urlscan.io logo urlscan.io
SecurityTrails logo

xyupload.com Open in urlscan Pro
195.201.195.8  Public Scan

Go To Rescan Add Verdict Report
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Submission: On September 24 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 6 countries across 15 domains to perform 43 HTTP transactions. The main IP is 195.201.195.8, located in Germany and belongs to HETZNER-AS, DE. The main domain is xyupload.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on August 11th 2020. Valid for: 3 months.
This is the only time xyupload.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 195.201.195.8 24940 (HETZNER-AS)
3 2001:4de0:ac1... 20446 (HIGHWINDS3)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 173.192.101.24 36351 (SOFTLAYER)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
2 139.45.195.146 9002 (RETN-AS)
2 139.45.195.173 9002 (RETN-AS)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 139.45.196.14 9002 (RETN-AS)
5 139.45.197.82 9002 (RETN-AS)
2 94.31.29.128 6461 (ZAYO-6461)
1 108.168.193.183 36351 (SOFTLAYER)
43 16
8    195.201.195.8 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: serverd.sigmakom.com
xyupload.com
3    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
5    2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
p336138.clksite.com
infopicked.com
clksite.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
www.gravatar.com
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    139.45.195.146 (Ascension Island)

ASN9002 (RETN-AS, EU)
otrwaram.com
2    139.45.195.173 (Ascension Island)

ASN9002 (RETN-AS, EU)
native.propellerclick.com
1    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
3    139.45.196.14 (Ascension Island)

ASN9002 (RETN-AS, EU)
bestaryua.com
5    139.45.197.82 (Ascension Island)

ASN9002 (RETN-AS, EU)
nouseeth.com
2    94.31.29.128 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net
p336138.mycdn.co
1    108.168.193.183 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: b7.c1.a86c.ip4.static.sl-reverse.com
xyuploadcom.imageshack.host
Domain Requested by
8 xyupload.com xyupload.com
5 nouseeth.com xyupload.com
5 cdnjs.cloudflare.com xyupload.com
4 maxcdn.bootstrapcdn.com xyupload.com
maxcdn.bootstrapcdn.com
3 bestaryua.com otrwaram.com
2 p336138.mycdn.co p336138.clksite.com
clksite.com
2 native.propellerclick.com xyupload.com
2 otrwaram.com xyupload.com
2 ssl.google-analytics.com xyupload.com
2 infopicked.com xyupload.com
1 xyuploadcom.imageshack.host
1 clksite.com 1 redirects
1 www.gravatar.com xyupload.com
1 p336138.clksite.com 1 redirects
1 ajax.googleapis.com xyupload.com
1 cdn.jsdelivr.net xyupload.com
0 fonts.googleapis.com Failed xyupload.com
43 17

This site contains links to these domains. Also see Links.

Domain
www.isopentoday.com
en.gravatar.com
hotarucms.org
sigmakom.com
vida.mk
www.intango.com
Subject Issuer Validity Valid
xyupload.com
ZeroSSL RSA Domain Secure Site CA		 2020-08-11 -
2020-11-09		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-12 -
2022-08-17		 2 years crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-09-21 -
2021-04-17		 7 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.infopicked.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-30 -
2020-10-31		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
otrwaram.com
Let's Encrypt Authority X3		 2020-07-01 -
2020-09-29		 3 months crt.sh
native.propellerclick.com
Let's Encrypt Authority X3		 2020-07-21 -
2020-10-19		 3 months crt.sh
bestaryua.com
Let's Encrypt Authority X3		 2020-09-12 -
2020-12-11		 3 months crt.sh
nouseeth.com
Let's Encrypt Authority X3		 2020-08-26 -
2020-11-24		 3 months crt.sh
*.mycdn.co
Sectigo RSA Domain Validation Secure Server CA		 2019-10-10 -
2020-10-21		 a year crt.sh
*.imageshack.host
Sectigo RSA Domain Validation Secure Server CA		 2020-02-23 -
2021-03-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Frame ID: 5FCDEFA4A6CBE4151D6E456F919F7F84
Requests: 39 HTTP requests in this frame

