: 178984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12356
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 00:07:27 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 04:09:49 GMT

GET
H2 200 1789854 Show response
mailwithcash.com/get/ 3 KB
2 KB 16ms
16ms Script
text/javascript 109.206.162.83
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mailwithcash.com/get/1789854?zoneid=1789854&jp=_clmevkey8w2dl4fzxg40bs&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0
Requested by: Host: mailwithcash.com
URL: https://mailwithcash.com/aas/r45d/vki/1789854/tghr.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 83.162.serverel.net
Software: nginx /
Resource Hash: 90e2beda59e97d315fdaae03d04bb46b5c8893e56266390ee4759d7db46b4823

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 1832780 Show response
stagepopkek.com/get/ 2 KB
1 KB 16ms
16ms Script
text/javascript 109.206.162.83
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stagepopkek.com/get/1832780?zoneid=1832780&jp=_clfto6zyxhlnlpb6prjezl&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=undefined&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0
Requested by: Host: stagepopkek.com
URL: https://stagepopkek.com/lv/esnk/1832780/code.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 83.162.serverel.net
Software: nginx /
Resource Hash: 5fc5b9437485b4b5de3963e1b2dde784c0a5c68710c83a247a7e1998249302b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET style.css
eergaroa.com/ 0
0

GET
H2 200 knockout.mapping.min.js Show response
cdnjs.cloudflare.com/ajax/libs/knockout.mapping/2.4.1/ 10 KB
3 KB 15ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/knockout.mapping/2.4.1/knockout.mapping.min.js

Requested by

Host: xyupload.com
URL: https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81a1a86cd93570f6a3d1a6dc566c99c5462008fb2e7822703798b80e30b8052d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 270262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3143
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ecf-28fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnbZO%2FQ2Bt5OyR8tJ0CgcDghVKcDbof6TynHxQzFbx4DENNIrDUZqiN5P%2BFo49KSQ4%2B1Lry8EY%2F5Ke2N%2B9SFd%2FHcU9aRkyfQL%2Bx9pw2GOdrIEysijobYPqk484DczDW7Mm6UOo81WIlMKRNjBc6%2F81Wz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68f7d4d01ab24ebc-FRA
expires: Tue, 06 Sep 2022 05:52:53 GMT

GET
H2 200 knockout-min.js Show response
cdnjs.cloudflare.com/ajax/libs/knockout/3.2.0/ 53 KB
18 KB 15ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/knockout/3.2.0/knockout-min.js

Requested by

Host: xyupload.com
URL: https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e25a7723726c566cfc2a659482bba6fc00596edcd90837388346e8d11070d165

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 24637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17751
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ecf-d371"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cmanQ37%2BLbUst%2FXseQz4OFOTKKsjkNxtA7L7KYzJW9S194zBFRFZq1JmR0BVfV3A4EdxG96yxAO7Ty3zVL83rVVxtxinIeHaTD%2FLXkyT3kXPvt2uh%2B7sXyjNWt6MofploSSaHml62w3WyCmx1bDcPpc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68f7d4d01ab54ebc-FRA
expires: Tue, 06 Sep 2022 05:52:53 GMT

GET
H2 200 summernote.min.js Show response
cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/ 72 KB
20 KB 22ms
20ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/summernote.min.js

Requested by

Host: xyupload.com
URL: https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

875e306562c94989638b19ec0227a0007fc3fe1482f432e5e7925ddfe3d04813

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6168025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20127
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fde-120fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBvTm%2FRK2Bcl2jasfXddZLRzgqNj7y3HBpsOdPte7lsbz52l9%2FVaKeXC2umLTxYmeCaBQskZ5fuDGoa3IhpnK8eiJZMMppdt%2FJ7x4NYixDH415dF1ZLN5wNwrWJY6c23UK%2Bv7IzpvJzQLmiQOE%2BFwEz%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68f7d4d01ab74ebc-FRA
expires: Tue, 06 Sep 2022 05:52:53 GMT

GET
H2 200 hotaru_js_1627555275.js Show response
xyupload.com/cache/css_js_cache/ 9 KB
3 KB 48ms
46ms Script
text/javascript 2606:4700:3030::ac43:a128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xyupload.com/cache/css_js_cache/hotaru_js_1627555275.js
Requested by: Host: xyupload.com
URL: https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c9e594b30e7f07da7be7026a5544294ede153ca3af7fc1d06573a50fbaee16

Request headers

:path: /cache/css_js_cache/hotaru_js_1627555275.js
pragma: no-cache
cookie: PHPSESSID=ccmtoqucodrq7p1a4dfefv6he2; rhid_c=0
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: xyupload.com
referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0Rb%2FF7MqsrgYFE9xTc%2FaQlAkOmX2yvkscP%2BCDDXywJ1%2BgyskK4BB6KU5%2BWgYubgtGxI3LWj74H5xs6H1H0flLaxqGfNPq2bsEjtJJBG5%2Fnw1q0%2FEKfwEUkAhJiqa%2B4E6Ncanh8s9ZH32Tc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, private
cf-ray: 68f7d4d019e34abd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/ 35 KB
10 KB 16ms
14ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js

Requested by

Host: xyupload.com
URL: https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 718
age: 15323163
cdn-cachedat: 2021-03-11 11:57:55
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 1d4be5fddad4a0a9241728c5f5457839
cf-ray: 68f7d4d01a996916-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 load2.js Show response
tags.h12-media.com/ 244 KB
90 KB 110ms
40ms Script
application/javascript 154.51.131.141
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.h12-media.com/load2.js
Requested by: Host: xyupload.com
URL: https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.51.131.141 Windsor, United Kingdom, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: eb88b43b6cbbc83daac9dfc061d9c76e8d238444052928e7cd18dbfc2f441b9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: gzip
etag: "b358b0f43991d71:0"
last-modified: Sat, 14 Aug 2021 18:26:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 92371

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
30 KB 94ms
21ms Script
text/javascript 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: xyupload.com
URL: https://xyupload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 15:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 15:12:48 GMT

GET
H2 200 / Show response
ilusors.com/ssp/req/1789854/ 7 B
190 B 57ms
13ms Script
text/javascript 109.206.162.83
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ilusors.com/ssp/req/1789854/?pb=30ca8073118c9d03efbe57b34586b4b11631778773&psp=ANW2jXy4ICAqKx68ers9Ok73Swt9e3s1IdSm2QnBHoWm6V4HAPGaCezHoMHATO4pY48tsdzq-IW_bFL2gh_7ENix5lfoZfDHwfrQ0PkNIaECGa4_Mp7C5YoyK5rqKBR_AnqX6s3gUPd-CqD1z5hZE0fsFZaCY1yR3aYwG_rBoJgLeP8z_Io9Sm6PydDyY3Drhn0VLjjKpclLPyS8AmZtiEzVJ6tNIRTjKvTfGdJOWq29bSSUpsK9JEcxsGh2dCyhSveG6I8wOh_l_4qJtwJrNJGs4yr8VnrhzbpGdkkqiRcWqmFheTepc4KnbgWZfV218Xlg2nVRm2coFSevt89v8EEKpYjMRl3PUP43gfmY-ZsWKYFP5jG5xpyTBLIm5_XokVGDx0Z3CICpxxGyogCTEL2Xvx1782QCSoLT1ZcYnM6Xjb0DcKai0StwdGhnZfmpD6KUofdW-6O0LKBWBuJ-InAaMAnah2TIFyAyGM4ZPM0Q_fSPZgfTguCrb9D4bk7x-2f15N42t9LzL16NgvO6bIy5EQFyCBuS-VuoZq-eqzsFAJ14X7o3Ps4KkDHOyZ9pklji_AwoccT-zyHaIvusowJC-pd9orR-FbTTLmkRdvN-OeST_v7qqbfnC2IO1PiSz7wa0XaBqd_KuJUAQIRICNrHOl1yCk8Lw8G2cJ8VwfFxsnUR79ypH6whhlAeFvMci_3LSfw=&cb=_clvjnyxwh0xl7ocd7zsrsr&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24
Requested by: Host: mailwithcash.com
URL: https://mailwithcash.com/aas/r45d/vki/1789854/tghr.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 83.162.serverel.net
Software: nginx /
Resource Hash: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
server: nginx
timing-allow-origin: *
content-length: 7
content-type: text/javascript

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
542 B 40ms
12ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/3680812

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

cd827258b2330f2641a3401a20711ee201f14eff0e7951e5a5104b497b479844

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xyupload.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 937cd451aeb6215d274b679dd0c53ba2b7a09601.gif
cdn.bncloudfl.com/bn/937/cd4/51a/ Frame 552E 3 KB
4 KB 75ms
26ms Image
image/webp 2606:4700:10::6816:ec6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bncloudfl.com/bn/937/cd4/51a/937cd451aeb6215d274b679dd0c53ba2b7a09601.gif
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:ec6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c328ca534c20dba0cd70c037af923b2586654a9e747691a1fb73105307c105d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
x-openstack-request-id: tx146cc2e0529d4aed91a4a-0060cb5980
cf-cache-status: HIT
age: 27644
cf-polished: origFmt=gif, origSize=6094
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
content-disposition: inline; filename="937cd451aeb6215d274b679dd0c53ba2b7a09601.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-trans-id: tx146cc2e0529d4aed91a4a-0060cb5980
accept-ranges: bytes
expires: Fri, 17 Sep 2021 22:12:09 GMT
last-modified: Wed, 28 Apr 2021 13:02:26 GMT
server: cloudflare
etag: 20b25b4ebf96788d68dda5fa29f2da44
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-timestamp: 1619614945.32862
cache-control: max-age=432000
content-length: 3104
cf-ray: 68f7d4d0bf74dfbf-FRA
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache: HIT
cf-bgj: imgq:100,h2pri