Frame: https://bestaryua.com/fac.php
Frame ID: FE82BE0958C8BA345B6A15F0F5BBAFF6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /Hotaru CMS/i
Overall confidence: 100%
Detected patterns
  • meta generator /Hotaru CMS/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

43
Requests

88 %
HTTPS

47 %
IPv6

15
Domains

17
Subdomains

16
IPs

6
Countries

624 kB
Transfer

1365 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://p336138.clksite.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true HTTP 301
  • https://infopicked.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true
Request Chain 34
  • https://clksite.com/adServe/banners?tid=336138_654829_2&pause=5 HTTP 301
  • https://infopicked.com/adServe/banners?tid=336138_654829_2&pause=5

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
xyupload.com/jetblue-airlines-refund-toll-free-number/ 		229 KB
230 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.195.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
serverd.sigmakom.com
Software
Apache/2.2.15 / PHP/5.3.3
Resource Hash
18034ccee11c9365bf090780058990b4b76adca929ac23a2263ce7411ddaaf8c

Request headers

Host
xyupload.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 15:27:11 GMT
Server
Apache/2.2.15
X-Powered-By
PHP/5.3.3
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=t6rmse05r9ed84bn3f6d3u5cg5; path=/
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; utf8_unicode_ci;charset=UTF-8
style.css
xyupload.com/content/themes/slightlyyellow/css/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xyupload.com/content/themes/slightlyyellow/css/style.css
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.195.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
serverd.sigmakom.com
Software
Apache/2.2.15 /
Resource Hash
c11c35efa89ed500a92171d31cb54ab636de7c64c7824522bf80d08775d8c706

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 15:27:11 GMT
Cache-Control
max-age=604800, public
Server
Apache/2.2.15
Connection
keep-alive, close
Accept-Ranges
bytes
Content-Length
7524
Content-Type
text/css
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:29:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
status
200
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
5442
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 		115 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:29:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19240
summernote.min.css
cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/summernote.min.css
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ed9119918adf7c9541d700ee80910ef8d0220ff312ebce648c5bec1e663fd8b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:29:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
641559
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1821
cf-request-id
0562547de1000096dad9107200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:30 GMT
server
cloudflare
etag
"5eb03fde-296a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5d7d89dc9e0496da-FRA
expires
Tue, 14 Sep 2021 15:29:00 GMT
summernote-bs3.min.css
cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/ 		108 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/summernote-bs3.min.css
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f115537e496e739219369c034a7f579774a7e280d9121d450b397e1fae14839
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:29:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
901892
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12311
cf-request-id
0562547de1000096dad9108200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:30 GMT
server
cloudflare
etag
"5eb03fde-1af7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5d7d89dc9e0596da-FRA
expires
Tue, 14 Sep 2021 15:29:00 GMT
animate.min.css
cdn.jsdelivr.net/animatecss/3.2.0/ 		56 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/animatecss/3.2.0/animate.min.css
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
75e515b760b09638008dcdea00101f2d8d09135f9306d11eafac21c64f5e31c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4280755
x-cache
HIT, HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
4206
etag
W/"e088-Z3HZuX6HLe1CG5UU2FfQAcLxUuI"
x-served-by
cache-fra19153-FRA, cache-hhn4061-HHN
date
Thu, 24 Sep 2020 15:29:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
hotaru_css_1579520224.css
xyupload.com/cache/css_js_cache/ 		10 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xyupload.com/cache/css_js_cache/hotaru_css_1579520224.css
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.195.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
serverd.sigmakom.com
Software
Apache/2.2.15 /
Resource Hash
64500cf908c78790aa9f09f4f775aa34b960f2f2f71198d58b2cb175b5a58b7a

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 15:27:11 GMT
Cache-Control
max-age=604800, public
Server
Apache/2.2.15
Connection
keep-alive, close
Accept-Ranges
bytes
Content-Length
10651
Content-Type
text/css
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 08:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25296
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29725
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Sep 2021 08:27:24 GMT
banners
infopicked.com/adServe/
Redirect Chain
  • https://p336138.clksite.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true
  • https://infopicked.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true
100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://infopicked.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
d5b9ef008c1a7e1ef9f1da94a21c53342707ca1de846cc827913fb3e91895cf2

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Sep 2020 15:29:01 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

status
301
date
Thu, 24 Sep 2020 15:29:01 GMT
server
nginx
content-length
178
location
https://infopicked.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true
content-type
text/html
649c1c0d7319b99b0ed42713d54bd603
www.gravatar.com/avatar/ 		412 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.gravatar.com/avatar/649c1c0d7319b99b0ed42713d54bd603?d=identicon&size=32&r=g
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
HTTP/1.1
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ce34c0b77e43771f70ddc87c5487cc31af6e614b48fcb3cf38c07fba8fa30810

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-nc
MISS ams 4
Date
Thu, 24 Sep 2020 15:29:01 GMT
Last-Modified
Wed, 11 Jan 1984 08:00:00 GMT
Server
nginx
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Link
<https://www.gravatar.com/avatar/649c1c0d7319b99b0ed42713d54bd603?d=identicon&size=32&r=g>; rel="canonical"
Content-Length
412
Expires
Thu, 24 Sep 2020 15:34:01 GMT
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
3904
date
Thu, 24 Sep 2020 14:23:57 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 24 Sep 2020 16:23:57 GMT
apu.php
otrwaram.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://otrwaram.com/apu.php?zoneid=1469020&oo=1
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.195.146 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
77e1b53bd4947e207059e28c020ab105da7f0bbc823be7d397a63ca37730dfb1
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 15:29:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
1fdfbf9713adbb50fdb2c544d3e9aad3
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://xyupload.com
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Expires
Tue, 11 Jan 1994 10:00:00 GMT
tag.min.js
otrwaram.com/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otrwaram.com/tag.min.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.195.146 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
8f50523037ef65967a0ad29059cf17036edea07c866162b80d93db49ca521363
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 15:29:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
25508
X-Trace-Id
8c0bd45a58f447661070021b51fea44c
Pragma
no-cache
Last-Modified
Tue, 22 Sep 2020 12:11:52 GMT
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Expires
Tue, 11 Jan 1994 10:00:00 GMT
1
native.propellerclick.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://native.propellerclick.com/1?z=2871466
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.173 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:29:01 GMT
x-sc
4KdnrdofxFOHMlcU
server
nginx
status
404
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers
X-Sc
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
7
Sigmakom_com_Domaci_Filmovi_Domace_Serije_Turske_serije_Online_On_Line_1427919320_47.jpg
xyupload.com/content/images/post_images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyupload.com/content/images/post_images/Sigmakom_com_Domaci_Filmovi_Domace_Serije_Turske_serije_Online_On_Line_1427919320_47.jpg
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.195.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
serverd.sigmakom.com
Software
Apache/2.2.15 /
Resource Hash
95d4656ced9485b7ce8789f7f737d7dd86e2a41501e6cfbbce5a2bd3188166bd

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 15:27:12 GMT
Cache-Control
max-age=2678400, public
Server
Apache/2.2.15
Connection
keep-alive, close
Accept-Ranges
bytes
Content-Length
1804
Content-Type
image/jpeg
Vatre_ivanjske_2014_Epizoda_65_1427899639_27.jpg
xyupload.com/content/images/post_images/ 		273 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyupload.com/content/images/post_images/Vatre_ivanjske_2014_Epizoda_65_1427899639_27.jpg
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.195.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
serverd.sigmakom.com
Software
Apache/2.2.15 /
Resource Hash
5f684e289a3e950f2ff996f5844bc70d5e49e550e0c4328312aef532d7e57a06

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 15:27:12 GMT
Server
Apache/2.2.15
Connection
close
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
hotarucms.png
xyupload.com/content/themes/slightlyyellow/images/ 		304 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyupload.com/content/themes/slightlyyellow/images/hotarucms.png
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.195.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
serverd.sigmakom.com
Software
Apache/2.2.15 /
Resource Hash
dc1e86402ced8ca79531a86c299d37ebd3f1d41b506ec643bb9315b133600dfa