GET
H/1.1 204
No Content logo.png
hoawhaum.net/ 0
759 B 75ms
18ms Image
text/plain 139.45.197.89
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hoawhaum.net/logo.png?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yODcxNDY3

Requested by

Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.89 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1, max-age=1
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://xyupload.com/
Origin: https://xyupload.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:52:53 GMT
X-Sc: 4KdnrdofxFOHMlcU
Server: nginx
Strict-Transport-Security: max-age=1, max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://xyupload.com
Access-Control-Expose-Headers: X-Sc
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length: 7
X-Content-Type-Options: nosniff, nosniff

GET
H2 200 3680812 Show response
in-page-push.com/500/ 1 KB
1 KB 123ms
123ms XHR
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/500/3680812?excludes=&oaid=a25db32154be49e3b3a2209da407893d&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fxyupload.com%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/3680812

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

18d1cab3e044f4d56cca7b3dca4a01fa3712c2c801cbe64900f0bb03a78ce56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://xyupload.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: b76a7719b28648e1b6f3501fb155fb4b
pragma: no-cache
date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://xyupload.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 3680812
in-page-push.com/500/ Frame 0
0 38ms
12ms Preflight 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://xyupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 16 Sep 2021 05:52:53 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://xyupload.com
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 chicken.gif
stagepopkek.com/ Frame 552E 43 B
358 B 13ms
12ms Image
image/gif 109.206.162.83
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stagepopkek.com/chicken.gif?z=1832780&pb=30ca8073118c9d03efbe57b34586b4b11631778773&psp=GfEJ5CrGjJ_bF5WoVr5L1tEuk4QtrMJb_HvWgPpHnBghpW6Uala_vZRhnvWKcpSIcDbz6YZIvOuF1lF-L4Hq78rpJjLV5rFigWCUirYX8dTZrnU0EJNo18t9w0_fIiSl4_RODT2sxxhctlKbc4cSj7dIfDKMfmomGjgRC3acolUETFiXDU4zlvQ90B_bir8vLb_24LjekI8hxLNtLS3kX4ZL-dqi3LQ5XMG4QNPcVwABnKRFTi1pbpA2_qS32Dh0fYNTGmIQXB8yFf4JXdf_pC0mo84XONXJTy5LQkeNnyPARBetj9PxoM1zhNkRHU8uvLQPoOaLUgw95W2_QQqPOh3bpJj69JR4n9OQKiiPU6ZXvMlgl-fgDifJ5iJs7wlZzZ75LF7Epl5t6QBZkqw8rGLJZJ4j3snsDz7rMi21hT3nue_hsHWoMGDqeayEJ_004XkiTcPfNTUr_FfuMKgUS6fe
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 83.162.serverel.net
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
server: nginx
timing-allow-origin: *
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content config.json Show response
hoawhaum.net/ 0
594 B 32ms
31ms XHR
text/plain 139.45.197.89
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hoawhaum.net/config.json

Requested by

Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.89 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1, max-age=1
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://xyupload.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Token: aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yODcxNDY3

Response headers

Date: Thu, 16 Sep 2021 05:52:54 GMT
X-Content-Type-Options: nosniff, nosniff
Server: nginx
Strict-Transport-Security: max-age=1, max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://xyupload.com
Access-Control-Expose-Headers: X-Sc
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Token,Content-Type
Content-Length: 7

OPTIONS
H/1.1 200
OK config.json
hoawhaum.net/ Frame 0
0 49ms
12ms Preflight 139.45.197.89
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hoawhaum.net/config.json

Protocol

HTTP/1.1

Server

139.45.197.89 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1 max-age=1
X-Content-Type-Options	nosniff nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: token
Origin: https://xyupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 16 Sep 2021 05:52:53 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://xyupload.com
Access-Control-Allow-Headers: Token,Content-Type,X-Log-Type
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=1 max-age=1
X-Content-Type-Options: nosniff nosniff
Timing-Allow-Origin: * *

GET
H2

200

banners Show response
mybetterdl.com/adServe/
Redirect Chain

https://clksite.com/adServe/banners?tid=336138_654829_2&pause=5
https://mybetterdl.com/adServe/banners?tid=336138_654829_2&pause=5

79 KB
30 KB

266ms
265ms

Script
text/javascript

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://mybetterdl.com/adServe/banners?tid=336138_654829_2&pause=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 0026328fbb1d1c6f697b6c84c42a18dc9b9f253f7c8083c72a9037c8a12e6cd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 05:52:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://mybetterdl.com/adServe/banners?tid=336138_654829_2&pause=5
date: Thu, 16 Sep 2021 05:52:54 GMT
server: nginx
content-length: 178
content-type: text/html

GET
H2

200

banners Show response
mybetterdl.com/adServe/
Redirect Chain

https://clksite.com/adServe/banners?tid=336138_654829_1&tagid=2
https://mybetterdl.com/adServe/banners?tid=336138_654829_1&tagid=2

79 KB
31 KB

138ms
137ms

Script
text/javascript

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://mybetterdl.com/adServe/banners?tid=336138_654829_1&tagid=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 83da068807b840d596e84fb84a021081aa525f0ef69b8126a1e6ea840f70d098

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 05:52:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://mybetterdl.com/adServe/banners?tid=336138_654829_1&tagid=2
date: Thu, 16 Sep 2021 05:52:54 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 ipp_tag_95-5.js Show response
p336138.mycdn.co/banners/script/ 166 KB
50 KB 90ms
6ms Script
application/javascript 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://p336138.mycdn.co/banners/script/ipp_tag_95-5.js
Requested by: Host: p336138.clksite.com
URL: https://p336138.clksite.com/adServe/banners?tid=336138_739198_2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4bbbf3a099825205a2c718ea7594e2039ee888e5677b7c774147ca5bc4007d38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2020 13:32:59 GMT
server: NetDNA-cache/2.2
etag: W/"5e2ee68b-299b5"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31104000
expires: Sun, 11 Sep 2022 05:52:54 GMT

GET
H2 200 rhpop_80.2-1.js Show response
p336138.mycdn.co/script/ 174 KB
67 KB 103ms
19ms Script
application/javascript 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://p336138.mycdn.co/script/rhpop_80.2-1.js
Requested by: Host: p336138.clksite.com
URL: https://p336138.clksite.com/adServe/banners?tid=336138_739198_2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 93a4512f74d4f46b230b4a335f956c14688561bd60a9c2e307ccb413c4fd6f4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
content-encoding: gzip
last-modified: Mon, 24 Jun 2019 11:33:16 GMT
server: NetDNA-cache/2.2
etag: W/"5d10b4fc-2b75b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31104000
expires: Sun, 11 Sep 2022 05:52:54 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 251ms
79ms Script
text/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4321
date: Thu, 16 Sep 2021 04:40:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 16 Sep 2021 06:40:53 GMT

GET
H2 200 apu.php Show response
otrwaram.com/ 3 KB
2 KB 73ms
14ms XHR
application/json 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://otrwaram.com/apu.php?zoneid=1469020&oo=1

Requested by

Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

36856e41c4e090b23480095ac73f2e34d0b0f73087c963a041f6dd27276fe28a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-max-age: 86400
x-trace-id: 2c9f22f577fd531566b07b4eef61ae48
pragma: no-cache
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://xyupload.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lilureem.com>; rel="preconnect dns-prefetch"
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 tag.min.js Show response
otrwaram.com/ 62 KB
21 KB 85ms
25ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://otrwaram.com/tag.min.js

Requested by

Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

8500adbdb33cd90ec1df8e086c0d59373af6fdedf587dedb64a38683086cd226

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
access-control-max-age: 86400
content-length: 20520
x-trace-id: b51cc43929105a9bd16c1697b9df4d1a
pragma: no-cache
last-modified: Wed, 15 Sep 2021 09:42:29 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ 2 KB
3 KB 72ms
13ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:52:54 GMT
Last-Modified: Thu, 01 Jul 2021 09:13:54 GMT
Server: nginx
ETag: "60dd8752-86d"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 2157

GET
H2 200 / Show response
f.h12-media.com/ 31 B
662 B 75ms
40ms XHR
application/json 2606:4700:3036::ac43:a640
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://f.h12-media.com/
Requested by: Host: tags.h12-media.com
URL: https://tags.h12-media.com/load2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET, ARR/3.0
Resource Hash: ec073fa2fb94aa8f3e572981ab4f905d3f7ec313757a2d3e48f3a574eba90e36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET, ARR/3.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDO7bTQR9oTbEx%2Ftfn33dsDEZ31cnIalWamm%2BhjMhMvXDoXQWBKNBro4x1%2BrC7vAzJIRxAy1pXkrWpqe249BUFdceMwLR%2BR%2BhLbQcf%2Fr4RGl5zqkuGFsVDGI97v8c1FN5AVF%2BsktSLn9YhoS0pg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600,private
cf-ray: 68f7d4d1fb6768f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 rum Show response
xyupload.com/cdn-cgi/ 0
211 B 9ms
9ms XHR
text/plain 2606:4700:3030::ac43:a128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xyupload.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:a128 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://xyupload.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: PHPSESSID=ccmtoqucodrq7p1a4dfefv6he2; rhid_c=0
content-length: 1490
:path: /cdn-cgi/rum?
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: xyupload.com
referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://xyupload.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 68f7d4d1cc484abd-FRA
vary: Origin