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 15:27:12 GMT
Cache-Control
max-age=2678400, public
Server
Apache/2.2.15
Connection
keep-alive, close
Accept-Ranges
bytes
Content-Length
304
Content-Type
image/png
hotaru_js_1599560702.js
xyupload.com/cache/css_js_cache/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xyupload.com/cache/css_js_cache/hotaru_js_1599560702.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.195.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
serverd.sigmakom.com
Software
Apache/2.2.15 /
Resource Hash
a2c9e594b30e7f07da7be7026a5544294ede153ca3af7fc1d06573a50fbaee16

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 15:27:12 GMT
Cache-Control
max-age=604800, private
Server
Apache/2.2.15
Connection
keep-alive, close
Accept-Ranges
bytes
Content-Length
8775
Content-Type
text/javascript
summernote.min.js
cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/ 		72 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/summernote/0.6.7/summernote.min.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
875e306562c94989638b19ec0227a0007fc3fe1482f432e5e7925ddfe3d04813
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:29:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
901892
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20127
cf-request-id
0562547ef1000096dad9122200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:30 GMT
server
cloudflare
etag
"5eb03fde-120fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5d7d89de4f6996da-FRA
expires
Tue, 14 Sep 2021 15:29:01 GMT
knockout-min.js
cdnjs.cloudflare.com/ajax/libs/knockout/3.2.0/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/knockout/3.2.0/knockout-min.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25a7723726c566cfc2a659482bba6fc00596edcd90837388346e8d11070d165
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:29:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1271748
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17751
cf-request-id
0562547f08000096dad9127200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:59 GMT
server
cloudflare
etag
"5eb03ecf-d371"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5d7d89de7f9396da-FRA
expires
Tue, 14 Sep 2021 15:29:01 GMT
knockout.mapping.min.js
cdnjs.cloudflare.com/ajax/libs/knockout.mapping/2.4.1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/knockout.mapping/2.4.1/knockout.mapping.min.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81a1a86cd93570f6a3d1a6dc566c99c5462008fb2e7822703798b80e30b8052d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:29:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
661163
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3143
cf-request-id
0562547f1d000096dad912a200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:59 GMT
server
cloudflare
etag
"5eb03ecf-28fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5d7d89de9fac96da-FRA
expires
Tue, 14 Sep 2021 15:29:01 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=638471019&utmhn=xyupload.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=JetBlue%20Airlines%20Refund%20Toll%20Free%20Number%20%C2%AB%20xyupload.com&utmhid=12163462&utmr=-&utmp=%2Fjetblue-airlines-refund-toll-free-number%2F&utmht=1600961341280&utmac=UA-15566844-1&utmcc=__utma%3D188522913.71203527.1600961341.1600961341.1600961341.1%3B%2B__utmz%3D188522913.1600961341.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=326884138&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Sep 2020 15:29:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://xyupload.com
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
56792
1
native.propellerclick.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://native.propellerclick.com/1?z=2871466
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.173 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:29:02 GMT
x-sc
4KdnrdofxFOHMlcU
server
nginx
status
404
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers
X-Sc
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
7
options
bestaryua.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://bestaryua.com/options?option_args=CNzUWRIgNGFjMjUyYmMyMDMzNGM1ZGIxZWJjNzY1ZmEwOTdjZGMaL2h0dHA6Ly9vdHJ3YXJhbS5jb20vYXB1LnBocD96b25laWQ9MTQ2OTAyMCZvbz0xIj5odHRwczovL3h5dXBsb2FkLmNvbS9qZXRibHVlLWFpcmxpbmVzLXJlZnVuZC10b2xsLWZyZWUtbnVtYmVyLw==
Protocol
HTTP/1.1
Server
139.45.196.14 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://xyupload.com
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Thu, 24 Sep 2020 15:29:02 GMT
Connection
keep-alive
Access-Control-Allow-Origin
https://xyupload.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin
* *
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
options
bestaryua.com/ 		0
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bestaryua.com/options?option_args=CNzUWRIgNGFjMjUyYmMyMDMzNGM1ZGIxZWJjNzY1ZmEwOTdjZGMaL2h0dHA6Ly9vdHJ3YXJhbS5jb20vYXB1LnBocD96b25laWQ9MTQ2OTAyMCZvbz0xIj5odHRwczovL3h5dXBsb2FkLmNvbS9qZXRibHVlLWFpcmxpbmVzLXJlZnVuZC10b2xsLWZyZWUtbnVtYmVyLw==
Requested by
Host: otrwaram.com
URL: https://otrwaram.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.196.14 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

Date
Thu, 24 Sep 2020 15:29:02 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
0
X-Trace-Id
dcff3386da26afd1367a61dec9fb98f0
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=utf8
Access-Control-Allow-Origin
https://xyupload.com
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Expires
Tue, 11 Jan 1994 10:00:00 GMT
fac.php
bestaryua.com/ Frame FE82 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bestaryua.com/fac.php
Requested by
Host: otrwaram.com
URL: https://otrwaram.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.196.14 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
bestaryua.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/

Response headers

Server
nginx
Date
Thu, 24 Sep 2020 15:29:02 GMT
Content-Type
text/html; charset=utf8
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin
* *
X-Trace-Id
8f51b1044235fff752ca3b6713b9283f
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
status
200
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9538
styles.css
nouseeth.com/ 		0
0
image.png
nouseeth.com/ 		0
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nouseeth.com/image.png?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yODcxNDY3
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.82 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1, max-age=1
X-Content-Type-Options nosniff, nosniff

Request headers

Origin
https://xyupload.com
Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 15:29:02 GMT
X-Sc
4KdnrdofxFOHMlcU
Server
nginx
Strict-Transport-Security
max-age=1, max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://xyupload.com
Access-Control-Expose-Headers
X-Sc
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length
7
X-Content-Type-Options
nosniff, nosniff
resources.json
nouseeth.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://nouseeth.com/resources.json
Protocol
HTTP/1.1
Server
139.45.197.82 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1 max-age=1
X-Content-Type-Options nosniff nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
token
Origin
https://xyupload.com
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Thu, 24 Sep 2020 15:29:02 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://xyupload.com
Access-Control-Allow-Headers
Token,Content-Type,X-Log-Type
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=1 max-age=1
X-Content-Type-Options
nosniff nosniff
Timing-Allow-Origin
* *
resources.json
nouseeth.com/ 		0
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nouseeth.com/resources.json
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.82 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1, max-age=1
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Token
aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yODcxNDY3

Response headers

Date
Thu, 24 Sep 2020 15:29:02 GMT
X-Sc
4KdnrdofxFOHMlcU
Server
nginx
Strict-Transport-Security
max-age=1, max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://xyupload.com
Access-Control-Expose-Headers
X-Sc
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Token,Content-Type
Content-Length
7
X-Content-Type-Options
nosniff, nosniff
banners
infopicked.com/adServe/
Redirect Chain
  • https://clksite.com/adServe/banners?tid=336138_654829_2&pause=5
  • https://infopicked.com/adServe/banners?tid=336138_654829_2&pause=5
35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://infopicked.com/adServe/banners?tid=336138_654829_2&pause=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
38f4f45e11b9e737b06ca126d6d6311ea5db7c75fe5028bfe117d88134382931

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Sep 2020 15:29:02 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

status
301
date
Thu, 24 Sep 2020 15:29:02 GMT
server
nginx
content-length
162
location
https://infopicked.com/adServe/banners?tid=336138_654829_2&pause=5
content-type
text/html
rhpop_80.2-1.js
p336138.mycdn.co/script/ 		174 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p336138.mycdn.co/script/rhpop_80.2-1.js
Requested by
Host: p336138.clksite.com
URL: https://p336138.clksite.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
93a4512f74d4f46b230b4a335f956c14688561bd60a9c2e307ccb413c4fd6f4d