GET
H2 200 tags.js Show response
tags.h12-media.com/v3/ Frame A1F4 19 KB
8 KB 67ms
66ms Script
application/x-javascript 154.51.131.141
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%222a01%3A4f8%3A212%3A78e%3A30%3A%3A1%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickysmart%22%2C%22pubid%22%3A%225cdaacef9be0bc5b971260214ca88323%22%2C%22adunitid%22%3A%2222440%22%2C%22topurl%22%3A%22https%3A%2F%2Fxyupload.com%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22lnzuxr11m39%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A4%2C%22hourofday%22%3A5%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22ltr%22%2C%22cdims%22%3A%5B1600%2C1200%5D%2C%22ddims%22%3A%5B1600%2C2075%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B0%2C50%5D%2C%22maxwidth%22%3A1600%2C%22maxheight%22%3A1200%7D&rnd=0.4159235455650778
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.51.131.141 Windsor, United Kingdom, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: c0d83d3b9a7a903f3514ff12e107cb7243caf37448756bc979efc20e7eb94155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
vary: Accept-Encoding
content-type: application/x-javascript; Charset=UTF-8
access-control-allow-origin
cache-control: no-store,no-cache,max-age=0,private
access-control-allow-credentials: true
srg-x: x-.174
content-length: 7770

GET
H2 200 fac.php Show response
onmarshtompor.com/ Frame 0FF5 203 B
833 B 53ms
12ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php?OAID=780e76e1149140889fcd85c90cedf7e8&oaidts=1631771574

Requested by

Host: otrwaram.com
URL: https://otrwaram.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2d14b8ef84f82c15c85f8cfeb2764d522dcdb18715b7c61f2888df2d23a6dd73

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onmarshtompor.com
:scheme: https
:path: /fac.php?OAID=780e76e1149140889fcd85c90cedf7e8&oaidts=1631771574
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://xyupload.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/

Response headers

server: nginx
date: Thu, 16 Sep 2021 05:52:53 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: fe0179678ade22333058c849525a2f95
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
set-cookie: OAID=780e76e1149140889fcd85c90cedf7e8; expires=Fri, 16 Sep 2022 05:52:54 GMT; path=/; secure; SameSite=None oaidts=1631771574; expires=Fri, 16 Sep 2022 05:52:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H2 200 img.gif
my.rtmark.net/ Frame 0FF5 43 B
490 B 13ms
13ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=780e76e1149140889fcd85c90cedf7e8

Requested by

Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=780e76e1149140889fcd85c90cedf7e8&oaidts=1631771574

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onmarshtompor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 prebid3_2.1.js Show response
tags.h12-media.com/v3/ Frame A1F4 489 KB
153 KB 48ms
48ms Script
application/javascript 154.51.131.141
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.h12-media.com/v3/prebid3_2.1.js
Requested by: Host: tags.h12-media.com
URL: https://tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%222a01%3A4f8%3A212%3A78e%3A30%3A%3A1%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickysmart%22%2C%22pubid%22%3A%225cdaacef9be0bc5b971260214ca88323%22%2C%22adunitid%22%3A%2222440%22%2C%22topurl%22%3A%22https%3A%2F%2Fxyupload.com%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22lnzuxr11m39%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A4%2C%22hourofday%22%3A5%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22ltr%22%2C%22cdims%22%3A%5B1600%2C1200%5D%2C%22ddims%22%3A%5B1600%2C2075%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B0%2C50%5D%2C%22maxwidth%22%3A1600%2C%22maxheight%22%3A1200%7D&rnd=0.4159235455650778
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.51.131.141 Windsor, United Kingdom, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: aa891bdea1635a237ec0fd8d65be674c5fcfb1333fa6c7a1df13b6d846d4802c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: gzip
etag: "29a8959a8490d71:0"
last-modified: Fri, 13 Aug 2021 20:48:43 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 156392

GET
DATA 200
OK truncated
/ Frame A1F4 488 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15fc980e2d05cf9333045a7ba43b3b4cbfd7e61e1eb9b47be00f01ce1e14589f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 it-ui-comp-ipp-bnr.css
p336138.mycdn.co/uicomp/styles/dist/95-5/ 397 B
455 B 6ms
6ms Stylesheet
text/css 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://p336138.mycdn.co/uicomp/styles/dist/95-5/it-ui-comp-ipp-bnr.css
Requested by: Host: p336138.mycdn.co
URL: https://p336138.mycdn.co/banners/script/ipp_tag_95-5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4c526f1f7d947231ba673d79d48a4220cf71607988099ef0b505f7ed7fb54759

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2020 13:33:09 GMT
server: NetDNA-cache/2.2
etag: W/"5e2ee695-18d"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31104000
expires: Sun, 11 Sep 2022 05:52:54 GMT

GET
H2 200 findBanner Show response
mybetterdl.com/adServe/banners/ 27 B
487 B 313ms
313ms Script
text/javascript 173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://mybetterdl.com/adServe/banners/findBanner?num=1&keyword=QuickBooks%202021%20Will%20Not%20Export%20To%20Excel%2C%20QuickBooks%20Will%20Not%20Export%20To%20Excel%2C&tid=336138_739198_2&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp336138.mycdn.co&bs=undefined&referrer=https%3A%2F%2Fxyupload.com%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F&ap=cmp%3DIN_PAGE_PUSH%26evp%3DkOVXwtraawAocrf-j9es65oBu3I_znsrtuceWIhPli4-lrhJew3VlTz5tbtGv0zW%26sjv%3D132.1%26ctid%3D0%26th%3D1200%26tw%3D1600%26inco%3D0%26tip%3DEasy%2520Ways%2520To%2520Fix%2520QuickBooks%25202021%2520Will%2520Not%2520Export%2520To%2520Excel%2520%25C2%25AB%2520xyupload.com&pid=336138&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0xJmk9MCZvPTAmc29fZmI9LTEmc29fZ289LTEmc29fZ3A9LTEmc29fdHc9LTEmc3A9MDAwMDAwMDAwMDEwMDAwMDAwMDAwMDAmbW1fbW49MCZtbV9hcz0wJm1tX2FkPTAmbW1fbXQ9MCZtbV9zYz0wJm1tX3NkYz0wJm5jcnM9NA%3D%3D&olive=1&callback=ITC41e2983btl3
Requested by: Host: p336138.mycdn.co
URL: https://p336138.mycdn.co/banners/script/ipp_tag_95-5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 4ddcfd2c525730de3f4bf7affdf461ed89302177d0dac77b0f800ec508540ba7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 05:52:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
content-type: text/javascript;charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
onmarshtompor.com/ 2 KB
2 KB 15ms
15ms Fetch
application/json 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/?rb=zYYcx0H_8e65w6XXNpeV3chNQjx2i5Iv8novGmDDWt0cTkNkZ_0-ntMylsqfhdyLYT5m3hLgzRkyjRInQKeccfrPoA9NqEWPkIyHr_OVpC-kzXXCPZ0PMemx24BbRWyMOQSjUcNO_jfLuJacQ0tn8WQD4zYn5qOgkpSQWho4mNjfabxGNBF64RE7WCMprrjfDh3Hf6mkoLoaa7AmvlcNpBierJi6BfDaJI0vbPDLWXq9Wq05eIBFU-OympYjBNAY9KiPxjWgeeK28r3GSW1WFO2nDUM%3D&zoneid=1469020&request_ab2=0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fxyupload.com%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=2&bs=6b4e76cd-d28c-4a39-af93-af2e9c5de99e&m=link

Requested by

Host: otrwaram.com
URL: https://otrwaram.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f2dfd864b07fc257bbc32fb6cdbb7d6edaea333c5f8f6066b6b23a6bec683e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 05:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://xyupload.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 52ms
13ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxyupload.com%2F&domain=xyupload.com&gdprString=CPMnJUfPMnJUfAcACBENBVCsAP_AAH_AACiQHsNf_X__b39j-_59__t0eY1f9_7_v-0zjhfdt-8N2f_X_L8X42M7vF36pq4KuR4Eu3LBIQNlHOHUTUmw6okVrTPsak2Mr7NKJ7LEinMbe2dYGHtfn91TuZKYr_78_9fz__-__v___9f3r-3_3__p9X---_e_V399xLv9__wPVAJMNS-ACzEscGSaNKoUQIQrCQ6AUAFFCMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJUggWBkAAA.YAAAAAAAAAAA&cw=1&lsw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://xyupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://xyupload.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1526
date: Thu, 16 Sep 2021 05:52:53 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame A1F4
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxyupload.com%2F&domain=xyupload.com&gdprString=CPMnJUfPMnJUfAcACBENBVCsAP_AAH_AACiQHsNf_X__b39j-_59__t0eY1f9_7_v-0zjhfdt-8N2f_X_L8...
https://mug.criteo.com/sid?cpp=FEvKKHxLWWdXVWRrZ3FpUXFzSUx5UGpENjlBSS9UazdJNkFxQ2Rid0pEdGprQzZqYTlZSnJ6QXpkRUNmbjhBZkhwNlV6eW1UbFZaYXZCMVRqS3NlYWdscHhWb1Z6aTB6UVoxWWU2dW05UERpano1L1B3TlpMR0FwZlVLck...

339 B
602 B

48ms
17ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=FEvKKHxLWWdXVWRrZ3FpUXFzSUx5UGpENjlBSS9UazdJNkFxQ2Rid0pEdGprQzZqYTlZSnJ6QXpkRUNmbjhBZkhwNlV6eW1UbFZaYXZCMVRqS3NlYWdscHhWb1Z6aTB6UVoxWWU2dW05UERpano1L1B3TlpMR0FwZlVLckZDSXY0U20wd05vT0pBZDl4TnpIckdjZk1wQUJWdE1VZDhaY0lDZTllVnY3Vjlqb29mUGVoOWpMaDdidkJ1RDRUSk0vMUVmNFpFNFkrY3NPcGNySGt2dFgwc0d6QVFQdDFHZUNvRW05Mm4rSWlhZXRvNDZnPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

dabff04d324c55e9010f21a739f30cecbabbb7a8e2c9578e0ace4c2ebc4dadf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 16 Sep 2021 05:52:54 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2395
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 16 Sep 2021 05:52:53 GMT
location: https://mug.criteo.com/sid?cpp=FEvKKHxLWWdXVWRrZ3FpUXFzSUx5UGpENjlBSS9UazdJNkFxQ2Rid0pEdGprQzZqYTlZSnJ6QXpkRUNmbjhBZkhwNlV6eW1UbFZaYXZCMVRqS3NlYWdscHhWb1Z6aTB6UVoxWWU2dW05UERpano1L1B3TlpMR0FwZlVLckZDSXY0U20wd05vT0pBZDl4TnpIckdjZk1wQUJWdE1VZDhaY0lDZTllVnY3Vjlqb29mUGVoOWpMaDdidkJ1RDRUSk0vMUVmNFpFNFkrY3NPcGNySGt2dFgwc0d6QVFQdDFHZUNvRW05Mm4rSWlhZXRvNDZnPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://xyupload.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2110
content-length: 482
expires: 0

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2d2a6/1/xyupload.com/ Frame A1F4
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/2d2a6/1/xyupload.com/ROS?rnd=0.119616918668223&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x600%2B2...
https://ads.us.e-planning.net/hb/1/2d2a6/1/xyupload.com/ROS?ct=1&r=pbjs&rnd=0.119616918668223&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A1...

234 B
554 B

17ms
17ms

XHR
application/json

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2d2a6/1/xyupload.com/ROS?ct=1&r=pbjs&rnd=0.119616918668223&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x600%2B250x250_0%3A250x250%2B970x250_0%3A970x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90%2B468x60_0%3A468x60&ur=https%3A%2F%2Fxyupload.com%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F&r=pbjs&pbv=4.39.0&ncb=1&vs=FFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fxyupload.com%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F&gdpr=1&gdprcs=CPMnJUfPMnJUfAcACBENBVCsAP_AAH_AACiQHsNf_X__b39j-_59__t0eY1f9_7_v-0zjhfdt-8N2f_X_L8X42M7vF36pq4KuR4Eu3LBIQNlHOHUTUmw6okVrTPsak2Mr7NKJ7LEinMbe2dYGHtfn91TuZKYr_78_9fz__-__v___9f3r-3_3__p9X---_e_V399xLv9__wPVAJMNS-ACzEscGSaNKoUQIQrCQ6AUAFFCMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJUggWBkAAA.YAAAAAAAAAAA&pubcid=62acced1-4488-491b-87f2-5adeb3639e52
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ec7fdb3670e7930a73c32cd966ab2d2e66c2a44888afb9cb099f75556755d5ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://xyupload.com
expires: Thu, 16 Sep 2021 05:52:54 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 234
x-sid: AMS-607

Redirect headers

date: Thu, 16 Sep 2021 05:52:54 GMT
server: openresty
access-control-allow-origin: https://xyupload.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2d2a6/1/xyupload.com/ROS?ct=1&r=pbjs&rnd=0.119616918668223&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x600%2B250x250_0%3A250x250%2B970x250_0%3A970x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90%2B468x60_0%3A468x60&ur=https%3A%2F%2Fxyupload.com%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F&r=pbjs&pbv=4.39.0&ncb=1&vs=FFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fxyupload.com%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F&gdpr=1&gdprcs=CPMnJUfPMnJUfAcACBENBVCsAP_AAH_AACiQHsNf_X__b39j-_59__t0eY1f9_7_v-0zjhfdt-8N2f_X_L8X42M7vF36pq4KuR4Eu3LBIQNlHOHUTUmw6okVrTPsak2Mr7NKJ7LEinMbe2dYGHtfn91TuZKYr_78_9fz__-__v___9f3r-3_3__p9X---_e_V399xLv9__wPVAJMNS-ACzEscGSaNKoUQIQrCQ6AUAFFCMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJUggWBkAAA.YAAAAAAAAAAA&pubcid=62acced1-4488-491b-87f2-5adeb3639e52
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-607

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame A1F4 0
185 B 218ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.39.0&cb=75914516370
Requested by: Host: tags.h12-media.com
URL: https://tags.h12-media.com/v3/prebid3_2.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xyupload.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://xyupload.com
date: Thu, 16 Sep 2021 05:52:53 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ Frame A1F4 1 KB
856 B 253ms
24ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: tags.h12-media.com
URL: https://tags.h12-media.com/v3/prebid3_2.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: a14637c58f9961d292d31f136f895999b0d544c00a25a300923291b411faba9f

Request headers

Referer: https://xyupload.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 16 Sep 2021 05:52:54 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://xyupload.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 569

POST
H2 200 / Show response
bidder.h12-media.com/prebid/ Frame A1F4 1 KB
1 KB 332ms
313ms XHR
application/json 154.51.131.141
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.h12-media.com/prebid/?payload=8wCotIxh_jfxEPkh54RR0dQpWp-H3P9lebWHZfYsbqA_c-nJARGGa2mD5QxtoJrIWh5FXc_GdP_3M8dcWKairFr-R3Zr5HJTBaXObGUyL5sBnpIAv4A_slOtAFU8M1Iyt4GSwbTqu-wuNgv_zNJzJJZy6HAlsGDjwKjsCqm_qzV5T6oAy5atxotT0xyfBu-yNZ1T1qLx_d_h-SzLTi02xFdnKJSZ_NFcOEmMJBdeGxAY-vZsPnb4t8_3195Q8V8AHpwlLBX97Rlh_5DycFYt3iie5dCVEkLwGOn08GqP7k80Smyf1jXsTiLVzKHkSfKfgVXZWBgT0AEU1nZJUdL7vK6hB_mxv1w7BEWhy4luAiC7GENKrgRMJ0VUxEObObslHilOaxtlZf2cIh27z_9Tjv0NplgBIPygcJqAsFsmZndmckH4ZF93fL5DVjfS02BpDUaJbmtnwZA9SigdCkfW4Cw82
Requested by: Host: tags.h12-media.com
URL: https://tags.h12-media.com/v3/prebid3_2.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.51.131.141 Windsor, United Kingdom, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash: e5a924fbf8147282fecbe59faec71aa607a99ac23bb84f80dd970b1ac0804161

Request headers

Referer: https://xyupload.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET, ARR/3.0
vary: Accept-Encoding
content-type: application/json; Charset=UTF-8
access-control-allow-origin: https://xyupload.com
cache-control: no-store,no-cache,max-age=0,private
access-control-allow-credentials: true
srg-x: x-.138
procadsent: 0.2656
content-length: 1187

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 88ms
87ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1559960516&utmhn=xyupload.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Easy%20Ways%20To%20Fix%20QuickBooks%202021%20Will%20Not%20Export%20To%20Excel%20%C2%AB%20xyupload.com&utmhid=436279692&utmr=-&utmp=%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F&utmht=1631771574395&utmac=UA-15566844-1&utmcc=__utma%3D188522913.835063302.1631771574.1631771574.1631771574.1%3B%2B__utmz%3D188522913.1631771574.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=616530535&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 05:52:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bounce-tag_80.2-1.js Show response
p336138.mycdn.co/banners/bounce/ 48 KB
18 KB 9ms
9ms Script
application/javascript 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://p336138.mycdn.co/banners/bounce/bounce-tag_80.2-1.js
Requested by: Host: clksite.com
URL: https://clksite.com/adServe/banners?tid=336138_654829_2&pause=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
content-encoding: gzip
last-modified: Mon, 24 Jun 2019 11:33:16 GMT
server: NetDNA-cache/2.2
etag: W/"5d10b4fc-be2b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31104000
expires: Sun, 11 Sep 2022 05:52:54 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 300ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1095
date: Thu, 16 Sep 2021 05:52:54 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 rhpop_80.2-1.js Show response
p336138.mycdn.co/script/ 174 KB
67 KB 9ms
8ms Script
application/javascript 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://p336138.mycdn.co/script/rhpop_80.2-1.js
Requested by: Host: clksite.com
URL: https://clksite.com/adServe/banners?tid=336138_654829_1&tagid=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 93a4512f74d4f46b230b4a335f956c14688561bd60a9c2e307ccb413c4fd6f4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
content-encoding: gzip
last-modified: Mon, 24 Jun 2019 11:33:16 GMT
server: NetDNA-cache/2.2
etag: W/"5d10b4fc-2b75b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31104000
expires: Sun, 11 Sep 2022 05:52:54 GMT