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:29:02 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:16 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b4fc-2b75b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=31104000
expires
Sun, 19 Sep 2021 15:29:02 GMT
bounce-tag_80.2-1.js
p336138.mycdn.co/banners/bounce/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p336138.mycdn.co/banners/bounce/bounce-tag_80.2-1.js
Requested by
Host: clksite.com
URL: https://clksite.com/adServe/banners?tid=336138_654829_2&pause=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:29:03 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:16 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b4fc-be2b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=31104000
expires
Sun, 19 Sep 2021 15:29:03 GMT
hotarucms.png
xyupload.com/content/themes/slightlyyellow/images/ 		0
0
hotarucms.png
xyupload.com/content/themes/slightlyyellow/images/ 		304 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyupload.com/content/themes/slightlyyellow/images/hotarucms.png
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.195.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
serverd.sigmakom.com
Software
Apache/2.2.15 /
Resource Hash
dc1e86402ced8ca79531a86c299d37ebd3f1d41b506ec643bb9315b133600dfa

Request headers

Origin
https://xyupload.com
Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 15:27:15 GMT
Cache-Control
max-age=2678400, public
Server
Apache/2.2.15
Connection
keep-alive, close
Accept-Ranges
bytes
Content-Length
304
Content-Type
image/png
hotarucms.png
xyuploadcom.imageshack.host/itab/rapidcdn/sjv_58.10/content/themes/slightlyyellow/images/ 		179 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyuploadcom.imageshack.host/itab/rapidcdn/sjv_58.10/content/themes/slightlyyellow/images/hotarucms.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.193.183 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
6a5c9fae4418b58724f13776aac1c524cac2426e4f5f655284df41c374f4e3fd

Request headers

Origin
https://xyupload.com
Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Sep 2020 15:29:05 GMT
server
nginx
status
200
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/png;charset=utf8
content-length
179
expires
Thu, 01 Jan 1970 00:00:00 GMT
config.json
nouseeth.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://nouseeth.com/config.json
Protocol
HTTP/1.1
Server
139.45.197.82 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1 max-age=1
X-Content-Type-Options nosniff nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
token
Origin
https://xyupload.com
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Thu, 24 Sep 2020 15:29:12 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://xyupload.com
Access-Control-Allow-Headers
Token,Content-Type,X-Log-Type
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=1 max-age=1
X-Content-Type-Options
nosniff nosniff
Timing-Allow-Origin
* *
config.json
nouseeth.com/ 		0
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nouseeth.com/config.json
Requested by
Host: xyupload.com
URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.82 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1, max-age=1
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://xyupload.com/jetblue-airlines-refund-toll-free-number/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Token
aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yODcxNDY3

Response headers

Date
Thu, 24 Sep 2020 15:29:12 GMT
X-Sc
4KdnrdofxFOHMlcU
Server
nginx
Strict-Transport-Security
max-age=1, max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://xyupload.com
Access-Control-Expose-Headers
X-Sc
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Token,Content-Type
Content-Length
7
X-Content-Type-Options
nosniff, nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Oswald:400,700,300
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Titillium+Web:400,200,200italic,300,300italic,400italic,600,600italic,700,700italic,900&subset=latin,latin-ext
Domain
nouseeth.com
URL
https://nouseeth.com/styles.css?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yODcxNDY3
Domain
xyupload.com
URL
https://xyupload.com/content/themes/slightlyyellow/images/hotarucms.png

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery object| _gaq string| k object| _qs3tpn5bhj object| zfgformats function| setImmediate function| clearImmediate function| _nfirp function| _xhxiaqb object| _gat object| gaGlobal function| onClickTrigger object| 9h87q8faat function| kkp4a5x5tv boolean| zfgloadedpopup function| c433 function| W6jj function| K4CC function| h3gg object| _$cmp object| _$pt boolean| W object| _rhat4 string| _p function| S9tt object| _rhat2 object| _2xjav0diqu3 function| _exazar function| _jdrmcmvv function| Xta7429Qd341 function| _bp function| zfgproxyhttp object| ko function| urldecode function| reply_comment function| edit_comment function| vote object| xmlhttp function| myXMLHttpRequest object| ajax object| returnvalue function| handleEnter function| sfHover string| BASE string| BASEURL string| SITEURL string| ADMIN_THEME string| THEME function| _n1tz26dl0h function| r4yy function| r5JJ function| m8OO function| W7tt boolean| r5 object| rhpt18530 function| _$ function| _s6rf3tj48t