GET
H2 200 / Show response
bidder.h12-media.com/iframe/ Frame 1A7A 10 KB
4 KB 56ms
56ms Document
text/html 154.51.131.141
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.h12-media.com/iframe/?impdata=64BrtsxsLXFBpA7IhzEfgHoqGE_QAppH9GUAoB7IichiuIehU7vKCVIn4MUfzi5cFaZkH6-j44Uuizt4lHbjgGjW8EUcrSiONQsa1hlRIhvX1AbKAxik2gTnGVsL_roMl4QlOElIbSKaUDBCIGZeuOacAhLzQxhL8kqifGyUcvL3sn3uOyyynv2AKJko3huw-TeVMuJMUxBa4bvux8JnSqw-DNdHJ97oPZRuNiXDRFXz-VA3xK6U3unaDELjlEsBFo80zsRCHP4gOZZHfcy54gHmFT72x_KTV7G9vxdX7iyZvRRH3Pk91ntUSXGerIdjuJ1hn-t1Y_YS_cwIp7kUO7PbeVfegYVrf1y8ixH4OWNZzEdJtJwgQEWPv-iUunE8ssZz0XEE4t1WyWKanv0yfZk4KqLMokycg07tPbU5KG7VJ7nJdzGfPMVLF2s466czIxugTI1m9iYXPzC-3QUaLJxPMHGMxgCzXcZTwOiQMF35f45FFN0deGxEeK_3w_Z_-EDZBV0K8zZCsolI0SlC632NtKPZgUGuT-wd_Qjc_t2nC4gbu81qHP95gFRik5qEcOWEW4VjcTNfZBphNWwCWhPQx04xisH5UbEsZYssuYtOCWUG90CwuOrJoTjzKyikAxWVEgN2a5zLDsva6jAjs3ni-GCLWp7x6BeFVhr2OqVI31
Requested by: Host: tags.h12-media.com
URL: https://tags.h12-media.com/v3/prebid3_2.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.51.131.141 Windsor, United Kingdom, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET ARR/3.0
Resource Hash: bcd2778c8ea1f6f452adbd1af3a6da6577ee0ad31a71561ad2b53845da3a2af0

Request headers

:method: GET
:authority: bidder.h12-media.com
:scheme: https
:path: /iframe/?impdata=64BrtsxsLXFBpA7IhzEfgHoqGE_QAppH9GUAoB7IichiuIehU7vKCVIn4MUfzi5cFaZkH6-j44Uuizt4lHbjgGjW8EUcrSiONQsa1hlRIhvX1AbKAxik2gTnGVsL_roMl4QlOElIbSKaUDBCIGZeuOacAhLzQxhL8kqifGyUcvL3sn3uOyyynv2AKJko3huw-TeVMuJMUxBa4bvux8JnSqw-DNdHJ97oPZRuNiXDRFXz-VA3xK6U3unaDELjlEsBFo80zsRCHP4gOZZHfcy54gHmFT72x_KTV7G9vxdX7iyZvRRH3Pk91ntUSXGerIdjuJ1hn-t1Y_YS_cwIp7kUO7PbeVfegYVrf1y8ixH4OWNZzEdJtJwgQEWPv-iUunE8ssZz0XEE4t1WyWKanv0yfZk4KqLMokycg07tPbU5KG7VJ7nJdzGfPMVLF2s466czIxugTI1m9iYXPzC-3QUaLJxPMHGMxgCzXcZTwOiQMF35f45FFN0deGxEeK_3w_Z_-EDZBV0K8zZCsolI0SlC632NtKPZgUGuT-wd_Qjc_t2nC4gbu81qHP95gFRik5qEcOWEW4VjcTNfZBphNWwCWhPQx04xisH5UbEsZYssuYtOCWUG90CwuOrJoTjzKyikAxWVEgN2a5zLDsva6jAjs3ni-GCLWp7x6BeFVhr2OqVI31
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://xyupload.com/
accept-encoding: gzip, deflate, br
cookie: 7thMile=787d0ce5%2D2d1d%2D4776%2Dbcae%2D0adf6028b844
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/

Response headers

cache-control: no-store,no-cache,max-age=0,private
content-type: text/html; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-allow-credentials: true
srg-x: x-.174
x-powered-by: ASP.NET ARR/3.0
date: Thu, 16 Sep 2021 05:52:54 GMT
content-length: 3649

GET
DATA 200
OK truncated
/ 414 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cc636f73406bd9f7fb945f29612f41773083aaa22ae8b55780cce683562bd22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDUvNDMwNDg0LzdkYmVkZTFlOTA1ZTY1YmQ0O...
s-img.mgid.com/g/9286337/328x328/-/ Frame 1A7A
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|mmaR3q6xKhu8PkG49HC8e_gv0QM5XZOb0ny_ggD2dUb4sJ7rJi4bN1eX6FJPGQDK&cid=1056819&f=1&h2=6ByAVn8qW3qBJXZTwx0IeoQQtQY-vO2_oDLBb86WAx8*&rid=560a25e9-16b2-11ec-a8c3-e4434b...
https://s-img.mgid.com/g/9286337/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90Lz...

7 KB
7 KB

15ms
14ms

Image
image/webp

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/9286337/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDUvNDMwNDg0LzdkYmVkZTFlOTA1ZTY1YmQ0ODA0OTM0YWQwMWE5Njg2LmpwZWc.webp?v=1631771574-unGDgrTwU5gCaZ6IwKhZ93KD3ItIQnMtnOBjaY2msZk
Requested by: Host: bidder.h12-media.com
URL: https://bidder.h12-media.com/iframe/?impdata=64BrtsxsLXFBpA7IhzEfgHoqGE_QAppH9GUAoB7IichiuIehU7vKCVIn4MUfzi5cFaZkH6-j44Uuizt4lHbjgGjW8EUcrSiONQsa1hlRIhvX1AbKAxik2gTnGVsL_roMl4QlOElIbSKaUDBCIGZeuOacAhLzQxhL8kqifGyUcvL3sn3uOyyynv2AKJko3huw-TeVMuJMUxBa4bvux8JnSqw-DNdHJ97oPZRuNiXDRFXz-VA3xK6U3unaDELjlEsBFo80zsRCHP4gOZZHfcy54gHmFT72x_KTV7G9vxdX7iyZvRRH3Pk91ntUSXGerIdjuJ1hn-t1Y_YS_cwIp7kUO7PbeVfegYVrf1y8ixH4OWNZzEdJtJwgQEWPv-iUunE8ssZz0XEE4t1WyWKanv0yfZk4KqLMokycg07tPbU5KG7VJ7nJdzGfPMVLF2s466czIxugTI1m9iYXPzC-3QUaLJxPMHGMxgCzXcZTwOiQMF35f45FFN0deGxEeK_3w_Z_-EDZBV0K8zZCsolI0SlC632NtKPZgUGuT-wd_Qjc_t2nC4gbu81qHP95gFRik5qEcOWEW4VjcTNfZBphNWwCWhPQx04xisH5UbEsZYssuYtOCWUG90CwuOrJoTjzKyikAxWVEgN2a5zLDsva6jAjs3ni-GCLWp7x6BeFVhr2OqVI31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f77d497ae790f9c6f454e53749219fb7fac603edd96e6d96cc95ff6cbd20991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidder.h12-media.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Aug 2021 13:07:18 GMT
x-mg-request-uuid: 9d3937d4-5f6f-413a-8ea1-ea752cfec10b
age: 2808697
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68f7d4d6ecad4a67-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6870
server: cloudflare

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 05:52:54 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 70831c95-4400-4279-a700-a17a23348e1c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.mgid.com/g/9286337/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDUvNDMwNDg0LzdkYmVkZTFlOTA1ZTY1YmQ0ODA0OTM0YWQwMWE5Njg2LmpwZWc.webp?v=1631771574-unGDgrTwU5gCaZ6IwKhZ93KD3ItIQnMtnOBjaY2msZk
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68f7d4d68c3c4a67-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8zMTQ3MjIvNDAyMGJhOTc4YjUyYTgyY...
s-img.mgid.com/g/10213680/492x277/-/ Frame 1A7A 16 KB
16 KB 32ms
16ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10213680/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8zMTQ3MjIvNDAyMGJhOTc4YjUyYTgyYThlODM3NmRlNzA3Zjc0MTYuanBn.webp?v=1631771574-WK-ZUVJEXQc74qVQZ6woE9NMtQ4Xf83Xnhp3JsFR8SY
Requested by: Host: bidder.h12-media.com
URL: https://bidder.h12-media.com/iframe/?impdata=64BrtsxsLXFBpA7IhzEfgHoqGE_QAppH9GUAoB7IichiuIehU7vKCVIn4MUfzi5cFaZkH6-j44Uuizt4lHbjgGjW8EUcrSiONQsa1hlRIhvX1AbKAxik2gTnGVsL_roMl4QlOElIbSKaUDBCIGZeuOacAhLzQxhL8kqifGyUcvL3sn3uOyyynv2AKJko3huw-TeVMuJMUxBa4bvux8JnSqw-DNdHJ97oPZRuNiXDRFXz-VA3xK6U3unaDELjlEsBFo80zsRCHP4gOZZHfcy54gHmFT72x_KTV7G9vxdX7iyZvRRH3Pk91ntUSXGerIdjuJ1hn-t1Y_YS_cwIp7kUO7PbeVfegYVrf1y8ixH4OWNZzEdJtJwgQEWPv-iUunE8ssZz0XEE4t1WyWKanv0yfZk4KqLMokycg07tPbU5KG7VJ7nJdzGfPMVLF2s466czIxugTI1m9iYXPzC-3QUaLJxPMHGMxgCzXcZTwOiQMF35f45FFN0deGxEeK_3w_Z_-EDZBV0K8zZCsolI0SlC632NtKPZgUGuT-wd_Qjc_t2nC4gbu81qHP95gFRik5qEcOWEW4VjcTNfZBphNWwCWhPQx04xisH5UbEsZYssuYtOCWUG90CwuOrJoTjzKyikAxWVEgN2a5zLDsva6jAjs3ni-GCLWp7x6BeFVhr2OqVI31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e243f8612cc13ad4a9fd0681e2242085c7ed027f6e9a377a5adc866d8d4544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidder.h12-media.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
cf-cache-status: HIT
last-modified: Sun, 08 Aug 2021 07:54:50 GMT
x-mg-request-uuid: 2c067be8-a4e7-4409-9384-258d1f20225b
age: 2000984
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68f7d4d68c404a67-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16066
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDIvNTQxOTgxL2NjZTMxY2E2NTk4ZWY2MjBlZjM1YjVjYjJjMWE2Mzg5LmpwZw.webp
s-img.mgid.com/g/8364571/492x277/-0x-0x492x328/ Frame 1A7A 10 KB
11 KB 30ms
14ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8364571/492x277/-0x-0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDIvNTQxOTgxL2NjZTMxY2E2NTk4ZWY2MjBlZjM1YjVjYjJjMWE2Mzg5LmpwZw.webp?v=1631771574-D5cyR3ki1MyjNdKU7Cu-XZLSQCTUgOVTxZUv3JXuz_k
Requested by: Host: bidder.h12-media.com
URL: https://bidder.h12-media.com/iframe/?impdata=64BrtsxsLXFBpA7IhzEfgHoqGE_QAppH9GUAoB7IichiuIehU7vKCVIn4MUfzi5cFaZkH6-j44Uuizt4lHbjgGjW8EUcrSiONQsa1hlRIhvX1AbKAxik2gTnGVsL_roMl4QlOElIbSKaUDBCIGZeuOacAhLzQxhL8kqifGyUcvL3sn3uOyyynv2AKJko3huw-TeVMuJMUxBa4bvux8JnSqw-DNdHJ97oPZRuNiXDRFXz-VA3xK6U3unaDELjlEsBFo80zsRCHP4gOZZHfcy54gHmFT72x_KTV7G9vxdX7iyZvRRH3Pk91ntUSXGerIdjuJ1hn-t1Y_YS_cwIp7kUO7PbeVfegYVrf1y8ixH4OWNZzEdJtJwgQEWPv-iUunE8ssZz0XEE4t1WyWKanv0yfZk4KqLMokycg07tPbU5KG7VJ7nJdzGfPMVLF2s466czIxugTI1m9iYXPzC-3QUaLJxPMHGMxgCzXcZTwOiQMF35f45FFN0deGxEeK_3w_Z_-EDZBV0K8zZCsolI0SlC632NtKPZgUGuT-wd_Qjc_t2nC4gbu81qHP95gFRik5qEcOWEW4VjcTNfZBphNWwCWhPQx04xisH5UbEsZYssuYtOCWUG90CwuOrJoTjzKyikAxWVEgN2a5zLDsva6jAjs3ni-GCLWp7x6BeFVhr2OqVI31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84c3f195f6fbcd31c18426a34646d3f8318212bfe6511340d7825a3ebd3e7c13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidder.h12-media.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
cf-cache-status: HIT
last-modified: Fri, 03 Sep 2021 08:11:58 GMT
x-mg-request-uuid: 6f0f8b33-334c-4e90-8eb7-4a2fa99b929b
age: 1114856
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68f7d4d68c414a67-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10548
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC81ODE4NTYvNGQ0OGEzYzc1YmRlNTYzN...
s-img.mgid.com/g/10172117/492x277/-/ Frame 1A7A 29 KB
29 KB 33ms
17ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10172117/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC81ODE4NTYvNGQ0OGEzYzc1YmRlNTYzNjIxYzI4MWE4ODQ2NDU0ZTcuanBlZw.webp?v=1631771574-cRWhrgb_rD8-qRoQJ5K6vNXM0q1Ai7FU0BsAlJ8x8KU
Requested by: Host: bidder.h12-media.com
URL: https://bidder.h12-media.com/iframe/?impdata=64BrtsxsLXFBpA7IhzEfgHoqGE_QAppH9GUAoB7IichiuIehU7vKCVIn4MUfzi5cFaZkH6-j44Uuizt4lHbjgGjW8EUcrSiONQsa1hlRIhvX1AbKAxik2gTnGVsL_roMl4QlOElIbSKaUDBCIGZeuOacAhLzQxhL8kqifGyUcvL3sn3uOyyynv2AKJko3huw-TeVMuJMUxBa4bvux8JnSqw-DNdHJ97oPZRuNiXDRFXz-VA3xK6U3unaDELjlEsBFo80zsRCHP4gOZZHfcy54gHmFT72x_KTV7G9vxdX7iyZvRRH3Pk91ntUSXGerIdjuJ1hn-t1Y_YS_cwIp7kUO7PbeVfegYVrf1y8ixH4OWNZzEdJtJwgQEWPv-iUunE8ssZz0XEE4t1WyWKanv0yfZk4KqLMokycg07tPbU5KG7VJ7nJdzGfPMVLF2s466czIxugTI1m9iYXPzC-3QUaLJxPMHGMxgCzXcZTwOiQMF35f45FFN0deGxEeK_3w_Z_-EDZBV0K8zZCsolI0SlC632NtKPZgUGuT-wd_Qjc_t2nC4gbu81qHP95gFRik5qEcOWEW4VjcTNfZBphNWwCWhPQx04xisH5UbEsZYssuYtOCWUG90CwuOrJoTjzKyikAxWVEgN2a5zLDsva6jAjs3ni-GCLWp7x6BeFVhr2OqVI31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 773c4c72a1c7cab1ed91a03c1588fbdb4955f424188565ccd60d8447c9822560

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidder.h12-media.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
cf-cache-status: HIT
last-modified: Fri, 20 Aug 2021 12:48:40 GMT
x-mg-request-uuid: 0db387b0-e784-4700-aca3-825f4d052a0a
age: 1940498
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68f7d4d68c3f4a67-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29258
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS80MzA0ODQvN2RiZWRlMWU5MDVlNjViZ...
s-img.mgid.com/g/9286337/492x277/-/ Frame 1A7A 8 KB
8 KB 37ms
22ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/9286337/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS80MzA0ODQvN2RiZWRlMWU5MDVlNjViZDQ4MDQ5MzRhZDAxYTk2ODYuanBlZw.webp?v=1631771574-U34aqIqKrs61OmW6IJ1AgtYgR3VHkOeqdffU62kGCVA
Requested by: Host: bidder.h12-media.com
URL: https://bidder.h12-media.com/iframe/?impdata=64BrtsxsLXFBpA7IhzEfgHoqGE_QAppH9GUAoB7IichiuIehU7vKCVIn4MUfzi5cFaZkH6-j44Uuizt4lHbjgGjW8EUcrSiONQsa1hlRIhvX1AbKAxik2gTnGVsL_roMl4QlOElIbSKaUDBCIGZeuOacAhLzQxhL8kqifGyUcvL3sn3uOyyynv2AKJko3huw-TeVMuJMUxBa4bvux8JnSqw-DNdHJ97oPZRuNiXDRFXz-VA3xK6U3unaDELjlEsBFo80zsRCHP4gOZZHfcy54gHmFT72x_KTV7G9vxdX7iyZvRRH3Pk91ntUSXGerIdjuJ1hn-t1Y_YS_cwIp7kUO7PbeVfegYVrf1y8ixH4OWNZzEdJtJwgQEWPv-iUunE8ssZz0XEE4t1WyWKanv0yfZk4KqLMokycg07tPbU5KG7VJ7nJdzGfPMVLF2s466czIxugTI1m9iYXPzC-3QUaLJxPMHGMxgCzXcZTwOiQMF35f45FFN0deGxEeK_3w_Z_-EDZBV0K8zZCsolI0SlC632NtKPZgUGuT-wd_Qjc_t2nC4gbu81qHP95gFRik5qEcOWEW4VjcTNfZBphNWwCWhPQx04xisH5UbEsZYssuYtOCWUG90CwuOrJoTjzKyikAxWVEgN2a5zLDsva6jAjs3ni-GCLWp7x6BeFVhr2OqVI31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7c8a6a6de679247ccc4b35562881727e20c92c0544331aba7543f2ae5b5d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidder.h12-media.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:54 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Jul 2021 09:20:02 GMT
x-mg-request-uuid: 77344f7e-e3e7-49eb-a022-acf94a6115d7
age: 1496463
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68f7d4d68c3e4a67-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7680
server: cloudflare