7 Cookies

Domain/Path Name / Value
.xyupload.com/ Name: __utmb
Value: 188522913.1.10.1600961341
.xyupload.com/ Name: __utmz
Value: 188522913.1600961341.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.xyupload.com/ Name: __utmt
Value: 1
.xyupload.com/ Name: __utmc
Value: 188522913
xyupload.com/ Name: rhid_c
Value: 0
.xyupload.com/ Name: __utma
Value: 188522913.71203527.1600961341.1600961341.1600961341.1
xyupload.com/ Name: PHPSESSID
Value: t6rmse05r9ed84bn3f6d3u5cg5

2 Console Messages

Source Level URL
Text
console-api log URL: https://p336138.clksite.com/adServe/banners?tid=336138_739198_0&tagid=2&hybridPop=true(Line 1)
Message:
%c [object HTMLImageElement] pw7.2.15,51,43
console-api log URL: https://xyupload.com/jetblue-airlines-refund-toll-free-number/(Line 44)
Message:
%c undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bestaryua.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
clksite.com
fonts.googleapis.com
infopicked.com
maxcdn.bootstrapcdn.com
native.propellerclick.com
nouseeth.com
otrwaram.com
p336138.clksite.com
p336138.mycdn.co
ssl.google-analytics.com
www.gravatar.com
xyupload.com
xyuploadcom.imageshack.host
fonts.googleapis.com
nouseeth.com
xyupload.com
108.168.193.183
139.45.195.146
139.45.195.173
139.45.196.14
139.45.197.82
173.192.101.24
195.201.195.8
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:2b
2606:4700::6811:4f6b
2a00:1450:4001:81c::2008
2a00:1450:4001:820::200a
2a04:4e42:1b::621
2a04:fa87:fffe::c000:4902
94.31.29.128
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18034ccee11c9365bf090780058990b4b76adca929ac23a2263ce7411ddaaf8c
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2ed9119918adf7c9541d700ee80910ef8d0220ff312ebce648c5bec1e663fd8b
2f115537e496e739219369c034a7f579774a7e280d9121d450b397e1fae14839
38f4f45e11b9e737b06ca126d6d6311ea5db7c75fe5028bfe117d88134382931
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5f684e289a3e950f2ff996f5844bc70d5e49e550e0c4328312aef532d7e57a06
64500cf908c78790aa9f09f4f775aa34b960f2f2f71198d58b2cb175b5a58b7a
6a5c9fae4418b58724f13776aac1c524cac2426e4f5f655284df41c374f4e3fd
75e515b760b09638008dcdea00101f2d8d09135f9306d11eafac21c64f5e31c5
77e1b53bd4947e207059e28c020ab105da7f0bbc823be7d397a63ca37730dfb1
81a1a86cd93570f6a3d1a6dc566c99c5462008fb2e7822703798b80e30b8052d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
875e306562c94989638b19ec0227a0007fc3fe1482f432e5e7925ddfe3d04813
8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da
8f50523037ef65967a0ad29059cf17036edea07c866162b80d93db49ca521363
93a4512f74d4f46b230b4a335f956c14688561bd60a9c2e307ccb413c4fd6f4d
95d4656ced9485b7ce8789f7f737d7dd86e2a41501e6cfbbce5a2bd3188166bd
a2c9e594b30e7f07da7be7026a5544294ede153ca3af7fc1d06573a50fbaee16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
c11c35efa89ed500a92171d31cb54ab636de7c64c7824522bf80d08775d8c706
ce34c0b77e43771f70ddc87c5487cc31af6e614b48fcb3cf38c07fba8fa30810
d5b9ef008c1a7e1ef9f1da94a21c53342707ca1de846cc827913fb3e91895cf2
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
dc1e86402ced8ca79531a86c299d37ebd3f1d41b506ec643bb9315b133600dfa
e25a7723726c566cfc2a659482bba6fc00596edcd90837388346e8d11070d165
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5