GET hotarucms.png
xyupload.com/content/themes/slightlyyellow/images/ 0
0

GET
H2 200 hotarucms.png
xyupload.com/content/themes/slightlyyellow/images/ 304 B
657 B 44ms
43ms Image
image/png 2606:4700:3030::ac43:a128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xyupload.com/content/themes/slightlyyellow/images/hotarucms.png
Requested by: Host: xyupload.com
URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc1e86402ced8ca79531a86c299d37ebd3f1d41b506ec643bb9315b133600dfa

Request headers

sec-fetch-mode: cors
origin: https://xyupload.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: image
cookie: PHPSESSID=ccmtoqucodrq7p1a4dfefv6he2; rhid_c=0; prefetchAd_1469020=true; _pbjs_userid_consent_data=2657307049619840; _pubcid=62acced1-4488-491b-87f2-5adeb3639e52; __utma=188522913.835063302.1631771574.1631771574.1631771574.1; __utmc=188522913; __utmz=188522913.1631771574.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=188522913.1.10.1631771574; cto_bidid=IarAX18wdnZJV1EzeGVFS3BGJTJGZk50U2lKVHhDQ0FsMmhjb2liN3dqJTJCakw4cHFSMUpHQ2NCRlI5elJBbnpGdmMxOXhubHNQNVZEV0dOSEcwV3ZEM0tiN1RZc1ElM0QlM0Q; cto_bundle=N1pDf185WWdRTDl2Nmxnc2Ntd0xxT3F2UXVsVEhaYXd6VDdQV0Y3Uk9uZTVFUmUwelFWdWslMkJPZFh3WWthUkMyV3BuQ2p3MlhqcW9oOTdOeTY0bWQzV2ZuMHFjVFVGWW9HT0xUcEFmeVd4c1Z2Tk93WHdQZVZuTnBJSUJIRXFrdGNEbTFI
:path: /content/themes/slightlyyellow/images/hotarucms.png
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: xyupload.com
referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/
Origin: https://xyupload.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:56 GMT
cf-cache-status: MISS
last-modified: Thu, 16 Sep 2021 05:52:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1guBqydptXf5v6AhEDUxanGXlrId4%2B%2FpHKZjuNt0WMwPDkbzma0jNgc1kU8NDQlqnmzvd1aABkPEHV8TzOKPnCj1SfzZlSirrtxlpfG1zPt2L9ZQoPOR6TRVKnmYag78RGC2vkhgBmv1rc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 68f7d4e10d434abd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 304

GET
H2 200 hotarucms.png
xyuploadcom.imageshack.host/itab/rapidcdn/sjv_58.10/content/themes/slightlyyellow/images/ 179 B
489 B 403ms
130ms Image
image/png 108.168.193.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xyuploadcom.imageshack.host/itab/rapidcdn/sjv_58.10/content/themes/slightlyyellow/images/hotarucms.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.168.193.183 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: b7.c1.a86c.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 6a5c9fae4418b58724f13776aac1c524cac2426e4f5f655284df41c374f4e3fd

Request headers

Referer: https://xyupload.com/
Origin: https://xyupload.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 05:52:56 GMT
server: nginx
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/png;charset=utf8
content-length: 179
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
tags.h12-media.com/rtb/ Frame A1F4 0
51 B 32ms
31ms Script
application/x-javascript 154.51.131.141
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=8wCotIxh_jfxEPkh54RR0dQpWp-H3P9lebWHZfYsbqA_c-nJARGGa2mD5QxtoJrIWh5FXc_GdP_3M8dcWKairFr-R3Zr5HJTBaXObGUyL5sBnpIAv4A_slOtAFU8M1Iyt4GSwbTqu-wuNgv_zNJzJJZy6HAlsGDjwKjsCqm_qzV5T6oAy5atxotT0xyfBu-yNZ1T1qLx_d_h-SzLTi02xFdnKJSZ_NFcOEmMJBdeGxAY-vZsPnb4t8_3195Q8V8AHpwlLBX97Rlh_5DycFYt3iie5dCVEkLwGOn08GqP7k80Smyf1jXsTiLVzKHkSfKfgVXZWBgT0AEU1nZJUdL7vK6hB_mxv1w7BEWhy4luAiC7GENKrgRMJ0VUxEObObslHilOaxtlZf2cIh27z_9Tjv0NplgBIPygcJqAsFsmZndmckH4ZF93fL5DVjfS02BpDUaJbmtnwZA9SigdCkfW4Cw82&size=970x250&sizex=970x250&wp=0.014987&bd=h12media&d=1
Requested by: Host: tags.h12-media.com
URL: https://tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%222a01%3A4f8%3A212%3A78e%3A30%3A%3A1%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickysmart%22%2C%22pubid%22%3A%225cdaacef9be0bc5b971260214ca88323%22%2C%22adunitid%22%3A%2222440%22%2C%22topurl%22%3A%22https%3A%2F%2Fxyupload.com%2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22lnzuxr11m39%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A4%2C%22hourofday%22%3A5%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22ltr%22%2C%22cdims%22%3A%5B1600%2C1200%5D%2C%22ddims%22%3A%5B1600%2C2075%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B0%2C50%5D%2C%22maxwidth%22%3A1600%2C%22maxheight%22%3A1200%7D&rnd=0.4159235455650778
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.51.131.141 Windsor, United Kingdom, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xyupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:52:57 GMT
cache-control: no-store,no-cache,max-age=0,private
srg-x: x-.174
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
content-length: 0
content-type: application/x-javascript; Charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: eergaroa.com
URL: https://eergaroa.com/style.css?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yODcxNDY3

Domain: xyupload.com
URL: https://xyupload.com/content/themes/slightlyyellow/images/hotarucms.png

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel	1969-12-31 23:59:59	Name: Value: __test
xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel	1969-12-31 23:59:59	Name: __PPU___PPU_SESSION_URL Value: %2Feasy-ways-to-fix-quickbooks-2021-will-not-export-to-excel%2F
xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel	1969-12-31 23:59:59	Name: bnState Value: {"impressions":1,"delayStarted":0}
.mybetterdl.com/adServe	1970-01-19 21:17:37	Name: capdata Value:
xyupload.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ccmtoqucodrq7p1a4dfefv6he2
xyupload.com/	1969-12-31 23:59:59	Name: rhid_c Value: 0
native.propellerclick.com/	1970-01-20 06:01:47	Name: scm Value: 1
mailwithcash.com/	1970-01-20 06:01:47	Name: UID Value: 2109160052f1b151b1c11744bf9c4a15fffb
stagepopkek.com/	1970-01-20 06:01:47	Name: UID Value: 2109160052365d2816ec1a41f4a84ed67bb5
ilusors.com/	1970-01-20 06:01:47	Name: UID Value: 2109160052958fd7c01596483aaae56f8054
my.rtmark.net/	1970-01-20 06:01:47	Name: ID Value: a25db32154be49e3b3a2209da407893d
stagepopkek.com/	1970-01-19 21:59:23	Name: OACICAP Value: ABswzQAAAAAAAAAB
stagepopkek.com/	1970-01-19 21:59:23	Name: OACIBLOCK Value: ABswzQAAAABhQtu1
stagepopkek.com/	1970-01-19 21:17:37	Name: ppucnt Value: 0
hoawhaum.net/	1970-01-20 06:01:47	Name: scm Value: 1
in-page-push.com/	1970-01-20 06:01:47	Name: OAID Value: a25db32154be49e3b3a2209da407893d
onmarshtompor.com/	1970-01-20 06:01:47	Name: OAID Value: 780e76e1149140889fcd85c90cedf7e8
onmarshtompor.com/	1970-01-20 06:01:47	Name: oaidts Value: 1631771574
xyupload.com/	1970-01-19 21:16:11	Name: prefetchAd_1469020 Value: true
xyupload.com/	1970-01-19 21:59:23	Name: _pbjs_userid_consent_data Value: 2657307049619840
.xyupload.com/	1970-01-20 21:01:47	Name: _pubcid Value: 62acced1-4488-491b-87f2-5adeb3639e52
.xyupload.com/	1970-01-20 14:47:23	Name: __utma Value: 188522913.835063302.1631771574.1631771574.1631771574.1
.xyupload.com/	1969-12-31 23:59:59	Name: __utmc Value: 188522913
.xyupload.com/	1970-01-20 01:38:59	Name: __utmz Value: 188522913.1631771574.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.xyupload.com/	1970-01-19 21:16:12	Name: __utmt Value: 1
.xyupload.com/	1970-01-19 21:16:13	Name: __utmb Value: 188522913.1.10.1631771574
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.mybetterdl.com/	1970-01-20 01:35:23	Name: rhid Value: 79644935388
.h12-media.com/	1970-01-19 22:39:31	Name: 7thMile Value: 787d0ce5%2D2d1d%2D4776%2Dbcae%2D0adf6028b844
xyupload.com/	1970-01-20 06:37:47	Name: cto_bidid Value: IarAX18wdnZJV1EzeGVFS3BGJTJGZk50U2lKVHhDQ0FsMmhjb2liN3dqJTJCakw4cHFSMUpHQ2NCRlI5elJBbnpGdmMxOXhubHNQNVZEV0dOSEcwV3ZEM0tiN1RZc1ElM0QlM0Q
xyupload.com/	1970-01-20 06:37:47	Name: cto_bundle Value: N1pDf185WWdRTDl2Nmxnc2Ntd0xxT3F2UXVsVEhaYXd6VDdQV0Y3Uk9uZTVFUmUwelFWdWslMkJPZFh3WWthUkMyV3BuQ2p3MlhqcW9oOTdOeTY0bWQzV2ZuMHFjVFVGWW9HT0xUcEFmeVd4c1Z2Tk93WHdQZVZuTnBJSUJIRXFrdGNEbTFI
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: l8fSrcl3j_Qm
.mgid.com/	1970-01-19 21:16:13	Name: __cf_bm Value: 67YSy2Fz5egEd7Ch.LBooQddztZ9cBWBHEQQwURSiS4-1631771574-0-AUiuHNY2ssfohvVD8a9p63e/JO9n1ivz25RG9feyF9tnJdRDwcd/2UHSWeXRLR0Z3F2nFWTPEUnABWnGOuH5aKU=

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://xyupload.com/content/images/post_images/Vatre_ivanjske_2014_Epizoda_65_1427899639_27.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xyupload.com/content/images/post_images/Vancouver_Small..._1622960841_0669.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://native.propellerclick.com/1?z=2871466 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://xyupload.com/easy-ways-to-fix-quickbooks-2021-will-not-export-to-excel/ Message: Refused to apply style from 'https://eergaroa.com/style.css?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yODcxNDY3' because its MIME type ('text/plain') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.e-planning.net
ajax.googleapis.com
bidder.criteo.com
bidder.h12-media.com
c.mgid.com
cdn.bncloudfl.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
clksite.com
eergaroa.com
f.h12-media.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
gum.criteo.com
hoawhaum.net
ilusors.com
in-page-push.com
mailwithcash.com
maxcdn.bootstrapcdn.com
mug.criteo.com
my.rtmark.net
mybetterdl.com
native.propellerclick.com
onmarshtompor.com
otrwaram.com
p336138.clksite.com
p336138.mycdn.co
s-img.mgid.com
ssl.google-analytics.com
stagepopkek.com
static.cdnativepush.com
static.cloudflareinsights.com
tags.h12-media.com
xyupload.com
xyuploadcom.imageshack.host
eergaroa.com
xyupload.com
104.19.132.78
108.168.193.183
109.206.162.83
139.45.195.8
139.45.197.15
139.45.197.188
139.45.197.235
139.45.197.239
139.45.197.243
139.45.197.89
154.51.131.141
173.192.101.24
178.250.0.157
178.250.0.165
2606:4700:10::6816:ec6
2606:4700:3030::ac43:a128
2606:4700:3036::ac43:a640
2606:4700::6810:125e
2606:4700::6810:5f41
2606:4700::6812:acf
2a00:1450:4001:80f::2003
2a00:1450:4001:829::2008
2a00:1450:4001:831::200a
2a00:1450:400d:805::200a
2a02:2638:1::13
2a04:4e42:200::485
2a0c:5c81:5142::2
5.178.65.245
94.31.29.128
0026328fbb1d1c6f697b6c84c42a18dc9b9f253f7c8083c72a9037c8a12e6cd1
0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13d84faa34539f00dda4586c397c08bd09148f1f1d00155859fb235ca7291db1
148d0f79a488658a0eb9112e8f509dfb2b9dc3f403694d305c6ac4759d874228
15fc980e2d05cf9333045a7ba43b3b4cbfd7e61e1eb9b47be00f01ce1e14589f
18d1cab3e044f4d56cca7b3dca4a01fa3712c2c801cbe64900f0bb03a78ce56b
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2d14b8ef84f82c15c85f8cfeb2764d522dcdb18715b7c61f2888df2d23a6dd73
2ed9119918adf7c9541d700ee80910ef8d0220ff312ebce648c5bec1e663fd8b
2f115537e496e739219369c034a7f579774a7e280d9121d450b397e1fae14839
36856e41c4e090b23480095ac73f2e34d0b0f73087c963a041f6dd27276fe28a
3a93a80a679bc28da6416099aa8d16eff66be8b91e7e7f00f0e5e732f2b7edd9
3ab0d7ff87f9dfd69967824595b8f452493ed798d65d581612ff38c9a1ebe7a7
3cc636f73406bd9f7fb945f29612f41773083aaa22ae8b55780cce683562bd22
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
4bbbf3a099825205a2c718ea7594e2039ee888e5677b7c774147ca5bc4007d38
4c526f1f7d947231ba673d79d48a4220cf71607988099ef0b505f7ed7fb54759
4ddcfd2c525730de3f4bf7affdf461ed89302177d0dac77b0f800ec508540ba7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5fa20d91c9e94f0dcd1398f5e8909706c437748ca1800616ee76deb6cefbdf03
5fc5b9437485b4b5de3963e1b2dde784c0a5c68710c83a247a7e1998249302b0
6a5c9fae4418b58724f13776aac1c524cac2426e4f5f655284df41c374f4e3fd
75e515b760b09638008dcdea00101f2d8d09135f9306d11eafac21c64f5e31c5
7648fa9444605cca1396f40ba1a2100ce5d9f24f4288cd168b6f2edff5769e38
773c4c72a1c7cab1ed91a03c1588fbdb4955f424188565ccd60d8447c9822560
7f77d497ae790f9c6f454e53749219fb7fac603edd96e6d96cc95ff6cbd20991
81a1a86cd93570f6a3d1a6dc566c99c5462008fb2e7822703798b80e30b8052d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83da068807b840d596e84fb84a021081aa525f0ef69b8126a1e6ea840f70d098
84c3f195f6fbcd31c18426a34646d3f8318212bfe6511340d7825a3ebd3e7c13
8500adbdb33cd90ec1df8e086c0d59373af6fdedf587dedb64a38683086cd226
863d70da2be85e093706c221a8b70493176d1a96401d187ef3cabe6f6b8e2462
875e306562c94989638b19ec0227a0007fc3fe1482f432e5e7925ddfe3d04813
8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da
8d20eb2ad044f061447795eab625c390875b4f0571deff00987efc5780e176a5
90e2beda59e97d315fdaae03d04bb46b5c8893e56266390ee4759d7db46b4823
93a4512f74d4f46b230b4a335f956c14688561bd60a9c2e307ccb413c4fd6f4d
95d4656ced9485b7ce8789f7f737d7dd86e2a41501e6cfbbce5a2bd3188166bd
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a14637c58f9961d292d31f136f895999b0d544c00a25a300923291b411faba9f
a2c9e594b30e7f07da7be7026a5544294ede153ca3af7fc1d06573a50fbaee16
aa891bdea1635a237ec0fd8d65be674c5fcfb1333fa6c7a1df13b6d846d4802c
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022
bcd2778c8ea1f6f452adbd1af3a6da6577ee0ad31a71561ad2b53845da3a2af0
c0d83d3b9a7a903f3514ff12e107cb7243caf37448756bc979efc20e7eb94155
c328ca534c20dba0cd70c037af923b2586654a9e747691a1fb73105307c105d9
c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd109685aad091ac9e233f99deedc4ff3aa2302a7d7d8a7064d6a14d1f87db77
cd827258b2330f2641a3401a20711ee201f14eff0e7951e5a5104b497b479844
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
dabff04d324c55e9010f21a739f30cecbabbb7a8e2c9578e0ace4c2ebc4dadf9
db7c8a6a6de679247ccc4b35562881727e20c92c0544331aba7543f2ae5b5d2a
dc1e86402ced8ca79531a86c299d37ebd3f1d41b506ec643bb9315b133600dfa
e25a7723726c566cfc2a659482bba6fc00596edcd90837388346e8d11070d165
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e449283936daf9239f7c939da9e17d0d1f5819b822224b876085d00618f19ca5
e5a924fbf8147282fecbe59faec71aa607a99ac23bb84f80dd970b1ac0804161
eae07e608fb2a8262ae998424e55afe79d12808df1587e4c7a3c7c214700fbcb
eb88b43b6cbbc83daac9dfc061d9c76e8d238444052928e7cd18dbfc2f441b9d
ec073fa2fb94aa8f3e572981ab4f905d3f7ec313757a2d3e48f3a574eba90e36
ec7fdb3670e7930a73c32cd966ab2d2e66c2a44888afb9cb099f75556755d5ad
ef311b836fc30fc9c7d6a0c75db64eafe1a0e572d315d1a41f6bd21821710acd
ef5b19f00d99790b3ae72b877e77a601d3d42c87e9fcfc8b8918c7428eab206b
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f2dfd864b07fc257bbc32fb6cdbb7d6edaea333c5f8f6066b6b23a6bec683e86
f42a7e2b5f954cadaec0fc92752290a954b361abbd11b59c1798f4c9b8bd880d
f4e243f8612cc13ad4a9fd0681e2242085c7ed027f6e9a377a5adc866d8d4544

xyupload.com Open in urlscan Pro 2606:4700:3030::ac43:a128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

98 %HTTPS

45 %IPv6

29 Domains

36 Subdomains

30 IPs

7 Countries

1191 kBTransfer

3180 kBSize

33 Cookies

6 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xyupload.com Open in urlscan Pro
2606:4700:3030::ac43:a128 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

98 %
HTTPS

45 %
IPv6

29
Domains

36
Subdomains

30
IPs

7
Countries

1191 kB
Transfer

3180 kB
Size

33
Cookies

83 HTTP transactions
2 data transactions